urlscan.io logo urlscan.io
SecurityTrails logo

www.thefirsttv.com Open in urlscan Pro
2a04:4e42::729  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Submission: On April 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 8 countries across 84 domains to perform 261 HTTP transactions. The main IP is 2a04:4e42::729, located in United States and belongs to FASTLY, US. The main domain is www.thefirsttv.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on November 26th 2021. Valid for: a year.
This is the only time www.thefirsttv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a04:4e42::729 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
15 2606:2800:133... 15133 (EDGECAST)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 108.138.7.71 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
4 35.201.71.192 15169 (GOOGLE)
3 35.245.135.104 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 108.157.4.59 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.138.7.53 16509 (AMAZON-02)
4 18 184.87.213.8 16625 (AKAMAI-AS)
5 142.250.186.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 152.199.21.114 15133 (EDGECAST)
1 54.231.201.97 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.107 16509 (AMAZON-02)
2 35.227.238.208 15169 (GOOGLE)
1 13.226.156.190 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 2620:116:800d... 16509 (AMAZON-02)
2 54.246.43.245 16509 (AMAZON-02)
3 35.157.246.167 16509 (AMAZON-02)
2 34.107.148.139 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 7 185.33.220.100 29990 (ASN-APPNEX)
2 104.92.100.195 16625 (AKAMAI-AS)
2 178.250.2.131 44788 (ASN-CRITE...)
3 35.157.99.247 16509 (AMAZON-02)
2 2602:803:c004... 26667 (RUBICONPR...)
1 130.211.23.194 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.227.129.229 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:df:... 20940 (AKAMAI-ASN1)
4 65.9.7.112 16509 (AMAZON-02)
1 1 52.222.236.53 16509 (AMAZON-02)
1 1 54.77.205.241 16509 (AMAZON-02)
1 54.216.156.68 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
4 3.218.212.203 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 34.238.213.165 14618 (AMAZON-AES)
1 178.250.2.146 44788 (ASN-CRITE...)
1 88.198.33.89 24940 (HETZNER-AS)
2 184.87.212.24 ()
2 104.102.28.239 ()
3 23.35.228.201 ()
2 104.89.20.125 ()
2 104.36.113.23 ()
2 5 52.223.40.198 ()
4 4 69.173.144.165 ()
7 11 142.250.181.226 ()
1 2 2a05:d018:d29... ()
1 3 69.173.144.139 ()
2 3 52.94.220.185 ()
2 35.244.174.68 ()
1 2a00:1288:80:... ()
2 4 209.54.180.3 ()
2 3 44.199.37.161 ()
3 3 74.121.143.245 ()
2 2 135.125.160.77 ()
1 2606:4700:20:... ()
3 4 3.122.174.248 ()
3 5 104.89.45.32 ()
1 1 185.183.112.148 ()
2 2 193.0.160.129 ()
3 4 37.157.4.29 ()
1 151.101.130.49 ()
1 20 185.64.190.80 ()
2 3 52.210.7.127 ()
1 216.52.31.49 ()
1 1 178.250.0.163 ()
1 169.197.150.7 ()
2 2 3.123.52.20 ()
1 1 154.59.122.79 ()
1 2 2606:4700:440... ()
1 38.27.122.101 ()
1 1 104.45.178.220 ()
1 1 23.88.75.189 ()
2 185.64.190.81 ()
1 2 169.50.137.182 ()
1 1 2001:678:cb4:... ()
1 1 18.156.0.31 ()
1 1 54.225.138.85 ()
1 2a02:fa8:8806... ()
1 66.155.71.149 ()
1 1 34.102.253.54 ()
1 1 185.33.220.145 ()
1 198.47.127.20 ()
1 1 2a04:4e42:400... ()
1 151.101.65.44 ()
2 2 213.19.147.44 ()
1 1 52.21.142.155 ()
1 2 77.243.60.138 ()
1 3.68.148.208 ()
1 54.159.218.116 ()
1 54.194.100.43 ()
261 97
3    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
www.thefirsttv.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
15    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
tf-a1.azureedge.net
7    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
5    2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.138.7.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-71.fra56.r.cloudfront.net
tag.getdrip.com
1    2600:9000:2156:5800:1e:9742:1680:21 (United States)

ASN16509 (AMAZON-02, US)
d14jnfavjicsbe.cloudfront.net
7    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
3    35.245.135.104 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 104.135.245.35.bc.googleusercontent.com
player.zype.com
admin.zype.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    108.157.4.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-59.dus51.r.cloudfront.net
api.getdrip.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    108.138.7.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-53.fra56.r.cloudfront.net
ats.rlcdn.com
18    184.87.213.8 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    152.199.21.114 (United States)

ASN15133 (EDGECAST, US)
resources.zype.com
gvimage.zype.com
gvsm.zype.com
1    54.231.201.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
mediamelon-builds.s3.amazonaws.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    18.66.248.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-107.dus51.r.cloudfront.net
geo.privacymanager.io
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
1    13.226.156.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-190.dus51.r.cloudfront.net
do0ne7yeju3uz.cloudfront.net
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    54.246.43.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-43-245.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    35.157.99.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-99-247.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2600:9000:223c:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    54.227.129.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-129-229.compute-1.amazonaws.com
register.mediamelon.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
4    2a02:26f0:df:39f::aa5 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
ma1169-r.analytics.edgekey.net
4    65.9.7.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-112.fra56.r.cloudfront.net
mf.zype.com
1    52.222.236.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-53.fra56.r.cloudfront.net
ab.zype.com
1    54.77.205.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-205-241.eu-west-1.compute.amazonaws.com
vid.springserve.com
1    54.216.156.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-156-68.eu-west-1.compute.amazonaws.com
bc-ssb-dub.springserve.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    3.218.212.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-212-203.compute-1.amazonaws.com
beacons.mediamelon.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:2156:e000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    34.238.213.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-213-165.compute-1.amazonaws.com
ping.chartbeat.net
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    88.198.33.89 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.33.89.clients.your-server.de
license.theoplayer.com
2    184.87.212.24 (None, )

ASN- ()
contextual.media.net
2    104.102.28.239 (None, )

ASN- ()
acdn.adnxs.com
3    23.35.228.201 (None, )

ASN- ()
ads.pubmatic.com
2    104.89.20.125 (None, )

ASN- ()
eus.rubiconproject.com
2    104.36.113.23 (None, )

ASN- ()
image6.pubmatic.com
5    52.223.40.198 (None, )

ASN- ()
match.adsrvr.org
4    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
11    142.250.181.226 (None, )

ASN- ()
cm.g.doubleclick.net
2    2a05:d018:d29:3605:9290:fe02:2ee8:2378 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
3    52.94.220.185 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
idsync.rlcdn.com
1    2a00:1288:80:807::2 (None, )

ASN- ()
ads.yahoo.com
4    209.54.180.3 (None, )

ASN- ()
s.amazon-adsystem.com
3    44.199.37.161 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
3    74.121.143.245 (None, )

ASN- ()
sync.mathtag.com
2    135.125.160.77 (None, )

ASN- ()
gu.dyntrk.com
1    2606:4700:20::681a:ad1 (None, )

ASN- ()
ad4m.at
4    3.122.174.248 (None, )

ASN- ()
x.bidswitch.net
5    104.89.45.32 (None, )

ASN- ()
px.owneriq.net
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
2    193.0.160.129 (None, )

ASN- ()
p.rfihub.com
4    37.157.4.29 (None, )

ASN- ()
c1.adform.net
1    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
20    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
3    52.210.7.127 (None, )

ASN- ()
match.prod.bidr.io
1    216.52.31.49 (None, )

ASN- ()
cm.adgrx.com
1    178.250.0.163 (None, )

ASN- ()
dis.criteo.com
1    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
2    3.123.52.20 (None, )

ASN- ()
pm.w55c.net
1    154.59.122.79 (None, )

ASN- ()
ums.acuityplatform.com
2    2606:4700:4400::6812:230b (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    38.27.122.101 (None, )

ASN- ()
match.bnmla.com
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
1    23.88.75.189 (None, )

ASN- ()
csync.loopme.me
2    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
2    169.50.137.182 (None, )

ASN- ()
um.simpli.fi
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    54.225.138.85 (None, )

ASN- ()
sync.ipredictive.com
1    2a02:fa8:8806:12::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    66.155.71.149 (None, )

ASN- ()
pixel-sync.sitescout.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    185.33.220.145 (None, )

ASN- ()
secure.adnxs.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.65.44 (None, )

ASN- ()
match.taboola.com
2    213.19.147.44 (None, )

ASN- ()
sync.1rx.io
1    52.21.142.155 (None, )

ASN- ()
sync.srv.stackadapt.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    3.68.148.208 (None, )

ASN- ()
aa.agkn.com
1    54.159.218.116 (None, )

ASN- ()
rtb.adentifi.com
1    54.194.100.43 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
30 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com Failed
40 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
106 KB
17 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
cm.g.doubleclick.net
157 KB
17 zype.com
player.zype.com — Cisco Umbrella Rank: 166312
resources.zype.com — Cisco Umbrella Rank: 187823
admin.zype.com — Cisco Umbrella Rank: 191802
gvimage.zype.com — Cisco Umbrella Rank: 178066
mf.zype.com — Cisco Umbrella Rank: 174080
ab.zype.com — Cisco Umbrella Rank: 994962
gvsm.zype.com — Cisco Umbrella Rank: 178972
12 MB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 463
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
16 KB
15 azureedge.net
tf-a1.azureedge.net
1 MB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
15 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
acdn.adnxs.com
secure.adnxs.com
46 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
536 KB
9 pub.network
a.pub.network — Cisco Umbrella Rank: 6014
d.pub.network — Cisco Umbrella Rank: 6282
c.pub.network — Cisco Umbrella Rank: 6190
351 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
26 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
5 KB
7 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 846
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
3 KB
6 mediamelon.com
register.mediamelon.com — Cisco Umbrella Rank: 128990
beacons.mediamelon.com — Cisco Umbrella Rank: 131457
1 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 758
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
dis.criteo.com
8 KB
5 owneriq.net
px.owneriq.net
2 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 723
5 KB
5 getdrip.com
tag.getdrip.com — Cisco Umbrella Rank: 20522
api.getdrip.com — Cisco Umbrella Rank: 22094
61 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3059
onesignal.com — Cisco Umbrella Rank: 1122
83 KB
4 adform.net
c1.adform.net
2 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 edgekey.net
ma1169-r.analytics.edgekey.net — Cisco Umbrella Rank: 205455
13 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
contextual.media.net
18 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com
950 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1077
346 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 975
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 417
fonts.googleapis.com — Cisco Umbrella Rank: 46
332 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1312
id.rlcdn.com
idsync.rlcdn.com
38 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 942
162 KB
3 thefirsttv.com
www.thefirsttv.com
31 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 1rx.io
sync.1rx.io
741 B
2 taboola.com
trc.taboola.com
match.taboola.com
528 B
2 simpli.fi
um.simpli.fi
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 rfihub.com
p.rfihub.com
2 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 632
58 KB
2 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 6065
bc-ssb-dub.springserve.com — Cisco Umbrella Rank: 89421
656 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 614
453 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1307
1 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 10697
2 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1133
api.btloader.com — Cisco Umbrella Rank: 1274
38 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
65 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5383
adservice.google.de — Cisco Umbrella Rank: 7579
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
315 B
2 cloudfront.net
d14jnfavjicsbe.cloudfront.net
do0ne7yeju3uz.cloudfront.net
109 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
1 gumgum.com
rtb.gumgum.com
209 B
1 adentifi.com
rtb.adentifi.com
47 B
1 agkn.com
aa.agkn.com
349 B
1 stackadapt.com
sync.srv.stackadapt.com
611 B
1 playground.xyz
ads.playground.xyz
461 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 turn.com
ad.turn.com
518 B
1 loopme.me
csync.loopme.me
217 B
1 inmobi.com
mweb.ck.inmobi.com
348 B
1 bnmla.com
match.bnmla.com
112 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 everesttech.net
sync-tm.everesttech.net
177 B
1 adotmob.com
sync.adotmob.com
307 B
1 ad4m.at
ad4m.at
1 theoplayer.com
license.theoplayer.com — Cisco Umbrella Rank: 10190
176 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1170
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1216
14 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 903
1 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1433
590 B
1 amazonaws.com
mediamelon-builds.s3.amazonaws.com — Cisco Umbrella Rank: 253223
285 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 7205
538 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1567
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
0 exelator.com Failed
loada.exelator.com Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 mxptint.net Failed
pmp.mxptint.net Failed
261 84
Domain Requested by
15 simage2.pubmatic.com 1 redirects ads.pubmatic.com
15 tf-a1.azureedge.net www.thefirsttv.com
11 cm.g.doubleclick.net 7 redirects ssum-sec.casalemedia.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
8 tpc.googlesyndication.com be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 ib.adnxs.com 1 redirects a.pub.network
acdn.adnxs.com
7 www.gstatic.com www.google.com
www.gstatic.com
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
7 www.google.com www.thefirsttv.com
www.gstatic.com
www.google.com
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
www.thefirsttv.com
tpc.googlesyndication.com
5 image2.pubmatic.com ads.pubmatic.com
5 px.owneriq.net 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
5 resources.zype.com player.zype.com
resources.zype.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.thefirsttv.com
5 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
5 a.pub.network www.thefirsttv.com
a.pub.network
4 c1.adform.net 3 redirects ads.pubmatic.com
4 x.bidswitch.net 3 redirects ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
4 beacons.mediamelon.com mediamelon-builds.s3.amazonaws.com
4 mf.zype.com resources.zype.com
4 ma1169-r.analytics.edgekey.net resources.zype.com
4 api.getdrip.com d14jnfavjicsbe.cloudfront.net
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 pixel.rubiconproject.com 1 redirects
3 ads.pubmatic.com a.pub.network
ads.pubmatic.com
3 gvsm.zype.com resources.zype.com
3 be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.pub.network a.pub.network
3 btlr.sharethrough.com a.pub.network
3 c2shb.ssp.yahoo.com a.pub.network
3 fonts.gstatic.com www.google.com
fonts.googleapis.com
3 onesignal.com cdn.onesignal.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.thefirsttv.com
3 use.fontawesome.com www.thefirsttv.com
use.fontawesome.com
3 www.thefirsttv.com www.thefirsttv.com
2 uipglob.semasio.net 1 redirects
2 sync.1rx.io 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 p.rfihub.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
2 acdn.adnxs.com a.pub.network
2 contextual.media.net a.pub.network
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net a.pub.network
static.criteo.net
2 pixel.quantserve.com 1 redirects www.thefirsttv.com
2 register.mediamelon.com mediamelon-builds.s3.amazonaws.com
2 fastlane.rubiconproject.com a.pub.network
2 bidder.criteo.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 prebid.media.net a.pub.network
2 ads.yieldmo.com a.pub.network
2 ad-delivery.net www.thefirsttv.com
2 api.floors.dev a.pub.network
2 imasdk.googleapis.com player.zype.com
imasdk.googleapis.com
resources.zype.com
2 www.googletagservices.com a.pub.network
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
2 www.facebook.com www.thefirsttv.com
2 player.zype.com tf-a1.azureedge.net
resources.zype.com
2 connect.facebook.net www.thefirsttv.com
connect.facebook.net
2 cdn.onesignal.com www.thefirsttv.com
cdn.onesignal.com
1 rtb.gumgum.com
1 rtb.adentifi.com
1 aa.agkn.com
1 sync.srv.stackadapt.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 ad.turn.com 1 redirects
1 idsync.rlcdn.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync-tm.everesttech.net ads.pubmatic.com
1 sync.adotmob.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 ads.yahoo.com
1 id.rlcdn.com
1 license.theoplayer.com resources.zype.com
1 mug.criteo.com
1 ping.chartbeat.net
1 static.chartbeat.com www.thefirsttv.com
1 fonts.googleapis.com be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
1 bc-ssb-dub.springserve.com
1 vid.springserve.com 1 redirects
1 ab.zype.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 gvimage.zype.com www.thefirsttv.com
1 s0.2mdn.net imasdk.googleapis.com
1 rules.quantcount.com secure.quantserve.com
1 api.btloader.com freestar-io.videoplayerhub.com
1 secure.quantserve.com a.pub.network
1 do0ne7yeju3uz.cloudfront.net www.thefirsttv.com
1 geo.privacymanager.io ats.rlcdn.com
1 admin.zype.com player.zype.com
1 mediamelon-builds.s3.amazonaws.com player.zype.com
1 ats.rlcdn.com a.pub.network
1 btloader.com www.thefirsttv.com
1 freestar-io.videoplayerhub.com 1 redirects
1 pghub.io a.pub.network
1 www.google.de www.thefirsttv.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.pub.network a.pub.network
1 d14jnfavjicsbe.cloudfront.net tag.getdrip.com
1 tag.getdrip.com www.thefirsttv.com
1 www.googletagmanager.com www.thefirsttv.com
0 aud.pubmatic.com Failed
0 loada.exelator.com Failed
0 gocm.c.appier.net Failed ads.pubmatic.com
0 pmp.mxptint.net Failed ads.pubmatic.com
261 133
Subject Issuer Validity Valid
*.thefirsttv.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-26 -
2022-04-26		 3 months crt.sh
*.getdrip.com
Amazon		 2022-01-28 -
2023-02-26		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
player.zype.com
ZeroSSL RSA Domain Secure Site CA		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.zype.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-04 -
2023-05-05		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
admin.zype.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
api.floors.dev
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-02-23 -
2022-05-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.mediamelon.com
Go Daddy Secure Certificate Authority - G2		 2022-01-28 -
2023-01-28		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.analytics.edgekey.net
DigiCert SHA2 Secure Server CA		 2021-06-10 -
2022-06-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
license.theoplayer.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-04 -
2022-10-04		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-12-05 -
2022-12-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 46 frames:

Primary Page: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Frame ID: 5712D15EAB6994EC53B9E0A3E3DF108B
Requests: 132 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
Frame ID: 98AF4CF489EF33B2FC83FE831A9FCE99
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv
Frame ID: 3ED23F32737BF8B058E386C2203DBB59
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D77AF5F871CD4056ABB92E631D1E2F6B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: FB8D59F3FFEC8255DF1744B1EC6C5E62
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: D00975FA22851A2584EA4EA4B3FCD43A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Frame ID: 3B7599127B614280898E9F5CCC6C328A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 371BA9B8FFD498D98227CB8103585504
Requests: 1 HTTP requests in this frame

Frame: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07539BDF5B9D91F8D66CCBE48D05A286
Requests: 1 HTTP requests in this frame

Frame: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F81B508C48404D514BF234E68D21195D
Requests: 15 HTTP requests in this frame

Frame: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D40CBFF23EFD2FB089E2E40EE2AF0FC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thefirsttv.com
Frame ID: 93168A38D70C4255FDF6ADBFC74CF174
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: C94E38197DA67E0DA3839FEE91FA94B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CFAF08D69ED9668489964BA3EE60597
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DC0AFEBEC8B96952814524EF841D403
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 43E202B49F88AE7B8A197058E616139D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D6E71E70226A948E11583D30B10AE41E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0A7125FB3B16527974296811CAC4BEF5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FB3C780AD139BF054837E08B2EF29E87
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: FC9DA1D3936DEE579E8D99EE21225334
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9568F359C218EE14954EE5D01143C689
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B2CEF6F85207A8E333127DBFEA2F8938
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 474375D8DD58C3C753FE774AEBDDB506
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 9461B90F2EF0ACB79AE24D06035B8D08
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A87C07837CBD7CC95300498021E56625
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E99B77C432EF708C9833EC798DE145CF
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Frame ID: 2B1FA87A1B42FE0BC0739B3E87803A9A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 1B304B46D73538D3200163473A08E6A8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ad1625e-c487-4e00-b257-e32ab70696a1&gdpr=0&gdpr_consent=
Frame ID: C2B2D52606040C1A60BFE6336E9100F7
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 363F2B3D37EEB6A831181716DFE7A675
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B1E5059230A3F8EC05988BB7A948AA3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 6B3C47F4688574614124E0AF2344C270
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 2C94F02E463DFE2D015C571AF889C24C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:udtAqyQm1NGOFN5&gdpr=0&gdpr_consent=
Frame ID: 120F853B3BB79474EC2CA6A98DA8047E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664186172074
Frame ID: F628CD65BA199C617474F7A7F43AC3A7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B55F76282DFDA34F4FA2A956AD0C3C71
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: D7AF0090441DE1A778D992D981633035
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 5DC0C9191CAC4B97899CBD7D4F2661F0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=4f68d4b0-fd77-4a61-892f-211fd1c0e2a6
Frame ID: 13F37AFFF53EF4834B63D747B9553C3D
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Frame ID: 172C05A3330FB8F6D16EF733CBFC8CC0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: A8747DC65CE8F9E3D55D8BE2211C2753
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d151d505-344e-48e8-9f4b-332bf7cca69d-tuct9584a09&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 99FB9B92F984FFF38EE8CFF846CA487E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: C523B9AEEB8C19762B8B5363EA895FFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:419F89DCFE4B4452BBC1E26AD2101BF0
Frame ID: A8298DFEE6BD6F86A51658E7169C2318
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 08BA11722AA661947CB56D39C1284E27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YyIFG68WQ2hC1JcNWE3wh9ly14U
Frame ID: FD0DAF223BC2471CB3B6A4CE3B91E79B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VIDEO PROOF: Evidence Of Mail-In Ballot Fraud – The First TV

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

261
Requests

84 %
HTTPS

34 %
IPv6

84
Domains

133
Subdomains

97
IPs

8
Countries

16067 kB
Transfer

22436 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 121
  • https://ab.zype.com/eyJhbGciOiJIUzI1NiJ9.eyJhZF91cmwiOiJodHRwczovL3ZpZC5zcHJpbmdzZXJ2ZS5jb20vdmFzdC82MjMzOTQ_dz1bcGxheWVyX3dpZHRoXSZoPVtwbGF5ZXJfaGVpZ2h0XSZjYj0zNzIyODIyMTMmaXA9MjE3LjExNC4yMTUuMTMzJnVhPU1vemlsbGElMkY1LjArJTI4V2luZG93cytOVCsxMC4wJTNCK1dpbjY0JTNCK3g2NCUyOStBcHBsZVdlYktpdCUyRjUzNy4zNislMjhLSFRNTCUyQytsaWtlK0dlY2tvJTI5K0Nocm9tZSUyRjEwMC4wLjQ4OTYuNzUrU2FmYXJpJTJGNTM3LjM2JmRpZD04NmZjNTQyNS1kNTMwLTQyODgtYmNmNS1hNjg1OTUwM2I1YTgmdXNfcHJpdmFjeT0xLSZjb250ZW50X2lkPTYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZSZjb250ZW50X2VwaXNvZGU9JmNvbnRlbnRfdGl0bGU9VklERU8rUFJPT0YlM0ErRXZpZGVuY2UrT2YrTWFpbC1JbitCYWxsb3QrRnJhdWQmY29udGVudF9zZWFzb249JmR1cj0yNzYmYXA9MSZkZXNjPUxpeitIYXJyaW5ndG9uK2lzK3RoZStzcG9rZXNwZXJzb24rZm9yK0RvbmFsZCtUcnVtcCt0bytnaXZlK3RoZStsYXRlc3Qrb24rdGhlK2ludmVzdGlnYXRpb24raW4rR2VvcmdpYS4mdmlkPTYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZSZ6eXBlX2FkPSZhcHBfbmFtZT1UaGVGaXJzdFRWJmFwcF9pZD01ZGZhYTVjYTY5Y2U5NDAwMDE0ZDA2YWUmZG9tYWluPXd3dy50aGVmaXJzdHR2LmNvbSZ1cmw9aHR0cHMlM0ElMkYlMkZ3d3cudGhlZmlyc3R0di5jb20lMkYiLCJ2aWRlb19pZCI6IjYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZSIsInNpdGVfaWQiOiI1ZGZhN2MzNmRiNGU5MDAwMDFhZDJhZmYiLCJwYXl3YWxsIjpmYWxzZSwiZGF0ZSI6IjIwMjItMDQtMTlUMTQ6MTc6MzQrMDA6MDAiLCJlbnYiOiJwcm9kdWN0aW9uIiwicGxheWVyX3R5cGUiOiJaeXBlIHBvd2VyZWQgYnkgVEhFT3BsYXllciIsImRldmljZV90eXBlIjoiRGVza3RvcCJ9.N7COhluIgjtPANS_AG_nyxacBuZjAsCt_AdbMwxTWTg?&player_width=1080&player_height=607 HTTP 302
  • https://vid.springserve.com/vast/623394?w=1080&h=607&cb=372282213&ip=217.114.215.133&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F100.0.4896.75+Safari%2F537.36&did=86fc5425-d530-4288-bcf5-a6859503b5a8&us_privacy=1-&content_id=6257517b32d8eb00015ee52e&content_episode=&content_title=VIDEO+PROOF%3A+Evidence+Of+Mail-In+Ballot+Fraud&content_season=&dur=276&ap=1&desc=Liz+Harrington+is+the+spokesperson+for+Donald+Trump+to+give+the+latest+on+the+investigation+in+Georgia.&vid=6257517b32d8eb00015ee52e&zype_ad=&app_name=TheFirstTV&app_id=5dfaa5ca69ce9400014d06ae&domain=www.thefirsttv.com&url=https%3A%2F%2Fwww.thefirsttv.com%2F HTTP 302
  • https://bc-ssb-dub.springserve.com/ssb?r=469ea89a-1f9a-47a8-8a37-7bfe3d9bcfb9&t=1650377857&h=dub.internal&aid=1149
Request Chain 157
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thefirsttv.com&sn=ChromeSyncframe&so=0&topUrl=www.thefirsttv.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=a2CkpHxUdUpXUFN1Z2Z0elVMOTJYem4ydUVzRlduaTlTM2dHRXNDQnhkRFd4ZmZCcHJYUHFiVGVhc2hUalBOVnRiL2R6bWpxNnFpa3ZKaStxL2RSZWh6MjF5aWNlcU9BQkFKVFE1VDd5SHl3WThlYW81SE44ZHRtd0orUUcrOUNvN3hDNzl4Wk5paXg2L2M4TU1MWW13eWdTTjQrOUdlcWtybEhPcjluZEI5RFJqV1RPdHltYlgrZU9JbGtQRTRFYS9WeVNvOFZ2QjhIWG1GOHlBVUdBaHFFcFBkeHZlMFdzWEY1VWFpMkJjYkxWdFRObXk2M0xKRGhRZnRDN0VoK1dOKzB2RFp5NHJhbDBkTUt3alVOK1RadGVmZz09fA&cppv=2
Request Chain 185
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 187
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 192
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2OEQzSVEtRy0zT1hM
Request Chain 193
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rmpj99r9-EbQPvg3mMifmQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=300619173170518649
Request Chain 194
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=160028vnSMOLw6nHcFm7kg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=160028vnSMOLw6nHcFm7kg
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAyOqR7JqZV8J1httEyROaI&google_cver=1
Request Chain 197
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L268D3IQ-G-3OXL&sigv=1&esig=2~544403f3fd6cf252372daad929adc1da09cdea8f
Request Chain 198
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NzhhZmJjMTM2ODY5ZGI4ZGQxNTcyZTI3ZjM4ODlhOTcyODFjMA
Request Chain 200
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB&dcc=t
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl7Ehpn9HpjTSFXoo7ywXQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
Request Chain 203
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1d06c63d-ad32-42ab-b010-d2f57a2a1227&expiration=1681913862
Request Chain 204
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6130625e-c487-4f00-a43e-8561f60628a3&gdpr=1&gdpr_consent=
Request Chain 205
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 209
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl7Ehpn9HpjTSFXoo7ywXQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
Request Chain 210
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB&dcc=t
Request Chain 213
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7036642621990075442&uid=Q7036642621990075442&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 214
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 215
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084920482419468
Request Chain 217
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Request Chain 219
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ad1625e-c487-4e00-b257-e32ab70696a1&gdpr=0&gdpr_consent=
Request Chain 220
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDaGkwN0V2WWtBQURoUTVjakdWdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 222
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 224
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:udtAqyQm1NGOFN5&gdpr=0&gdpr_consent=
Request Chain 225
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664186172074
Request Chain 226
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 227
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 229
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=4f68d4b0-fd77-4a61-892f-211fd1c0e2a6
Request Chain 230
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=1d06c63d-ad32-42ab-b010-d2f57a2a1227&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Request Chain 231
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xW4GKEQyT6ivq3wYFf2FWg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 234
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a998625e-c487-4700-8ccc-be064800a9d5
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzU2RTA2MjgtNDQzMi00RkE4LUFGQUItN0MxODE1RkQ4NTVB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKjD0PqNtyojo_q_W1S3iFI&google_cver=1
Request Chain 238
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3358207684545962194&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da717259-5f23-43a8-b222-915439826ac3
Request Chain 241
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WCQIpqZE2uWvhXvvg7t.iOM1i7IeEiI-~A&gdpr=0&gdpr_consent=
Request Chain 242
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3993354963865332781&gdpr=0&gdpr_consent=
Request Chain 243
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7a6b8878-bfeb-11ec-9ef8-b58c47202952&gdpr=0&gdpr_consent=
Request Chain 246
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cWVmEyRja0ZqYjEUI2R-RHc2akRqYzFAdGeyCXJZ
Request Chain 247
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920482419468&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3302f104-d4d4-4600-8c8e-d1b9e721c24c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 248
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8262819883627744097
Request Chain 250
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3993354963865332781
Request Chain 255
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d151d505-344e-48e8-9f4b-332bf7cca69d-tuct9584a09&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 256
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650377865922 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 257
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:419F89DCFE4B4452BBC1E26AD2101BF0
Request Chain 259
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YyIFG68WQ2hC1JcNWE3wh9ly14U
Request Chain 260
  • https://pixel.onaudience.com/?partner=214&mapped=C56E0628-4432-4FA8-AFAB-7C1815FD855A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=da717259-5f23-43a8-b222-915439826ac3&icm HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=8262819883627744097&gdpr=1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
Request Chain 261
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&addseg=19,36,42
Request Chain 262
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C56E0628-4432-4FA8-AFAB-7C1815FD855A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C56E0628-4432-4FA8-AFAB-7C1815FD855A&sInitiator=external&gdpr=0&gdpr_consent=

261 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/ 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdc8321b2e91a6509adeb7e128edd933c3df7a9bd7255cf27a0ee368ac5d8b09
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
8730
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 14:17:32 GMT
strict-transport-security
max-age=31557600
vary
Accept-Encoding
x-cache
HIT, MISS
x-cache-hits
1, 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-mdw17340-MDW, cache-hhn4021-HHN
style.min.css
www.thefirsttv.com/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thefirsttv.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1227820
x-cache
HIT, HIT
x-cache-hits
1, 1
vary
Accept-Encoding
content-length
10523
x-served-by
cache-mdw17368-MDW, cache-hhn4021-HHN
last-modified
Mon, 16 Aug 2021 15:36:53 GMT
x-frame-options
SAMEORIGIN
etag
"13abe-5c9aef86f73ad-gzip"
strict-transport-security
max-age=31557600
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Thu, 05 May 2022 09:13:53 GMT
style-1.2.6.min.css
www.thefirsttv.com/wp-content/themes/thefirst/build/css/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thefirsttv.com/wp-content/themes/thefirst/build/css/style-1.2.6.min.css
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
69507bf4d6d18f10d2873d125d3c7d34589845d38f2a0bd79bf5ffe16ae97777
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2963524
x-cache
HIT, HIT
x-cache-hits
2, 1
vary
Accept-Encoding
content-length
11971
x-served-by
cache-mdw17348-MDW, cache-hhn4021-HHN
last-modified
Thu, 23 Dec 2021 22:07:43 GMT
x-frame-options
SAMEORIGIN
etag
"1437f-5d3d777b0354e-gzip"
strict-transport-security
max-age=31557600
content-type
text/css
cache-control
max-age=15552000, public
accept-ranges
bytes
expires
Mon, 12 Sep 2022 07:05:28 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-148110630-1
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4cd521e5f4678c011c84fed1e172677c7eab2cc5bc114ad813bdb48d8ba9f350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38582
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Apr 2022 14:17:33 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1834
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6fe643b24ddb9b64-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 22 Apr 2022 14:17:33 GMT
header-logo2.png
tf-a1.azureedge.net/static/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/static/images/header-logo2.png
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F48) /
Resource Hash
7c339053741a176be919347bdfabd8b19a26afb08bf7dd98941384924d18417b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Apr 2022 14:17:33 GMT
content-md5
ZYE1p04LHGQto6q2Et4Jdw==
age
1833843
x-ms-server-encrypted
true
x-cache
HIT
content-length
21596
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 28 Feb 2020 16:18:14 GMT
last-modified
Fri, 28 Feb 2020 16:18:50 GMT
server
ECAcc (frc/8F48)
x-ms-error-code
ConditionNotMet
etag
"0x8D7BC69E5C96FA1"
content-type
image/png
x-ms-request-id
0da19cbf-801e-0038-644a-4383dd000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
app-1.2.6.min.js
tf-a1.azureedge.net/static/js/ 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tf-a1.azureedge.net/static/js/app-1.2.6.min.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E85) /
Resource Hash
5c731794fefb6d28c892937a78451b76d22dfa8180b0f061af1acca5859d8df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
gzip
content-md5
WeC02Qt/r56xHAsBg868Jg==
age
5775194
x-ms-server-encrypted
true
x-cache
HIT
content-length
19644
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 11 Feb 2022 17:36:51 GMT
last-modified
Fri, 11 Feb 2022 17:37:36 GMT
server
ECAcc (frc/8E85)
etag
"0x8D9ED85315D6F3F+gzip"
vary
Accept-Encoding
content-type
text/javascript
x-ms-request-id
85612957-d01e-0025-1c71-1f8e61000000
cache-control
public, max-age=15552000
x-ms-version
2019-02-02
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d31ba6646e46f3b036de14325472c4be1c992e80ed978b470c4f598e803a953
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 14:17:33 GMT
all.css
use.fontawesome.com/releases/v5.11.2/css/ 		56 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.11.2/css/all.css
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/wp-content/themes/thefirst/build/css/style-1.2.6.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7265020
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NXP6N67P3WSXK15V
x-amz-id-2
uNTuVbAqWBNV5XmWa7sUdSmQXMSpV6QB14Rhkgvr8MQMlv7bLfsafT4HF3p1XWuo1yFiTfNefOI=
last-modified
Wed, 30 Jun 2021 15:37:11 GMT
server
cloudflare
etag
W/"41d394990448b2c2b1afe840e837dc8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvgSUHVyqNsFF35%2BnciOCIpXRj%2BSADji5Hn43xfeIYFqZLavjjsOuW%2BdZ6vEFLktfXCpHFRaoOobyNGKuGOC2Y7kvoNZCNNB9jjQ4cTocAPeGYoZyEyfdnKdtRH%2B9E9Cl6zBj2axGN%2B1%2BvlPNo5RbsTp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6fe643ad7968911f-FRA
pubfig.min.js
a.pub.network/thefirsttv-com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/thefirsttv-com/pubfig.min.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911b1a5904ffde75ad46f348610dea3bde75fb10143f5010da33dbe64d5aa7ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=7XxF5w==, md5=dwJ6xyQVMaLivFwUDPlatw==
date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20965
x-guploader-uploadid
ADPycdsrLy6oxPcQ3JfiKSRgr52eF42m7DWf8mpRK9f2-Q6vwVfdJKOksXTdaAiH8eHBUztl2SGu-qg-uwPpeWB6Uq30YlyHpMjh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 18 Apr 2022 15:17:35 GMT
server
cloudflare
etag
W/"77027ac7241531a2e2bc5c140cf95ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bL6LTIV15n6cB%2FP%2BHp%2FbqG9mUM0ZkDcY4U5uJ9w%2BW7KzUaDeQIDlwjHsLcTyIuc3WBcxKHqaRYFi2Av0wEeMu8Avr%2BRJL0idTGi431N0AEjj9QQG7R1WQgFBCyJmQOgLn9764Darkj1G3H4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1650295055611326
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
120888
cf-ray
6fe643b24aac9064-FRA
expires
Tue, 19 Apr 2022 08:29:08 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.11.2/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.11.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.11.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer
https://use.fontawesome.com/releases/v5.11.2/css/all.css
Origin
https://www.thefirsttv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
462613
cf-ray
6fe643ae3dd39c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75336
x-amz-id-2
koKJhJ0Li41BT0eO+yQiaTUhijZ3VZ3pzFtKvDfqFX3xF/+j/YzIoCuqIEkdA+VPPUbg0NS2uCU=
last-modified
Wed, 30 Jun 2021 15:37:33 GMT
server
cloudflare
etag
"cccc9d29470e879e40eb70249d9a2705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqFm7cy2SVNzuCWoVPp1%2FPCTtPjiNFPbY%2BnJY1IVGcoPbUub0rLzEtGBu05L%2FYsLnXbO5cjnJmBmML6t3iU2CZr0KLJ4WNmpn%2BcNUa1L%2FdfiqfmVmH7FsHK1DEhtldH%2Fj2lUMvdWGCBLO%2FO3xP2GRSKu"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
F1BEPQ3MD4P0TNCS
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-solid-900.woff2
use.fontawesome.com/releases/v5.11.2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.11.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

Referer
https://use.fontawesome.com/releases/v5.11.2/css/all.css
Origin
https://www.thefirsttv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4301290
cf-ray
6fe643ae3ddb9c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
x-amz-id-2
9X1lhNyNmijJ6zpdus91xdM/scuJWTkXVuDPb/40zk8ZSe8LVs1anjBwbdBNK4utGMvn/wgkYxA=
last-modified
Wed, 30 Jun 2021 15:37:33 GMT
server
cloudflare
etag
"44d537ab79f921fde5a28b2c1636f397"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFUQ5AiSS1NjxEC7qmIEE0aI%2F2TnlPnLqISHs6McCGm7pkuLNXcOnCxwUbk34syOxaigYFTq34sLk6fj5WECQhLAtTrEfM5jzYN2ODc4PELwtf9FQYAes6MENYAupHZcCLGDsIQU7HWDkK3Bnb13LF1f"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
WTY2DW3WY3VPW9KV
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
email-signup-box-2-800x622.jpg
tf-a1.azureedge.net/uploads/2020/01/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2020/01/email-signup-box-2-800x622.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F44) /
Resource Hash
3627280b95728043695656f63aae2766ac598f755e19e1026edf790afd7b7c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:33 GMT
age
1977277
x-ms-server-encrypted
true
x-cache
HIT
content-length
56143
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 27 Jan 2020 18:30:10 GMT
last-modified
Fri, 14 Feb 2020 17:47:56 GMT
server
ECAcc (frc/8F44)
x-ms-error-code
ConditionNotMet
x-ms-blob-committed-block-count
1
etag
"0x8D7B17606102A70"
content-type
image/jpeg
x-ms-request-id
f7f5bc2f-701e-005e-33fc-41ccfd000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
052520-1200x1200-05-768x768.jpg
tf-a1.azureedge.net/uploads/2020/07/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2020/07/052520-1200x1200-05-768x768.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
461f75d119c6d4eaf11efe1500a7d814fe09e5a5724a8c1346282c12951190b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:33 GMT
age
1628981
x-ms-server-encrypted
true
x-cache
HIT
content-length
98257
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 20 Jul 2020 13:39:58 GMT
last-modified
Mon, 20 Jul 2020 13:39:58 GMT
server
ECAcc (frc/8F0A)
x-ms-error-code
ConditionNotMet
x-ms-blob-committed-block-count
1
etag
"0x8D82CB26507E586"
content-type
image/jpeg
x-ms-request-id
a4e65569-701e-004e-2f27-450995000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
300x250-Bill-Oreilly-banner_v06.jpg
tf-a1.azureedge.net/uploads/2020/07/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2020/07/300x250-Bill-Oreilly-banner_v06.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
1dffc2fd6883592784a4170f7fe511c318fecdf35130fc4b2d46b37da2381e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:33 GMT
age
1561572
x-ms-server-encrypted
true
x-cache
HIT
content-length
99435
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 01 Jul 2020 23:55:28 GMT
last-modified
Wed, 01 Jul 2020 23:55:28 GMT
server
ECAcc (frc/8FA5)
x-ms-error-code
ConditionNotMet
x-ms-blob-committed-block-count
1
etag
"0x8D81E1A3B7A1F4C"
content-type
image/jpeg
x-ms-request-id
76ea0e33-901e-0034-22c4-4514d5000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
pw4n03emC6dY9PU+m8cRQanAYyv2i7SfuhkAN988lTq8loBMogq/STPmDfQfagmgHpPUgo659jLsYuqVwqnGpQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Apr 2022 14:17:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148110630-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
22
date
Tue, 19 Apr 2022 14:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 19 Apr 2022 16:17:11 GMT
3760909.js
tag.getdrip.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.getdrip.com/3760909.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9844f8a4b8e55df71cade072301c24da983fb468ce528b502200c49beb1997c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:15:25 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 13:48:04 GMT
server
AmazonS3
age
129
etag
W/"b7d319f3ce593edf93c9ee0fc91b8791"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
0CgBBqYy41EvqHR1g2hcnfQ2f4GK1zuMBOYbiZX16JaBxk8uUV9WMA==
2675720352647422
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2675720352647422?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40ce6da5a57c3b7d91b4a57fe1c6644822abd0a0c73738ea69374ff43c71c8eb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
tjOMWweNjjj1TtXQ/TqSTxEDTcZFf25dIsIrmY3rZOSRUYYLPzYrv45Nne1K7sd4+GqVK/pn0bqO+Szkic1EEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Apr 2022 14:17:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=723152646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&ul=en-us&de=UTF-8&dt=VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%20%E2%80%93%20The%20First%20TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1869805009&gjid=1788830557&cid=236284673.1650377854&tid=UA-148110630-1&_gid=670834807.1650377854&_r=1&gtm=2ou4d0&z=1595779271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=723152646&t=event&_s=2&dl=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&ul=en-us&de=UTF-8&dt=VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%20%E2%80%93%20The%20First%20TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=author_dimension&_u=4GBAAUABAAAAAC~&jid=&gjid=&cid=236284673.1650377854&tid=UA-148110630-1&_gid=670834807.1650377854&gtm=2ou4d0&cd1=The%20First&z=282574495
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 15:03:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83651
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
client.js
d14jnfavjicsbe.cloudfront.net/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d14jnfavjicsbe.cloudfront.net/client.js
Requested by
Host: tag.getdrip.com
URL: https://tag.getdrip.com/3760909.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5800:1e:9742:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab57a689db0e617e25528be5367e1449dedfd2b96137510b730e9e685fdea6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:15:15 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 15:57:22 GMT
server
AmazonS3
age
147
etag
W/"0d78f75b5c3c3e9ffb45820e4bf4b71f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-meta-md5sum
DXj3W1w8Pp/7RYIOS/S3Hw==
x-amz-cf-id
FrEXIpvPr9ZXCQODmzitq_Yk6yUesuE-UhpJ0PcBn1WTiPKPbqbKaQ==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
Origin
https://www.thefirsttv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 13:35:36 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:33 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
475
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6fe643b2dd1f6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 22 Apr 2022 14:17:33 GMT
init
d.pub.network/v2/ 		39 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=1907&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/thefirsttv-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
7b8eb39fd6dfe8059e1236cdf5f3a121a5b1ac9b8e3f253011526a2892d556c3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
6257517b32d8eb00015ee52e.js
player.zype.com/embed/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Requested by
Host: tf-a1.azureedge.net
URL: https://tf-a1.azureedge.net/static/js/app-1.2.6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.245.135.104 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.135.245.35.bc.googleusercontent.com
Software
nginx/1.19.1 /
Resource Hash
ee13b5ffe90e8f7fb7ef408eb1caf6db28ffb71863fa610836fb4935b6cf9471
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.19.1
x-frame-options
ALLOWALL
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=utf-8
x-request-id
1e1e30222bc8225cbbb080157c78d597
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-runtime
0.197176
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-148110630-1&cid=236284673.1650377854&jid=1869805009&gjid=1788830557&_gid=670834807.1650377854&_u=4GBAAUAAAAAAAC~&z=1740402884
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Apr 2022 14:17:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit
api.getdrip.com/client/events/ 		84 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getdrip.com/client/events/visit?drip_account_id=3760909&referrer=&url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&domain=www.thefirsttv.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_547876670
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-59.dus51.r.cloudfront.net
Software
/
Resource Hash
0e7b41bb52d075f88666b7d7a1dba793ddd00cd5c37a3e2a7aac60646dfdc165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
via
1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
84
x-permitted-cross-domain-policies
none
x-amz-cf-pop
DUS51-P2
x-amzn-requestid
b5bff74b-99d6-471a-8804-35418fc3b6cf
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
Q1OjwG_HIAMFSGw=
content-length
84
x-xss-protection
1; mode=block
x-request-id
dbd9437b-c14c-4fcc-9ef6-e8b29d9e1bdd
x-runtime
0.013351
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"0e7b41bb52d075f88666b7d7a1dba793"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 19 Apr 2022 14:17:34 GMT
x-amz-cf-id
jC-pWwxy_Stg-_evzxTUPAXkCYQdQVFH_S7anYFEuLQg9G9KlsRAnw==
web
onesignal.com/api/v1/sync/99923bac-9bd5-4910-ba76-794b55b6e591/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/99923bac-9bd5-4910-ba76-794b55b6e591/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aadc417abca0fd9b8d813b9247d03048aa6fd848e9fc826c0b38b6e036b4a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
245
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9bac4679-1800-46b0-ba43-11a0f7ad4f33
x-runtime
0.244235
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6aadc417abca0fd9b8d813b9247d0304"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6fe643b388939b64-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 19 Apr 2022 15:17:34 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2675720352647422&ev=PageView&dl=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&rl=&if=false&ts=1650377854002&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650377853999.93648247&it=1650377853831&coo=false&exp=p1&rqm=GET
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 19 Apr 2022 14:17:34 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-148110630-1&cid=236284673.1650377854&jid=1869805009&_u=4GBAAUAAAAAAAC~&z=764723265
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-148110630-1&cid=236284673.1650377854&jid=1869805009&_u=4GBAAUAAAAAAAC~&z=764723265
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 98AF 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a47a0bbe96dd3548c256feb4d08677daf10d254e4121d5f0ac35439886414f30
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vtxTmccDG2FJpByHwQifug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22883
content-security-policy
script-src 'report-sample' 'nonce-vtxTmccDG2FJpByHwQifug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
a.pub.network/core/pubfig/ 		325 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/thefirsttv-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78da514c9f16a47d8e2374012619445409c56fd4da464e9cbd7b581cbf809b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=eaAmeQ==, md5=uqkd784+dh9bFq38ORsvMA==
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82720
x-guploader-uploadid
ADPycdu0yuME9RakJOcFakqIBXefUehJh_DGYpughj-OlQ007YeK7gbF30rjzOM6rU2kaCgm3QzCnG2FwukjfsrrHpwoCYpzhBDL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
access-control-allow-origin
*
last-modified
Thu, 14 Apr 2022 20:41:55 GMT
server
cloudflare
etag
W/"baa91defce3e761f5b16adfc391b2f30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6%2FYFJ%2BzXbj%2BoQlvUq8t9G6%2Fc8Ed0KrvHHgU6JJOLjSBvlsqLnGxTg7dH%2FVPY%2BKtcfJ%2BA%2Fn9RRJmgzSMaTE%2F5d4hICKchjHYeAk4XxgTZ1CW2kWyU73xiqKkP8Vx%2B2UI6wPRlAOt1t9nMtI%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
x-goog-generation
1649968915458077
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
332978
cf-ray
6fe643b41dfd9064-FRA
expires
Mon, 18 Apr 2022 15:59:27 GMT
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:28:13 GMT
content-encoding
gzip
age
2961
x-guploader-uploadid
ADPycdtqpnTRdSVJHuRg1ZParv9oakULn-m0n7LYHRz6Iog311jHVQJ70sYOsBwUMCfC4XtMTchYxVYqmHs5J8iWdXz7Tw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation
1649178504809914
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3690
accept-ranges
bytes
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1787bd043f0094effeb8a33ed29b36a720c8319422c0a416d7fa71c6663e4ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28478
x-xss-protection
0
server
sffe
etag
"1190 / 739 of 1000 / last-modified: 1650366501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Apr 2022 14:17:34 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
205 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb04565851a17df618793edf6b8d9b438363242ed5bf97b53149b98da9319510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray
6fe643b9f99491f3-FRA
date
Tue, 19 Apr 2022 14:17:35 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 10:15:25 GMT
server
cloudflare
age
27
etag
W/"e64eaccf0c41fef19ae93b73303cb373"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxBnLbhiCTOZe3XPoJ2vD3qBW7G9DWn2celKzYHT47Vtwo6%2FGRjj0pP%2FzrZLYQCFbioKgn%2BxVG1I%2BO3tVCrE8t1Fqm2jgUbyV8zDIGP%2FzKyYmzbWzDLmcSPz9kTnYc8jpFewFEGsciHeug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br

Redirect headers

date
Tue, 19 Apr 2022 14:17:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLlxGZ1VJQ7mRRAoQQlZlC2k757vTIt2fArR5qsA9sDRjGbcfR2u6wqCv%2B%2F5nGfauIJ%2BFoy1SpL4XRJE2bh4t%2FoblOkHLOkhzmxSycQXe6M2xNI7%2FD65vW8quaFHz60cSYUNBCVHoxrtwQgMxA40A%2BjPAxnh48BjDIq86g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
6fe643b80e6b9c04-FRA
expires
Tue, 19 Apr 2022 15:17:34 GMT
ats.js
ats.rlcdn.com/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
gzip
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
22329
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Tue, 19 Apr 2022 08:05:26 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/x-javascript
x-amz-cf-id
M47y03atJw5d5DN9T_hutJBmj04W-4RA4_T4MKWDrpgWEsKxKGyezw==
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		0
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2022 13:26:34 GMT
Server
Apache
ETag
"da2596-0-5dd01d3663f22"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=715
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Tue, 19 Apr 2022 14:29:29 GMT
prebid-analytics-5.20.4.1.js
a.pub.network/core/ 		501 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aef37c7abe75530fac92a34f337cd7f558956e9800f5b0e05094fb83e963be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=nVgvkg==, md5=5nTDrv99g3t6RfM7pUYl1g==
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82720
x-guploader-uploadid
ADPycdv6Jz7sSYpGzdlyfn7v4r6r4zA5L81T2JVPEVN_nRrZDwmWw8JmGcgfCJQA7c2zn0fAnJQ6rDAHh4qLus0KVSVmZDzL9Dh8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Thu, 07 Apr 2022 15:31:56 GMT
server
cloudflare
etag
W/"e674c3aeff7d837b7a45f33ba54625d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPvzgE6WOM2CUtz%2BOHo3lAJ%2B2dA6q8yfnBJL7liaIXz7JiIwoMHWbtp%2BbJtfeKhJ1ECoylGckSY1eEh77zEycwAoF%2FfofAxoE%2F3T5kO3uzkaqfmIwEbw766Jedpv6YgRAAJCOiyzuPVBYsY%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1649345516571407
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
512965
cf-ray
6fe643b4bf6a9064-FRA
expires
Tue, 18 Apr 2023 15:18:54 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 98AF 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 11:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 11:55:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 98AF 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 13:35:36 GMT
pubads_impl_2022041401.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 11:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125916
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Apr 2023 11:48:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		76 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thefirsttv.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ea8807b741f494786a037b6d69f8a65d61a59b0811f466418e5d49625663de5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75
x-xss-protection
0
expires
Tue, 19 Apr 2022 14:17:34 GMT
truncated
/ Frame 98AF 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 98AF 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 98AF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:40:09 GMT
x-content-type-options
nosniff
age
412645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 21 Apr 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98AF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 17:06:41 GMT
x-content-type-options
nosniff
age
594653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 17:06:41 GMT
show
api.getdrip.com/client/forms/ 		56 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getdrip.com/client/forms/show?drip_account_id=3760909&form_public_id=333798235&callback=Drip_217906011
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-59.dus51.r.cloudfront.net
Software
/
Resource Hash
938b75121ed8954313acb9302006056359148efbbe125500c8d55027f647cf29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
via
1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
57217
x-permitted-cross-domain-policies
none
x-amz-cf-pop
DUS51-P2
x-amzn-requestid
29572a8c-55b5-4aa0-8ae3-a4e7ec7672f3
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
Q1Oj1FagIAMFnsg=
content-length
57217
x-xss-protection
1; mode=block
x-request-id
28bf849f-5ad2-4623-b169-daa9508d9939
x-runtime
0.043134
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"938b75121ed8954313acb93020060563"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 19 Apr 2022 14:17:34 GMT
x-amz-cf-id
jFzH6gOZVK6MOb5pezZJIfBsXpllWy4LQPSe22PO-Pu2dvhOxctHAw==
track
api.getdrip.com/client/ 		101 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getdrip.com/client/track?url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&visitor_uuid=29d619f10114499e99190224fa53ac07&_action=Visited%20a%20page&source=drip&drip_account_id=3760909&callback=Drip_790135199
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-59.dus51.r.cloudfront.net
Software
/
Resource Hash
0e24c9a1b6f4a378f7f7eef9715a900eb7241a52f3bd4d94793d83e860736c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
via
1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
101
x-permitted-cross-domain-policies
none
x-amz-cf-pop
DUS51-P2
x-amzn-requestid
313bb793-4dce-4f2b-92de-a159984d9e4a
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
Q1Oj0GQcIAMF5_A=
content-length
101
x-xss-protection
1; mode=block
x-request-id
5987152c-48d8-456e-ba03-b6b70ec00ee3
x-runtime
0.041610
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"0e24c9a1b6f4a378f7f7eef9715a900e"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 19 Apr 2022 14:17:34 GMT
x-amz-cf-id
SPUyAJgWjl7W22AsICCJi6wGdI8IVx9IJKZl14IHzPoba1iJ0LzMtg==
bframe
www.google.com/recaptcha/api2/ Frame 3ED2 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b45fdca27b9437f33c213cfa5ffe384ff404a598bcb11e229b07707a5c8ae97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tvbe7WJ1sUZKruYafPG90g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-Tvbe7WJ1sUZKruYafPG90g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ Frame D77A 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.thefirsttv.com
Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.thefirsttv.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:34 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
zypeplayer.js
resources.zype.com/player/2.78.1.un.rc/ 		2 MB
413 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Requested by
Host: player.zype.com
URL: https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E98) /
Resource Hash
ebb7df79da4d890789f178fcf4dee3ce8a5ae41a4054a91d8dc40dceec3b8926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=zmxISw==, md5=dTT7rglCu80sDyggg9COyA==
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
age
2598
x-guploader-uploadid
ADPycdseKPEDTG8QjNp4RxHmY3DisO9wK4qkvMDxkb314hoOTyhvkcI3M3ZSXSK-GJE5xrAXnxo5wh8PNr-4BXCFL1Xr_w
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
422588
last-modified
Thu, 14 Oct 2021 17:05:29 GMT
server
ECAcc (frc/8E98)
etag
"7534fbae0942bbcd2c0f282083d08ec8+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-goog-generation
1634231129600288
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-goog-stored-content-length
1591113
expires
Tue, 19 Apr 2022 15:17:34 GMT
mmsmartstreaming-theo-ssai.js
mediamelon-builds.s3.amazonaws.com/MM-RELEASE-BUILDS/1432265447/theoWeb/ 		284 KB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediamelon-builds.s3.amazonaws.com/MM-RELEASE-BUILDS/1432265447/theoWeb/mmsmartstreaming-theo-ssai.js
Requested by
Host: player.zype.com
URL: https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.201.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
02dc2222537f66e07c7f952a1c61489f49c9031270f6e7713777625e35e8e4b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:36 GMT
Last-Modified
Thu, 17 Sep 2020 10:00:36 GMT
Server
AmazonS3
x-amz-request-id
JJYDVHSK3RXZYYNQ
ETag
"738094d43e6db4c72ecc5b2193872510"
Content-Type
application/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
290990
x-amz-id-2
dOLWTxlRRX5H8I/OGRSprp6t+xsHlz0kTlavtn3AY9YwfA71PIGiAC6yoS+YDiitGX5RW4rzyvc=
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.zype.com
URL: https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128424
x-xss-protection
0
expires
Tue, 19 Apr 2022 14:17:34 GMT
akamaihtml5-min.js
resources.zype.com/akamai/ 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.zype.com/akamai/akamaihtml5-min.js
Requested by
Host: player.zype.com
URL: https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F9A) /
Resource Hash
6648bd992db8dc9a132291ee714b9a74d63185be2089c08e577a9e2a7b301856

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=gbH9Eg==, md5=fLbh4V01kaZb9nT9RKqHMg==
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
age
2832
x-guploader-uploadid
ADPycdtNGrGtQJt0_VchfpbPE8nvOPzrGWrif2cwWHtXz4J6u6BQA1jAysv_yz9_mwraSKZRy83ZMlhtOnxCwSbsUuDZLA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
34820
last-modified
Thu, 05 Sep 2019 18:50:39 GMT
server
ECAcc (frc/8F9A)
etag
"7cb6e1e15d3591a65bf674fd44aa8732+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-goog-generation
1567709439742259
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-goog-stored-content-length
128511
x-goog-meta-s3cmd-attrs
uid:501/gname:staff/uname:bdorry/gid:20/mode:33188/mtime:1489684086/atime:1489684086/md5:7cb6e1e15d3591a65bf674fd44aa8732/ctime:1489684086
expires
Tue, 19 Apr 2022 15:17:34 GMT
ui.css
resources.zype.com/player/2.78.1.un.rc/ 		145 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.zype.com/player/2.78.1.un.rc/ui.css
Requested by
Host: player.zype.com
URL: https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBB) /
Resource Hash
497667aa3e95c6e082df20eb7f8370b55dafb50054bf4f0ea7886922c1d4879c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=+v2vdg==, md5=zsxHDCK7vIIs8dqoUtrVOw==
date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
age
2598
x-guploader-uploadid
ADPycds52kyb3E5URCyKgECRfCnVZNkkprnKDFCwUQ1cfydyN3PWkgyaSEcgkPgK6KGVwN0-7KXEejdfrULkTvaTIknwYzzj7nmy
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
32906
last-modified
Thu, 14 Oct 2021 17:05:28 GMT
server
ECAcc (frc/8FBB)
etag
"cecc470c22bbbc822cf1daa852dad53b+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-goog-generation
1634231128069408
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-goog-stored-content-length
148012
expires
Tue, 19 Apr 2022 15:17:34 GMT
theoplayer.custom.css
admin.zype.com/theoplayer/v2/ 		15 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.zype.com/theoplayer/v2/theoplayer.custom.css
Requested by
Host: player.zype.com
URL: https://player.zype.com/embed/6257517b32d8eb00015ee52e.js?autoplay=true&controls=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.245.135.104 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.135.245.35.bc.googleusercontent.com
Software
nginx/1.19.1 /
Resource Hash
53cc37ace87bfde90cc35f1c6c7cb09beb7659d7fbd4cc5b928c6bbbb9ed1011
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
last-modified
Mon, 18 Apr 2022 18:28:09 GMT
server
nginx/1.19.1
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
webworker.js
www.google.com/recaptcha/api2/ Frame 98AF 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv&co=aHR0cHM6Ly93d3cudGhlZmlyc3R0di5jb206NDQz&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=normal&cb=6w0d6b273o71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 14:17:34 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 3ED2 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 11:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 11:55:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 3ED2 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&k=6LdgM4MaAAAAAFuPjZ9tSxWA_A_66TYIrOVxUULv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 13:35:36 GMT
/
geo.privacymanager.io/ 		28 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-107.dus51.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 05:03:45 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
age
33230
x-amzn-requestid
7f094b2a-f5bb-4ebd-a832-b0b2487486e2
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625e42b1-609a2cb222bee00279a0968e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, DUS51-P1
x-amz-apigw-id
Qz9bvE6DDoEFbmg=
content-length
28
x-amz-cf-id
xE9Qp16XiLaS_Fl3g_mes29FhazvS8YSNCmHE6XYC8xeuuEicWt80A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:34 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1208
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6fe643b8ba376993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 May 2022 14:17:34 GMT
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
0ee8bbd659680b7689f6177027bd2c38c6dc4ac4bb046466522d45d45c116cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;includeSubDomains;preload;
alt-svc
clear
expires
0
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.thefirsttv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.thefirsttv.com
access-control-max-age
3600
alt-svc
clear
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 19 Apr 2022 14:17:35 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
side_f8729a7c593a06ecf9caf0386b5b06e2.jpg
do0ne7yeju3uz.cloudfront.net/uploads/form_images/333798235/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do0ne7yeju3uz.cloudfront.net/uploads/form_images/333798235/side_f8729a7c593a06ecf9caf0386b5b06e2.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-190.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a5842a661b9e0c5c9b6d62783b1c9f4f229fb85acaef3236eb1253db3bdf06a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:04:08 GMT
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
last-modified
Wed, 04 Nov 2020 06:09:16 GMT
server
AmazonS3
age
44007
etag
"28af682297be6419b81ea0956ff65939"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
81548
x-amz-cf-id
D_70_h0RbseLFtbLRw3oAYZ2neFnT-hHRjj899F5jaakejKV2Bso5Q==
pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
a.pub.network/core/pubfig/ 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daffdd6f62e491d3b2ab8012fb6c886e904863487f503e76a4fc6281594d533b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=g723/Q==, md5=cMEEZ9k/uijR78lkvnZ7nw==
date
Tue, 19 Apr 2022 14:17:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82720
x-guploader-uploadid
ADPycduDHgi4A766lStqgknBpmf6n-Zm_a8tOqf-lVyTvbe6rTCXCgDyplttdIWoni_sgB7Lsmd_xndTLHwqicQdo8b_SVHcQvLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
access-control-allow-origin
*
last-modified
Thu, 14 Apr 2022 20:41:58 GMT
server
cloudflare
etag
W/"70c10467d93fba28d1efc964be767b9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ui1zrBkmLHEr8yaXPnLiviDtwmJz6bHjWH0q%2BUhJIeh60OSibaCUVdKuSmRn4p8LQKLb3P7UIdaCMmVc5BqH%2B6PWUJQ94WbRXo0qKjnSNRQ2%2BN8qFwCUicD3uavx5FRAidCAOzS63srxx8c%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
x-goog-generation
1649968918804884
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
186084
cf-ray
6fe643bcf9ce9064-FRA
expires
Mon, 18 Apr 2022 16:18:55 GMT
px.gif
ad-delivery.net/ 		43 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 19 Apr 2022 14:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
747335
x-guploader-uploadid
ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCYIVakzZGNuLjwCJlWIn3YrRCeGJRYj31e84k%2FmGPZ%2Fw13bCX19BiL7kOmTAf3pQnCkwQZ6fDCASJtCd4zNZrgnDZ%2FxO3r%2BmZeAaqlz5rzYq431Wfx4F8gpjqAFd3Yh9D8vXcJJsdAvMmQKeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6fe643be29336927-FRA
expires
Sun, 10 Apr 2022 23:01:05 GMT
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6666678955242968
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 19 Apr 2022 14:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
747335
x-guploader-uploadid
ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt7nRhxe7glvB14Ze%2FrDqZoThWtkwcdvkMDQiKutLSYf%2Bfa03hjCjiWHjuIviJgMOShGRJ%2FbaoI0eYU0tdbPWUcsxNOkexDUUNoRRQWr0YRtHMu4yRzLSJy3LPU3a7BuoVUOEyEbxLOq1t4OCA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6fe643be29346927-FRA
expires
Sun, 10 Apr 2022 23:01:05 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:35 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 26 Apr 2022 14:17:35 GMT
prebid
ads.yieldmo.com/exchange/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.4&p=%5B%7B%22placement_id%22%3A%22ad_freestar-4%22%2C%22callback_id%22%3A%222fe5b4fa971db%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_rail_right_2%2Fad_freestar-4%22%7D%5D&page_url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&bust=1650377855575&pr=&scrd=1&dnt=false&description=Liz%20Harrington%20is%20the%20spokesperson%20for%20Donald%20Trump%20to%20give%20the%20latest%20on%20the%20investigation%20in%20Georgia.&title=VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%20%E2%80%93%20The%20First%20TV&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=4a1109c5-5744-43cf-921b-a092ec2a4310&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22880%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.43.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-43-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695fd017878cbe7feccfeac350022&pos=8a969972017878cbdeadccff727e0022&cmd=bid&req=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
01319d2141c9aa8224ed45cf25c6abfb334526512e75f516e517b92faffdb0ec

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Apr 2022 14:17:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695fd017878cbe7feccfeac350022&pos=8a969972017878cbdeadccff0eba0020&cmd=bid&req=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0438b58f6f0ae72fc6fb2a7050dbb016ba5f6dc6c255747102839ccfbbf78039

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Apr 2022 14:17:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
content-length
62
prebid
prebid.media.net/rtb/ 		1 KB
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87e03ca3bc2a40f302dc112da0ed6125b3aa7c91de3fbe26765b223ca80bddbe

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1e08ece4bc8010df4def3e470bb865e46e3a4d6c844cc55dc6273546ef800ac7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Apr 2022 14:17:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2b29b8f6-fd65-41c1-8ba8-e0022e89535b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thefirsttv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=642821&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221428ac49b11e4ca%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F%22%2C%22name%22%3A%22thefirsttv-com%22%2C%22domain%22%3A%22thefirsttv.com%22%2C%22cat%22%3A%5B%22IAB1%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%22%5D%2C%22pagecat%22%3A%5B%22IAB1%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.4%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215cc499e025c56f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22642821%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_rail_right_2%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22642821%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_rail_right_2%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_rail_right_2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22880%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ee5c33b927b283aa4846cdb659798f08c0529785bf443be12446ddb72ea40d2

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.133], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.thefirsttv.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 19 Apr 2022 14:17:35 GMT
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.4&cb=78194008730
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Apr 2022 14:17:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.99.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-99-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.99.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-99-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:35 GMT
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		626 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2189362&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.com,880,1,,,&rf=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&tg_i.name=thefirsttv-com&tg_i.domain=thefirsttv.com&tg_i.cat=IAB1&tg_i.sectioncat=IAB1&tg_i.pagecat=IAB1&tg_i.page=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&tg_i.fs_ad_product=banner&tg_i.dfp_ad_unit_code=15184186%2C22681064182%2Fthefirsttv_rail_right_2&tg_i.pbadslot=15184186%2C22681064182%2Fthefirsttv_rail_right_2%2Fad_freestar-4&tk_flint=pbjs_lite_v5.20.4&x_source.tid=5cfbfd97-ae85-4648-9c93-8ce61ed4508b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9482053107005086
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a8c704324d0633c8506b48022d84945164e189dd3d2318d4b02b5e54c7427b6

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thefirsttv.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
626
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.99.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-99-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:35 GMT
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		613 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2189362&size_id=2&rp_schain=1.0,1!freestar.com,880,1,,,&rf=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&tg_i.name=thefirsttv-com&tg_i.domain=thefirsttv.com&tg_i.cat=IAB1&tg_i.sectioncat=IAB1&tg_i.pagecat=IAB1&tg_i.page=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&tg_i.fs_ad_product=lazyLoad&tg_i.dfp_ad_unit_code=15184186%2C22681064182%2Fthefirsttv_leaderboard_btf&tg_i.pbadslot=15184186%2C22681064182%2Fthefirsttv_leaderboard_btf%2Fad_freestar-6&tk_flint=pbjs_lite_v5.20.4&x_source.tid=cca528f7-5367-4cf7-848d-a165c45e14b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7168627300058956
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ecf979e9506af77a369714d379cdc62f3ba81aa3ebfa76e573a8b4de8de8ca7

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thefirsttv.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
613
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.4&p=%5B%7B%22placement_id%22%3A%22ad_freestar-6%22%2C%22callback_id%22%3A%22309868fc9711858%22%2C%22sizes%22%3A%5B%5B1%2C3%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_leaderboard_btf%2Fad_freestar-6%22%7D%5D&page_url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&bust=1650377855594&pr=&scrd=1&dnt=false&description=Liz%20Harrington%20is%20the%20spokesperson%20for%20Donald%20Trump%20to%20give%20the%20latest%20on%20the%20investigation%20in%20Georgia.&title=VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%20%E2%80%93%20The%20First%20TV&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=4a1109c5-5744-43cf-921b-a092ec2a4310&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22880%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.43.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-43-245.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2fec827f51356cfc9f02f83bbec20912e9e5e6050797b13d4a94e7b37ed7d596

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.4&cb=42714676661
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Apr 2022 14:17:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695fd017878cbe7feccfeac350022&pos=8a9690c4017878cbe333cd001a6a0025&cmd=bid&req=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
71429c783d935c8c3abfe053dd6c027df45c83db0b1265625d940887b41a4c22

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Apr 2022 14:17:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		139 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8a499356d75bf95334ba8b9682cbe6994bdf56e16647fcd5cb6be2cb776717fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:35 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
203358f2-75b6-4c4a-bcf8-89351080c6a4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thefirsttv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=642821&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2239733791f3d6e29%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F%22%2C%22name%22%3A%22thefirsttv-com%22%2C%22domain%22%3A%22thefirsttv.com%22%2C%22cat%22%3A%5B%22IAB1%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%22%5D%2C%22pagecat%22%3A%5B%22IAB1%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.4%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22408fb763f896be2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A3%2C%22ext%22%3A%7B%22siteID%22%3A%22642821%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_leaderboard_btf%22%2C%22sid%22%3A%221x3%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22642821%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_leaderboard_btf%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C22681064182%2Fthefirsttv_leaderboard_btf%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22880%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
944a7a9ee4655c4db518ebfb3ce1d6dbcc3fa27317a63449cad2cdb93a269d9c

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:35 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.215.133], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.thefirsttv.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 19 Apr 2022 14:17:35 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
c.pub.network/ 		36 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
9a69b23235bae2a3f9a05bd21f547a27d467501715ba6e9dcf2457d85017ac45

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Apr 2022 14:17:36 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=lmO7d6mFgG&w=5679556575887360&o=5714937848528896&cv=2.9.157-1-g9c0fea6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 19 Apr 2022 14:17:36 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:15:57 GMT
content-encoding
gzip
age
99
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
R1zayRxT-3lRUaDkrP9YQXEDRWnL-NOA4r7EuH8HWmg2jthdHrQnLA==
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame FB8D 		0
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Apr 2022 14:17:36 GMT
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame D009 		0
0
bridge3.510.1_en.html
imasdk.googleapis.com/js/core/ Frame 3B75 		631 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
397731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209821
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 23:48:45 GMT
expires
Fri, 14 Apr 2023 23:48:45 GMT
last-modified
Thu, 14 Apr 2022 23:44:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24d3ffac4a558078bbbe1d26f7d60adcbc0ee7a64ee1409e6fb3cc89c1674743

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
theoplayer.e.js
resources.zype.com/player/2.78.1.un.rc/ 		215 KB
69 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://resources.zype.com/player/2.78.1.un.rc/theoplayer.e.js
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC8) /
Resource Hash
f3d3117f8f9f0011114a8a7424e9ca8962c5de2a136790660c119b2a0955a05c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=+ZAd2Q==, md5=50v1iVGENhKq0DOSqQd0Wg==
date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
gzip
age
2599
x-guploader-uploadid
ADPycdu-nr6Y0ody-0NrXzYCkcX5VPGr1hgpr4uk7WBR9Zg7IVIVnWDk_FM688PFqTa2JoBzFvtU7KY0_7MyEjpi25GKcBG_GzqR
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
70802
last-modified
Thu, 14 Oct 2021 17:05:27 GMT
server
ECAcc (frc/8FC8)
etag
"e74bf58951843612aad03392a907745a+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-goog-generation
1634231126994258
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-goog-stored-content-length
220438
expires
Tue, 19 Apr 2022 15:17:36 GMT
theoplayer.p.js
resources.zype.com/player/2.78.1.un.rc/ 		164 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://resources.zype.com/player/2.78.1.un.rc/theoplayer.p.js
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F81) /
Resource Hash
8d94d58cedb841e73b4c8a7ac0e991286b96e87d54443578dac283fbf9b6ab6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=nmJLKg==, md5=qa7LMPjkCokkeEvTit1sxQ==
date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
gzip
age
2600
x-guploader-uploadid
ADPycdvIgNDpFthb7Os35ltuVJDn8TSkUwu8ncG734HwzYq5rq4KnbtlgYq3Yon4DLEoa3tiSI6bUrLa_albxCEKOjyZlg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
52403
last-modified
Thu, 14 Oct 2021 17:05:27 GMT
server
ECAcc (frc/8F81)
etag
"a9aecb30f8e40a8924784bd38add6cc5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
x-goog-generation
1634231127443021
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-goog-stored-content-length
167625
expires
Tue, 19 Apr 2022 15:17:36 GMT
6257517b32d8eb00015ee52e.m3u8
player.zype.com/manifest/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.zype.com/manifest/6257517b32d8eb00015ee52e.m3u8?ad_enabled=true&app_key=ZVIgFQfPuXBTm99xYU4k09nMJgXuo2wsCU774GMNxC5cxzbORgmOD9kHOUM4ZGZQ&https=true&player=web&player_request_id=625ec47e9d748100015c5507&signature=m7RBHQ8FfY-zP2U-oOVRnYyaRvGAE3nxUERdy592rKc%3D&ts=1650377854
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.245.135.104 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.135.245.35.bc.googleusercontent.com
Software
nginx/1.19.1 /
Resource Hash
edd5229fffe086c693f84a2b8210a72c7f071f63039781e073c87d17863e58da
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
x-request-id
6d45ae11d6959a27c5d439b14a7d2d91
x-runtime
0.043094
server
nginx/1.19.1
x-frame-options
SAMEORIGIN
etag
W/"edd5229fffe086c693f84a2b8210a72c"
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
1080.jpg
gvimage.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/custom_thumbnail/ 		317 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gvimage.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/custom_thumbnail/1080.jpg?1649889790
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2e1cdb6c32b881c48a41965e8f47eb620e91a1a3ae9010430d17543a079719a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=+sQGJQ==, md5=6pEecjR2cQo/oRzFuAvsjQ==
date
Tue, 19 Apr 2022 14:17:36 GMT
x-guploader-uploadid
ADPycdsMMbx7HmPh9cupKIIbQLHnJSbW5wDDEb5ejjEs3mVamN_Lz7PfmOe-79HTSYU0KuN8hFWpztYwdjGl6R7oQ4ROgem164Qr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
324244
last-modified
Wed, 13 Apr 2022 22:43:15 GMT
server
UploadServer
etag
"ea911e723476710a3fa11cc5b80bec8d"
access-control-allow-methods
GET,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
x-goog-generation
1649889795947863
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-goog-stored-content-length
324244
accept-ranges
bytes
expires
Tue, 19 Apr 2022 15:17:36 GMT
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a727bf223177455130f22e9de17fcf54f7df069c0095c974ff3c01470e2096a

Request headers

Referer
Origin
https://www.thefirsttv.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
8231682820
register.mediamelon.com/mm-apis/register/ 		262 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://register.mediamelon.com/mm-apis/register/8231682820?sdkVersion=mediaTailor-beta1&hintFileVersion=2&EP_SCHEMA_VERSION=2&platform=Browser&qmetric=true&statistics=false&log_level=2&component=THEOSDK&mode=QBRDisabled
Requested by
Host: mediamelon-builds.s3.amazonaws.com
URL: https://mediamelon-builds.s3.amazonaws.com/MM-RELEASE-BUILDS/1432265447/theoWeb/mmsmartstreaming-theo-ssai.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.129.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-129-229.compute-1.amazonaws.com
Software
akka-http/10.1.5 /
Resource Hash
a5944be6fc68fe389f32cb9fd52dcd66eb7a509ca3799b5437bb071afa6a0d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:36 GMT
access-control-allow-credentials
true
server
akka-http/10.1.5
content-length
262
content-type
application/json
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 371B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 13:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:36:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thefirsttv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thefirsttv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		87 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4357353102475156&correlator=2638895444398366&eid=31067133%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=15184186%3A22681064182%2Cthefirsttv_rail_right_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=1&adks=1715768003&sfv=1-0-38&ecs=20220419&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dlearning%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dthefirsttv_rail_right_2%26fs_ad_product%3Dbanner%26fspbg%3Dfreestar%26freestar_path%3D%252Fwatch%252Fvideo-proof-evidence-of-mail-in-ballot-fraud%252F%26freestar_domain%3Dthefirsttv.com%26custom_bidder_size%3Dappnexus_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D4416a082d9c9dde%26hb_bidder%3Dappnexus&eri=1&cust_params=user-agent%3DChrome%26page%3D44683%26pagetype%3Dvideo%26category%3Dclip%252Chighlight%252Cjesse-kelly%252Cmust-see-moments&sc=1&cookie_enabled=1&abxe=1&dt=1650377856113&lmt=1650377856&dlt=1650377852802&idt=2095&biw=1600&bih=1200&adxs=1200&adys=2405&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x630&msz=300x600&fws=4&ohw=300&ga_vid=236284673.1650377854&ga_sid=1650377856&ga_hid=723152646&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f3c619270bf51ef99a5e8b43cb7081e9edf49c3e2d5eb63ab4185f2c5088b73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31327
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0753 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:36 GMT
expires
Wed, 19 Apr 2023 14:17:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		526 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4357353102475156&correlator=2638895444398366&eid=31067133%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=15184186%3A22681064182%2Cthefirsttv_leaderboard_btf&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x3%7C728x90&ifi=2&adks=1482602221&sfv=1-0-38&ecs=20220419&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dlearning%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dthefirsttv_leaderboard_btf%26fs_ad_product%3DlazyLoad&eri=1&cust_params=user-agent%3DChrome%26page%3D44683%26pagetype%3Dvideo%26category%3Dclip%252Chighlight%252Cjesse-kelly%252Cmust-see-moments&sc=1&cookie_enabled=1&abxe=1&dt=1650377856142&lmt=1650377856&dlt=1650377852802&idt=2095&biw=1600&bih=1200&adxs=326&adys=1254&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x30&msz=728x0&fws=4&ohw=728&ga_vid=236284673.1650377854&ga_sid=1650377856&ga_hid=723152646&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
caac51f2acbbf0c6f7fc62dbc7b2e12b0a452a19ac62f676b83137ef98f29a44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thefirsttv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=349529493;labels=title.VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%2Ctitle.VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%2Cauthor.http%3A%2F%2Ffacebook.com%2Ft...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=349529493;labels=title.VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%2Ctitle.VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%2Cauthor.http%3A%2F%2Ffacebook.com%2Fthefirstontv;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F;uht=2;fpan=1;fpa=P0-860484753-1650377856177;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=thefirsttv.com;je=0;sr=1600x1200x24;dst=0;et=1650377856177;tzo=0;ogl=description.Liz%20Harrington%20is%20the%20spokesperson%20for%20Donald%20Trump%20to%20give%20the%20latest%20on%20the%20in%2Cimage.https%3A%2F%2Ftf-a1%252Eazureedge%252Enet%2Fuploads%2F2022%2F04%2F6257517b32d8eb00015ee52e-tn-1080-120%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Csite_name.The%20First%20TV%2Ctitle.VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ethefirsttv%252Ecom%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
beacon-10061.xml
ma1169-r.analytics.edgekey.net/config/ 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1169-r.analytics.edgekey.net/config/beacon-10061.xml?enableGenericAPI=1
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/akamai/akamaihtml5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:df:39f::aa5 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4f7c8580f6af826dc8d8750b36ba4e0ac1332a04f3ae6ac545007bd82ceb3995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:37 GMT
Last-Modified
Tue, 22 Jan 2019 07:41:49 GMT
Server
AkamaiNetStorage
ETag
"4c42cda77a11c1fbde838888c7968d58:1548142909"
Content-Type
application/xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12220
Expires
Tue, 19 Apr 2022 14:17:37 GMT
fb_256.png
tf-a1.azureedge.net/static/images/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/static/images/logo/fb_256.png
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F72) /
Resource Hash
b59c57f72cf5688d6420b9102860ab9215d03dbe3f0d96fcedb2c9086b4d0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
content-md5
QDiCJcv3yP2RblrIrauSNA==
age
1434198
x-ms-server-encrypted
true
x-cache
HIT
content-length
3124
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 14 Apr 2021 16:37:18 GMT
last-modified
Wed, 14 Apr 2021 16:37:53 GMT
server
ECAcc (frc/8F72)
x-ms-error-code
ConditionNotMet
etag
"0x8D8FF63A68BD23E"
content-type
image/png
x-ms-request-id
a6d48ea6-401e-006a-5cec-46ff35000000
cache-control
public, max-age=15552000
x-ms-version
2019-02-02
accept-ranges
bytes
tw_256.png
tf-a1.azureedge.net/static/images/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/static/images/logo/tw_256.png
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F64) /
Resource Hash
5770b31a3b0c78370bc1b40b48df59b6f5805be64dd5038a86f8f73ac881dab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
content-md5
WNHcqA+OI1Jmmu48gbpXmQ==
age
8659394
x-ms-server-encrypted
true
x-cache
HIT
content-length
4392
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 14 Apr 2021 16:37:19 GMT
last-modified
Wed, 14 Apr 2021 16:37:53 GMT
server
ECAcc (frc/8F64)
x-ms-error-code
ConditionNotMet
etag
"0x8D8FF63A69A0585"
content-type
image/png
x-ms-request-id
77700213-b01e-0023-1836-05bdde000000
cache-control
public, max-age=15552000
x-ms-version
2019-02-02
accept-ranges
bytes
rd_172.png
tf-a1.azureedge.net/static/images/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/static/images/logo/rd_172.png
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F25) /
Resource Hash
6acfbdf4dd87d0b3a9453bc046a6facaf4df824c1403a5249f2988729d157017

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
content-md5
yksMUNcdToHN3GX+kMw/PQ==
age
4580286
x-ms-server-encrypted
true
x-cache
HIT
content-length
1992
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 14 Apr 2021 16:37:18 GMT
last-modified
Wed, 14 Apr 2021 16:37:53 GMT
server
ECAcc (frc/8F25)
x-ms-error-code
ConditionNotMet
etag
"0x8D8FF63A68BD23E"
content-type
image/png
x-ms-request-id
d9f4a5be-c01e-0006-684f-2a14a2000000
cache-control
public, max-age=15552000
x-ms-version
2019-02-02
accept-ranges
bytes
62589b90dcb76d0001ccb769-tn-1080-830x467.jpg
tf-a1.azureedge.net/uploads/2022/04/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2022/04/62589b90dcb76d0001ccb769-tn-1080-830x467.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E92) /
Resource Hash
46f76eab9e5c927596fec963d99e72a3fcf7852f157751fd4bd9ec879259e7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
age
382586
x-ms-server-encrypted
true
x-cache
HIT
content-length
57520
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 15 Apr 2022 00:48:06 GMT
last-modified
Fri, 15 Apr 2022 00:48:06 GMT
server
ECAcc (frc/8E92)
x-ms-blob-committed-block-count
1
etag
"0x8DA1E799AE2C209"
content-type
image/jpeg
x-ms-request-id
b82cb813-c01e-005b-737d-501e26000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
6258ba32dcb76d0001ccb984-tn-1080-830x467.jpg
tf-a1.azureedge.net/uploads/2022/04/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2022/04/6258ba32dcb76d0001ccb984-tn-1080-830x467.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FB4) /
Resource Hash
dec55679642cc46b124a30998355c5eddba5c98349a8ae6e198376d4babf719c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
age
291160
x-ms-server-encrypted
true
x-cache
HIT
content-length
60863
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 16 Apr 2022 01:18:08 GMT
last-modified
Sat, 16 Apr 2022 01:18:08 GMT
server
ECAcc (frc/8FB4)
x-ms-blob-committed-block-count
1
etag
"0x8DA1F46F73286B3"
content-type
image/jpeg
x-ms-request-id
9410db60-601e-0020-2852-515cba000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
6258ba7d53553a000136af29-tn-1080-830x467.jpg
tf-a1.azureedge.net/uploads/2022/04/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2022/04/6258ba7d53553a000136af29-tn-1080-830x467.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCC) /
Resource Hash
f1905817596b2e32feacf863b31d4961af478773296ebb04941a4af8ba7da8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
age
258360
x-ms-server-encrypted
true
x-cache
HIT
content-length
54029
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 16 Apr 2022 12:03:05 GMT
last-modified
Sat, 16 Apr 2022 12:03:05 GMT
server
ECAcc (frc/8FCC)
x-ms-blob-committed-block-count
1
etag
"0x8DA1FA110C8C860"
content-type
image/jpeg
x-ms-request-id
3faa4cdc-a01e-004d-649e-51e8f1000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
6258b94a53553a000136af1e-tn-1080-830x467.jpg
tf-a1.azureedge.net/uploads/2022/04/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2022/04/6258b94a53553a000136af1e-tn-1080-830x467.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5A) /
Resource Hash
8228b62486c57f915e01605b7a73596f6107b8f8aa4e17f04fce2151d2943fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
age
300159
x-ms-server-encrypted
true
x-cache
HIT
content-length
55630
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 16 Apr 2022 00:48:05 GMT
last-modified
Sat, 16 Apr 2022 00:48:05 GMT
server
ECAcc (frc/8F5A)
x-ms-blob-committed-block-count
1
etag
"0x8DA1F42C4C1F64C"
content-type
image/jpeg
x-ms-request-id
f9f75751-a01e-0000-073d-51271d000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
6258986153553a000136ac40-tn-1080-830x467.jpg
tf-a1.azureedge.net/uploads/2022/04/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2022/04/6258986153553a000136ac40-tn-1080-830x467.jpg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F84) /
Resource Hash
1bd326cb7baee270d3a00e1dfa09ab232ac171cd030f4fd0868da781ee55df48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
age
382586
x-ms-server-encrypted
true
x-cache
HIT
content-length
70604
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 15 Apr 2022 02:18:06 GMT
last-modified
Fri, 15 Apr 2022 02:18:06 GMT
server
ECAcc (frc/8F84)
x-ms-blob-committed-block-count
1
etag
"0x8DA1E862DA8F2B8"
content-type
image/jpeg
x-ms-request-id
cd52e813-901e-001b-797d-50191e000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
62589a43dcb76d0001ccb765-tn-1080-830x467.png
tf-a1.azureedge.net/uploads/2022/04/ 		478 KB
478 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/uploads/2022/04/62589a43dcb76d0001ccb765-tn-1080-830x467.png
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0E) /
Resource Hash
9b048fd99ccfdc25109319e183a58d23693c2a5e05f93a08b63c14067ef358cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 19 Apr 2022 14:17:36 GMT
age
382586
x-ms-server-encrypted
true
x-cache
HIT
content-length
489016
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 15 Apr 2022 01:21:17 GMT
last-modified
Fri, 15 Apr 2022 01:21:17 GMT
server
ECAcc (frc/8F0E)
x-ms-blob-committed-block-count
1
etag
"0x8DA1E7E3DA11C91"
content-type
image/png
x-ms-request-id
b410c680-d01e-001a-147d-5046c2000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTUwOTZiYjE2OTcwMmQwNzBjZmEyYjAwL2Q2...
mf.zype.com/ 		6 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mf.zype.com/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTUwOTZiYjE2OTcwMmQwNzBjZmEyYjAwL2Q2MTdkMDYwLWI1ZGItNDIwMi1iZTNkLTg4ODdkZTUxYjExZS5tM3U4IiwicGFyYW1zIjp7IjZwTEtNUTN5IjoicExLMHV3MzIiLCJGMzhiMWRGNCI6IjYyNWVjNDdlOWQ3NDgxMDAwMTVjNTUwNyJ9LCJleHAiOjE2NTAzODg2NTZ9.GD0LzvVTK225_4Dk6IEkPq_Hit5YwY8jjC5d4FCzdQQ
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-112.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
0e03ced83bf54216a0da5d88660920ace060957822e4ae1dc18cd934afc6024a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
etag
W/"19f0-LZ2duKinv0JEBC96g2xg/aG+AIc"
x-amzn-remapped-content-length
6640
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
x-amzn-requestid
ad81634b-e1a5-4f2b-948f-ee3db0a53394
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625ec481-1c24f4560e8cd49f7ce06420;Sampled=0
x-amz-apigw-id
Q1OkNH3QoAMF3QQ=
content-length
6640
x-amz-cf-id
utj3vgSlK-TI4AhGsrIzGKtTfoQ16FzXOP0nT-c10a3CeUwgwdt7Ag==
ssb
bc-ssb-dub.springserve.com/ Frame 3B75
Redirect Chain
  • https://ab.zype.com/eyJhbGciOiJIUzI1NiJ9.eyJhZF91cmwiOiJodHRwczovL3ZpZC5zcHJpbmdzZXJ2ZS5jb20vdmFzdC82MjMzOTQ_dz1bcGxheWVyX3dpZHRoXSZoPVtwbGF5ZXJfaGVpZ2h0XSZjYj0zNzIyODIyMTMmaXA9MjE3LjExNC4yMTUuMTMz...
  • https://vid.springserve.com/vast/623394?w=1080&h=607&cb=372282213&ip=217.114.215.133&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F100.0.489...
  • https://bc-ssb-dub.springserve.com/ssb?r=469ea89a-1f9a-47a8-8a37-7bfe3d9bcfb9&t=1650377857&h=dub.internal&aid=1149
22 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-dub.springserve.com/ssb?r=469ea89a-1f9a-47a8-8a37-7bfe3d9bcfb9&t=1650377857&h=dub.internal&aid=1149
Protocol
H2
Server
54.216.156.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-156-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
null
date
Tue, 19 Apr 2022 14:17:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
22
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml

Redirect headers

location
https://bc-ssb-dub.springserve.com/ssb?r=469ea89a-1f9a-47a8-8a37-7bfe3d9bcfb9&t=1650377857&h=dub.internal&aid=1149
date
Tue, 19 Apr 2022 14:17:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
null
content-length
0
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Apr 2022 14:17:37 GMT
StreamProducer
beacons.mediamelon.com/ 		3 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacons.mediamelon.com/StreamProducer
Requested by
Host: mediamelon-builds.s3.amazonaws.com
URL: https://mediamelon-builds.s3.amazonaws.com/MM-RELEASE-BUILDS/1432265447/theoWeb/mmsmartstreaming-theo-ssai.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.212.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-212-203.compute-1.amazonaws.com
Software
/
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 19 Apr 2022 14:17:37 GMT
content-length
3
content-type
text/plain;charset=ISO-8859-1
StreamProducer
beacons.mediamelon.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://beacons.mediamelon.com/StreamProducer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.212.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-212-203.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.thefirsttv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,origin,x-requested-with,range,content-type,accept
access-control-allow-methods
HEAD,POST,GET,OPTIONS,PUT
access-control-allow-origin
*
access-control-max-age
1800
content-length
0
date
Tue, 19 Apr 2022 14:17:37 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
container.html
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F81B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:36 GMT
expires
Wed, 19 Apr 2023 14:17:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date
Tue, 19 Apr 2022 14:17:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3374
x-guploader-uploadid
ADPycdvYySkyaile_eoUiTAzVzYAdJUDO5AkGLpVftx7Yboat1YiubepDFRG9z9M2gfV-PlrRpbQIPGxwq9ia6AohciYkUEmY62-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV1e8Tm8qBx8aMBw2lA3IbZHo6A0CTgN3Xk2eRVgc1U5LtEYkropwvUW1R6yVl725AosoJvagvXtYQ7EAItQF7aavqz8JUUH4y%2BwWQsS1RibzoUzmRdez1AGpCEwcAhXySABhndsaMKj7x0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1599584677716817
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
6fe643c5fd029064-FRA
expires
Tue, 19 Apr 2022 13:27:09 GMT
8660e442-1a8d-457b-a16c-a9cc87e213c6
https://www.thefirsttv.com/ 		164 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thefirsttv.com/8660e442-1a8d-457b-a16c-a9cc87e213c6
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d94d58cedb841e73b4c8a7ac0e991286b96e87d54443578dac283fbf9b6ab6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
167625
Content-Type
application/javascript
50a26e69-97f8-4b1d-b9b0-b9c44a59e2a4
https://www.thefirsttv.com/ 		215 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thefirsttv.com/50a26e69-97f8-4b1d-b9b0-b9c44a59e2a4
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3d3117f8f9f0011114a8a7424e9ca8962c5de2a136790660c119b2a0955a05c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
220438
Content-Type
application/javascript
css
fonts.googleapis.com/ Frame F81B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 12:49:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Apr 2022 14:17:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Apr 2022 14:17:37 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F81B 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 14:03:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F81B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChMaGgMReYpKgJsig7_UPjYywwAfS4NypabnaweykDOHSg8-BChABINrXxTlglYKAgJQHoAHVps2-A8gBBqkCByV9OHIfsj7gAgCoAwHIA8sEqgTjAk_QHxj1fnH1TFav54bAxC8dCs04uwBx3CzjbR5pAumUsXxh6Jr0TGz_K540CL8UIixtWogXRQrhy5DxKNquMh7p2dk5u9kViGTmFBMDi3-2UPnknMUnYLdcE7ljPFeKH2i5eZ1UiZ3lnkJL9N8awc3jtnJw7Ca0fKhpqBwcqXqziv4ybo8nRyUCaH-o27xjG5pQZES8t63r676HCF4kxprEmbcnHauLlTEd5wSGn6YipBHAa0_26lJ5Zj-Sm8cOrjbdYWp-KAWkzCehG12b_fjVekGXM05jTGTQ5YR00729GCk2dnQbAmb_-HFo1CfpeJXHucMA5eWue8-q4mj1wlwiDy8IjxZ3M9hoYbnxL53wP5zWxB6-1naNCXtUOn67myli3LbhEpNfwcszQm068U3iK6UGW9cVSu9jgJTQ80734ecEjG_iGcCot3TUaeLxBVHEMrXaW00497qY_-FMA11s2LjABObAj7WRAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAeT2bJBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ1fUK0ggJCIjhgBAQARgdgAoDyAsB2BMNiBQB0BUBgBcBshceChwIABIUcHViLTM2MDUyNTczNjA4NTMxODUYusgX&sigh=nJhILPM5Bh8&uach_m=[UACH]&template_id=492
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame F81B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 14:12:35 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F81B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 14:13:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F81B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650281421154365"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:17:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F81B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 May 2022 14:08:20 GMT
l
www.google.com/ads/measurement/ Frame F81B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgGYejsLq5IaoRytN9fv6aw05IyA6Q1lt-xZoTh--96UhoJrHb-H-thbTykwgvezwr15-8URZiOF4zXMbeL8D_l2oqNQ
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
3bde1d5944145a46a8b91d920db5ec4d.js
www.gstatic.com/mysidia/ Frame F81B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 13:44:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12194
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 13:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Jul 2022 13:44:13 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17807326434624457884/ Frame F81B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17807326434624457884/downsize_200k_v1?w=400&h=209
Requested by
Host: be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
URL: https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2cc17ec336c625cecc16808666f52d05517e86336be42e943f3cdd5649d1f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 19:30:54 GMT
x-content-type-options
nosniff
age
154003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18122
x-xss-protection
0
last-modified
Fri, 21 Aug 2020 08:22:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Apr 2023 19:30:54 GMT
truncated
/ Frame F81B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
container.html
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D40 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:36 GMT
expires
Wed, 19 Apr 2023 14:17:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9.gif
ma1169-r.analytics.edgekey.net/ 		10 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1169-r.analytics.edgekey.net/9.gif?a=I~b=1fa77e976260710061~c=6d51ce4d-a347-00d2-d9b2-b671578247d3~d=f6db8eaa-1ba9-b156-3996-7b6a042a85ae~e=0~g=0~w=0~ag=www.thefirsttv.com~ah=-~ak=HTML5~al=Windows%2010~am=P~at=Chrome%20100~aw=~ax=O~ay=JS-3.13.11~dx=0~os=Windows%2010.0~pd=theoplayer~sa=Desktop~tt=VIDEO%20PROOF:%20Evidence%20Of%20Mail-In%20Ballot%20Fraud~ai=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.75%20Safari/537.36~au=1600x1200~az=1.0~pr=-~pu=https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/~_cd_4504=6257517b32d8eb00015ee52e~_cd_4542=5dfa7c36db4e900001ad2aff~
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/akamai/akamaihtml5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:df:39f::aa5 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:38 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
Expires
Tue, 19 Apr 2022 14:17:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Apr 2022 14:17:37 GMT
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
9a69b23235bae2a3f9a05bd21f547a27d467501715ba6e9dcf2457d85017ac45

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
truncated
/ Frame F81B 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
563d7ff80c95d942a9a933b651c99a8ae45e87a90038052e0087818258834b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F81B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:02:01 GMT
x-content-type-options
nosniff
age
936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 14:02:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F81B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
390676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 01:46:21 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bcb8040a38eb5f6cfc9b625c2b0f2045e4636b5c1f8ba39ffdb4f0f2ebed6046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:05:49 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 00:03:51 GMT
server
nginx
age
708
etag
W/"62561367-8e65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Wl748SF-uV4WlaCf-JE5gSMOY-7FUPcLJijPFersaWLmkzdPQIEqHA==
expires
Tue, 19 Apr 2022 16:05:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66fa77a0ad9af3bcddba8a5547405863961cb515d7b8fd731454a356155f8b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10615
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 9316 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thefirsttv.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5134
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:37 GMT
server-processing-duration-in-ticks
1737
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame C94E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: www.thefirsttv.com
URL: https://www.thefirsttv.com/watch/video-proof-evidence-of-mail-in-ballot-fraud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 21:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
148491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 21:02:46 GMT
9.gif
ma1169-r.analytics.edgekey.net/ 		10 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1169-r.analytics.edgekey.net/9.gif?a=S~b=1fa77e976260710061~c=6d51ce4d-a347-00d2-d9b2-b671578247d3~d=f6db8eaa-1ba9-b156-3996-7b6a042a85ae~e=1~g=0~w=6~ag=www.thefirsttv.com~ah=-~ak=HTML5~al=Windows%2010~am=P~at=Chrome%20100~aw=~ax=O~ay=JS-3.13.11~dx=0.006~os=Windows%2010.0~pd=theoplayer~sa=Desktop~tt=VIDEO%20PROOF:%20Evidence%20Of%20Mail-In%20Ballot%20Fraud~v=0~an=0~ao=6~ap=6~aq=0~ba=900~bb=-~ea=20~en=VIDEO%20PROOF:%20Evidence%20Of%20Mail-In%20Ballot%20Fraud~ft=1~va=1~_cd_4504=6257517b32d8eb00015ee52e~_cd_4542=5dfa7c36db4e900001ad2aff~
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/akamai/akamaihtml5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:df:39f::aa5 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:38 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
Expires
Tue, 19 Apr 2022 14:17:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js?cb=31067133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:17:37 GMT
d617d060-b5db-4202-be3d-8887de51b11e0.ts
gvsm.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/6257517b32d8eb00015ee52f/55096bb169702d070cfa2b00/ 		4 MB
4 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gvsm.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/6257517b32d8eb00015ee52f/55096bb169702d070cfa2b00/d617d060-b5db-4202-be3d-8887de51b11e0.ts?6pLKMQ3y=pLK0uw32&F38b1dF4=625ec47e9d748100015c5507
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F4A) /
Resource Hash
ba458188e66e04db7909e71989d444db999b08ffd7bdfb98d86a8c446baf473c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=Rs6wUw==, md5=JQO7NYOh/QRjRCn0Q84fBw==
date
Tue, 19 Apr 2022 14:17:37 GMT
age
440062
x-guploader-uploadid
ADPycdv5ApWrJtMp6yATQLz0Pk-9vJJtXFM-8jn8iUVMKH4bRtMLaZy2bTJ_4XrzOlN-YeE-mI152OjyDQ_gQ3kQ01CjYQ
x-cache
HIT
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
4422512
last-modified
Wed, 13 Apr 2022 22:44:36 GMT
server
ECAcc (frc/8F4A)
etag
"2503bb3583a1fd04634429f443ce1f07"
access-control-allow-methods
GET,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
x-goog-generation
1649889876465662
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache
access-control-allow-credentials
true
x-goog-stored-content-length
4422512
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:17:36 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=thefirsttv.com&p=%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&u=DAUBEyCC0vc0BlQK9H&d=thefirsttv.com&g=60471&g0=Video&g1=The%20First&n=1&f=00001&c=0&x=0&m=0&y=3451&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4812&t=D4Gf69tHHT9gm_94nLPfGDsHirn&V=131&i=VIDEO%20PROOF%3A%20Evidence%20Of%20Mail-In%20Ballot%20Fraud&tz=0&sn=1&sv=Ckda2jTMiGcCwDIxXsuZUAC5QeDg&sd=1&im=067b0ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.213.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-213-165.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CFA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
629
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:07:08 GMT
expires
Wed, 19 Apr 2023 14:07:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4DC0 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31cb6a50b77f613f5024aa6611bf88180e62078c07a944fc8f56d3f6acb8d31e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VeKcHMVlEv1GmMBajHlSSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-VeKcHMVlEv1GmMBajHlSSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:37 GMT
expires
Tue, 19 Apr 2022 14:17:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 9316
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thefirsttv.com&sn=ChromeSyncframe&so=0&topUrl=www.thefirsttv.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=a2CkpHxUdUpXUFN1Z2Z0elVMOTJYem4ydUVzRlduaTlTM2dHRXNDQnhkRFd4ZmZCcHJYUHFiVGVhc2hUalBOVnRiL2R6bWpxNnFpa3ZKaStxL2RSZWh6MjF5aWNlcU9BQkFKVFE1VDd5SHl3WThlYW81SE44ZHRtd0orUU...
419 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=a2CkpHxUdUpXUFN1Z2Z0elVMOTJYem4ydUVzRlduaTlTM2dHRXNDQnhkRFd4ZmZCcHJYUHFiVGVhc2hUalBOVnRiL2R6bWpxNnFpa3ZKaStxL2RSZWh6MjF5aWNlcU9BQkFKVFE1VDd5SHl3WThlYW81SE44ZHRtd0orUUcrOUNvN3hDNzl4Wk5paXg2L2M4TU1MWW13eWdTTjQrOUdlcWtybEhPcjluZEI5RFJqV1RPdHltYlgrZU9JbGtQRTRFYS9WeVNvOFZ2QjhIWG1GOHlBVUdBaHFFcFBkeHZlMFdzWEY1VWFpMkJjYkxWdFRObXk2M0xKRGhRZnRDN0VoK1dOKzB2RFp5NHJhbDBkTUt3alVOK1RadGVmZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
083a85915a490114239676d8b56d758573e56ad90850ace2c19400cc4e1ececd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:37 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4587
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:37 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=a2CkpHxUdUpXUFN1Z2Z0elVMOTJYem4ydUVzRlduaTlTM2dHRXNDQnhkRFd4ZmZCcHJYUHFiVGVhc2hUalBOVnRiL2R6bWpxNnFpa3ZKaStxL2RSZWh6MjF5aWNlcU9BQkFKVFE1VDd5SHl3WThlYW81SE44ZHRtd0orUUcrOUNvN3hDNzl4Wk5paXg2L2M4TU1MWW13eWdTTjQrOUdlcWtybEhPcjluZEI5RFJqV1RPdHltYlgrZU9JbGtQRTRFYS9WeVNvOFZ2QjhIWG1GOHlBVUdBaHFFcFBkeHZlMFdzWEY1VWFpMkJjYkxWdFRObXk2M0xKRGhRZnRDN0VoK1dOKzB2RFp5NHJhbDBkTUt3alVOK1RadGVmZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2048
content-length
541
expires
0
k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
pagead2.googlesyndication.com/bg/ Frame 1CFA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 08:00:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
22606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13613
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 08:00:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4DC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=4357353102475156&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
9a69b23235bae2a3f9a05bd21f547a27d467501715ba6e9dcf2457d85017ac45

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.thefirsttv.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
generate_204
tpc.googlesyndication.com/ Frame 1CFA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gH85Lw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
form
api.getdrip.com/client/events/ 		84 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.getdrip.com/client/events/form?visitor_uuid=29d619f10114499e99190224fa53ac07&drip_account_id=180246&form_id=177971&_action=auto_open&url=https%3A%2F%2Fwww.thefirsttv.com%2Fwatch%2Fvideo-proof-evidence-of-mail-in-ballot-fraud%2F&callback=Drip_211198943
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-59.dus51.r.cloudfront.net
Software
/
Resource Hash
5b96bb21ea3e92f985c21a2a4a222650a481c9daf33c902582b3e1bb5553b412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:38 GMT
via
1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
84
x-permitted-cross-domain-policies
none
x-amz-cf-pop
DUS51-P2
x-amzn-requestid
263be710-242e-4911-b722-5bf1e7b8d247
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
Q1OkZETUoAMFVEg=
content-length
84
x-xss-protection
1; mode=block
x-request-id
fcfd8ca3-2676-488d-9956-12c77d5bea58
x-runtime
0.019775
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"5b96bb21ea3e92f985c21a2a4a222650"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 19 Apr 2022 14:17:38 GMT
x-amz-cf-id
Z-Xl7uss2KpRurSs71B5nJjwPclyTkF0pjm5FGtofYYZ5nsQfdvd5w==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=4357353102475156&bg=!ycqlyo7NAAZvJBiFTyQ7ACkAdvg8Wibxobhqtvhm-RBFgG5RBrNGGuCUdBOfkrnTs9_J1WzTKmRdZAIAAACHUgAAAANoAQeZAqD6M4r-Rjtx69wpkV7KL_39fZdmZyLEi_T4paliUoG_sGfUftkm7G2fxIwxcH6SNavUG3zGVGCLckHLH87XeXYmRJyPVNpcc9KLoWWSy2BVHj9h_TsIgHH8Y27Ym86ivucySkWIdsGox1DSXp5FaHgPKhpf13XtEI0Dt6qV23_aTv4eBh14Xo4-wmyAvL6MQzAIGLDyGFFeUmp5c1KFVPYUFEpsKFf-4Pohx-xjLspH7Qu8EU_ZUpSM0L6SPpCM7aKXssdsvOXW3Ppgn27QrXktLd7ZpkA9ALfh76tB1agtJaLBUt-8f4SAMddlxY9lVQR1s8yavr6qyv0zddDCNxOn3xLLy97IoDA4TtUiDbpm0Fma4r89ZnRxsMCG0ONRvU1N0czXowBDIt4_fJVfjFvpmwMxDHbtiUvTOFLPKZjdY3ahUqqYndCvrGjRgGvzzXi7Ujp1FlzWhKrT717yWKeDALVQIG3rDTWyRRitx_eB4Kmlgq4sDg5-AOIsJgaUIuXqkpmZFyxc0UD46ThVXXshjw-D53MObv25Tfd-vrC21G1-2Kjnrt1FjUHohHfptUBwoJFS7zhNqhdLghvqXGumyPgepXEps2n4aSE6pIzunMuVZslD9s8ELNLo77xvqOx21Q7KjpTfLm_8cVTTyKxLFtxhficjICY0gaPip-iyN-5AUtN1rnUJ3Q8z-VlcFRbiOUdiIT64w-oJNm9ZwpFO-msJNz9OsSxC31YwoB_0DOOpi8gj7kQ7ylNIfh6s86ijxThXjBrRkCu6BU9cb6t41HinWhgs5HBCyjtab86mWyXbczpyXoEYr60bwnKxiwEOCk4R2qMYsCq_mwMF8ZSvKyXGPmXQ_D6UCQ3_E-waV3eiuEjiR9OkLc2vJYcNE08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
d617d060-b5db-4202-be3d-8887de51b11e1.ts
gvsm.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/6257517b32d8eb00015ee52f/55096bb169702d070cfa2b00/ 		3 MB
3 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gvsm.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/6257517b32d8eb00015ee52f/55096bb169702d070cfa2b00/d617d060-b5db-4202-be3d-8887de51b11e1.ts?6pLKMQ3y=pLK0uw32&F38b1dF4=625ec47e9d748100015c5507
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE7) /
Resource Hash
626912d286cba976bf83a8c6b857e74b3c226d5f9dd9eff6298c57fa33eed3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=wWL+0A==, md5=Ny2A9dDq9pqJPAtMhMUQ8Q==
date
Tue, 19 Apr 2022 14:17:40 GMT
age
440063
x-guploader-uploadid
ADPycdtRImOOX25-bIAlWtkWn6ilGG1MwBk9Mreyj9-U9bjoCXuQoPEYKPHCvtxIHM70OBMnk2wyfhEijhNYIFhA141AJ7ax9wQt
x-cache
HIT
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
3605464
last-modified
Wed, 13 Apr 2022 22:44:37 GMT
server
ECAcc (frc/8FE7)
etag
"372d80f5d0eaf69a893c0b4c84c510f1"
access-control-allow-methods
GET,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
x-goog-generation
1649889877336849
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache
access-control-allow-credentials
true
x-goog-stored-content-length
3605464
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:17:39 GMT
eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTQ1YmUxZGE2OTcwMmQyZjdhMDEwMDAwL2U0...
mf.zype.com/ 		6 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mf.zype.com/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTQ1YmUxZGE2OTcwMmQyZjdhMDEwMDAwL2U0NDYwYzhjLTIyMDQtNGM4Ny04NTAzLThmY2Y3MTIwMzJhZi5tM3U4IiwicGFyYW1zIjp7IjZwTEtNUTN5IjoicExLMHV3MzIiLCJGMzhiMWRGNCI6IjYyNWVjNDdlOWQ3NDgxMDAwMTVjNTUwNyJ9LCJleHAiOjE2NTAzODg2NTZ9.yu8I2HtJhbwUEaUkJdNnr7_kwnNxu_X7mbVDVRwW-D8
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-112.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
7720265dcf7e307f10f94118d99d0bab6949bb36c52325ff614249f0639daad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:40 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
etag
W/"19f0-zosI38bMm6184RCXnfGjMJHD5A8"
x-amzn-remapped-content-length
6640
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
x-amzn-requestid
f2f330d1-078b-4c33-bf2f-958f320a9ae0
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625ec484-545bb4e37035a53625c8ac1d;Sampled=0
x-amz-apigw-id
Q1OkvHwzIAMFwmQ=
content-length
6640
x-amz-cf-id
lJ02pgZCH_MZTeQ-lSdUT7PSW3Wit24q4PApcfZ_tF0LW9jkvLnAzA==
StreamProducer
beacons.mediamelon.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://beacons.mediamelon.com/StreamProducer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.212.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-212-203.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.thefirsttv.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,origin,x-requested-with,range,content-type,accept
access-control-allow-methods
HEAD,POST,GET,OPTIONS,PUT
access-control-allow-origin
*
access-control-max-age
1800
content-length
0
date
Tue, 19 Apr 2022 14:17:40 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
StreamProducer
beacons.mediamelon.com/ 		3 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacons.mediamelon.com/StreamProducer
Requested by
Host: mediamelon-builds.s3.amazonaws.com
URL: https://mediamelon-builds.s3.amazonaws.com/MM-RELEASE-BUILDS/1432265447/theoWeb/mmsmartstreaming-theo-ssai.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.212.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-212-203.compute-1.amazonaws.com
Software
/
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 19 Apr 2022 14:17:40 GMT
content-length
3
content-type
text/plain;charset=ISO-8859-1
8231682820
register.mediamelon.com/mm-apis/register/ 		262 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://register.mediamelon.com/mm-apis/register/8231682820?sdkVersion=mediaTailor-beta1&hintFileVersion=2&EP_SCHEMA_VERSION=2&platform=Browser&qmetric=true&statistics=false&log_level=2&component=THEOSDK&mode=QBRDisabled
Requested by
Host: mediamelon-builds.s3.amazonaws.com
URL: https://mediamelon-builds.s3.amazonaws.com/MM-RELEASE-BUILDS/1432265447/theoWeb/mmsmartstreaming-theo-ssai.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.129.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-129-229.compute-1.amazonaws.com
Software
akka-http/10.1.5 /
Resource Hash
131a712745978586e76564e2bf6877419df0b255e5eaf724a60813deb0e7bb08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.thefirsttv.com
date
Tue, 19 Apr 2022 14:17:40 GMT
access-control-allow-credentials
true
server
akka-http/10.1.5
content-length
262
content-type
application/json
/
license.theoplayer.com/ 		0
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://license.theoplayer.com/
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.198.33.89 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.33.89.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thefirsttv.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
Date
Tue, 19 Apr 2022 14:17:40 GMT
connection
close
Transfer-Encoding
chunked
access-control-allow-methods
POST
icon
onesignal.com/api/v1/apps/99923bac-9bd5-4910-ba76-794b55b6e591/ 		178 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/99923bac-9bd5-4910-ba76-794b55b6e591/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f0863980e3225c3c8b493bcb34436b84a09debd02a18c9bba162daf6176312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7e8cbd2a-a046-4346-8d4e-bdeff1dfeb2d
x-runtime
0.006378
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"14f0863980e3225c3c8b493bcb34436b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6fe643dc8c54696f-FRA
access-control-allow-headers
SDK-Version
eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTQ1YmUxZGE2OTcwMmQyZjdhMDEwMDAwL2U0...
mf.zype.com/ 		6 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mf.zype.com/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTQ1YmUxZGE2OTcwMmQyZjdhMDEwMDAwL2U0NDYwYzhjLTIyMDQtNGM4Ny04NTAzLThmY2Y3MTIwMzJhZi5tM3U4IiwicGFyYW1zIjp7IjZwTEtNUTN5IjoicExLMHV3MzIiLCJGMzhiMWRGNCI6IjYyNWVjNDdlOWQ3NDgxMDAwMTVjNTUwNyJ9LCJleHAiOjE2NTAzODg2NTZ9.yu8I2HtJhbwUEaUkJdNnr7_kwnNxu_X7mbVDVRwW-D8
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-112.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
7720265dcf7e307f10f94118d99d0bab6949bb36c52325ff614249f0639daad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:40 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
etag
W/"19f0-zosI38bMm6184RCXnfGjMJHD5A8"
x-amzn-remapped-content-length
6640
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
x-amzn-requestid
488c49aa-ef64-4e77-8d50-2f45921769ea
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625ec484-13ad22a66afdaa451f4eda91;Sampled=0
x-amz-apigw-id
Q1OkzHd2IAMFgSw=
content-length
6640
x-amz-cf-id
eBQsY4QzIu3BBS1t-FFT0YNdY0yvq6CsDCzkZiZeWySwgJhUu3ul3A==
favicon-300x300.png
tf-a1.azureedge.net/static/images/favicon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-a1.azureedge.net/static/images/favicon/favicon-300x300.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD8) /
Resource Hash
1442734fd8c6fc75fcc8b7781997c8f08f5a30d82b8385fa48d19311346b71aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Apr 2022 14:17:40 GMT
content-md5
MGHxAb+MVrEaU7BKXfvtPw==
age
1065036
x-ms-server-encrypted
true
x-cache
HIT
content-length
3120
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Tue, 22 Oct 2019 16:12:11 GMT
last-modified
Fri, 14 Feb 2020 17:47:08 GMT
server
ECAcc (frc/8FD8)
x-ms-error-code
ConditionNotMet
etag
"0x8D7B175E9680C20"
content-type
image/png
x-ms-request-id
e7a9ffac-301e-0012-2c48-4a5ccd000000
cache-control
public, max-age=2592000
x-ms-version
2019-02-02
accept-ranges
bytes
eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTUwOTZiYjE2OTcwMmQwNzBjZmEyYjAwL2Q2...
mf.zype.com/ 		6 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mf.zype.com/eyJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczovL2d2c20uenlwZS5jb20vNWRmYTdjMzZkYjRlOTAwMDAxYWQyYWZmLzYyNTc1MTdiMzJkOGViMDAwMTVlZTUyZS82MjU3NTE3YjMyZDhlYjAwMDE1ZWU1MmYvNTUwOTZiYjE2OTcwMmQwNzBjZmEyYjAwL2Q2MTdkMDYwLWI1ZGItNDIwMi1iZTNkLTg4ODdkZTUxYjExZS5tM3U4IiwicGFyYW1zIjp7IjZwTEtNUTN5IjoicExLMHV3MzIiLCJGMzhiMWRGNCI6IjYyNWVjNDdlOWQ3NDgxMDAwMTVjNTUwNyJ9LCJleHAiOjE2NTAzODg2NTZ9.GD0LzvVTK225_4Dk6IEkPq_Hit5YwY8jjC5d4FCzdQQ
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-112.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
0e03ced83bf54216a0da5d88660920ace060957822e4ae1dc18cd934afc6024a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:41 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
etag
W/"19f0-LZ2duKinv0JEBC96g2xg/aG+AIc"
x-amzn-remapped-content-length
6640
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
x-amzn-requestid
270bace7-db55-452d-b456-7b4be175670e
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625ec485-43fc21530956ab5b2cd3a8ac;Sampled=0
x-amz-apigw-id
Q1Ok6GDEoAMF9JQ=
content-length
6640
x-amz-cf-id
dHWMuQCbuLn2erWRgu8IK5W5X8RW6zAxzp-b6XSBgZa_vG2U-bhw1w==
d617d060-b5db-4202-be3d-8887de51b11e2.ts
gvsm.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/6257517b32d8eb00015ee52f/55096bb169702d070cfa2b00/ 		3 MB
3 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gvsm.zype.com/5dfa7c36db4e900001ad2aff/6257517b32d8eb00015ee52e/6257517b32d8eb00015ee52f/55096bb169702d070cfa2b00/d617d060-b5db-4202-be3d-8887de51b11e2.ts?6pLKMQ3y=pLK0uw32&F38b1dF4=625ec47e9d748100015c5507
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/player/2.78.1.un.rc/zypeplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FFC) /
Resource Hash
ba7486e4108919a1a689c2a5d345afe9d2b5bddd1eb746dfc28ebdb4ed94ea2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=q+2UPg==, md5=U0qdYTkWsApO0y+kWFfnhg==
date
Tue, 19 Apr 2022 14:17:41 GMT
age
440061
x-guploader-uploadid
ADPycdvjBV2wbx3VHadGUbZuk8v7LXHd1T1HMRr_LpHr4-5sxWkiziJwEsOdjKfTxTjzz3H_Fhwqu2KkZBGDBtYziflZ
x-cache
HIT
x-goog-storage-class
NEARLINE
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
3430436
last-modified
Wed, 13 Apr 2022 22:44:37 GMT
server
ECAcc (frc/8FFC)
etag
"534a9d613916b00a4ed32fa45857e786"
access-control-allow-methods
GET,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
x-goog-generation
1649889877228584
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache
access-control-allow-credentials
true
x-goog-stored-content-length
3430436
accept-ranges
bytes
expires
Tue, 19 Apr 2022 14:17:40 GMT
checksync.php
contextual.media.net/ Frame 43E2 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.212.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
4c58180cd3e861ea6b65f7fc286d561f7aa32b9abdf9062dd3999514a47903d8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8274
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 14:17:42 GMT
expires
Thu, 21 Apr 2022 14:17:42 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame D6E7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.239 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 19 Apr 2022 14:17:42 GMT
ETag
"623de86a-cf34"
Expires
Wed, 20 Apr 2022 14:17:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0A71 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Apr 2022 14:17:42 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FB3C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.239 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 19 Apr 2022 14:17:42 GMT
ETag
"623de86a-cf34"
Expires
Wed, 20 Apr 2022 14:17:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC9D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55038
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 14:17:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 20 Apr 2022 05:35:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9568 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Apr 2022 14:17:42 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame B2CE 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.212.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
4c58180cd3e861ea6b65f7fc286d561f7aa32b9abdf9062dd3999514a47903d8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8274
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 14:17:42 GMT
expires
Thu, 21 Apr 2022 14:17:42 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 4743 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Apr 2022 14:17:42 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9461 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.thefirsttv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55038
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 14:17:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 20 Apr 2022 05:35:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
9.gif
ma1169-r.analytics.edgekey.net/ 		10 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ma1169-r.analytics.edgekey.net/9.gif?a=P~b=1fa77e976260710061~c=6d51ce4d-a347-00d2-d9b2-b671578247d3~d=f6db8eaa-1ba9-b156-3996-7b6a042a85ae~e=2~g=0~w=5961~ag=www.thefirsttv.com~ah=-~ak=HTML5~al=Windows%2010~am=P~at=Chrome%20100~aw=~ax=O~ay=JS-3.13.11~dx=5.955~os=Windows%2010.0~pd=theoplayer~sa=Desktop~tt=VIDEO%20PROOF:%20Evidence%20Of%20Mail-In%20Ballot%20Fraud~m=PL~v=0~x=1772~y=0~z=2~ap=6~aq=0~ba=900~bb=-~da=4183~dd=0~de=0~dg=0~dh=0~dj=-~dw=1~ea=20~en=VIDEO%20PROOF:%20Evidence%20Of%20Mail-In%20Ballot%20Fraud~fd=0~fe=0~fi=3153920:0:1772::1~fk=S:0,Q:0,D:1772~fl=5588746240:1772~rs=0:-1;2:1868;1870:2315~_cd_4504=6257517b32d8eb00015ee52e~_cd_4542=5dfa7c36db4e900001ad2aff~
Requested by
Host: resources.zype.com
URL: https://resources.zype.com/akamai/akamaihtml5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:df:39f::aa5 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thefirsttv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10
Expires
Tue, 19 Apr 2022 14:17:42 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A87C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5c6e689f114889d9a7d4fbcdb6008c7350a2a19d1a9d9df73ba072e0f68bb3db

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1591
Content-Type
text/html
Date
Tue, 19 Apr 2022 14:17:42 GMT
Dropped-Udsids
230|241|39|45|8|3|196|5
Expires
Tue, 19 Apr 2022 14:17:42 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
349
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 19 Apr 2022 14:17:42 GMT
Expires
Tue, 19 Apr 2022 14:17:42 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.js
eus.rubiconproject.com/ Frame 9568 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a2fa413c1092e719bc3ba1b97d9654b6f9754d601d28bf4ffe160694da55cff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23387
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Tue, 19 Apr 2022 20:47:29 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E99B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f08a9ef4b0047a78cc8d947fe5aa72e7c9fc7d1d95d004de88ab03ee5e25d3f1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1715
Content-Type
text/html
Date
Tue, 19 Apr 2022 14:17:42 GMT
Dropped-Udsids
39|45|241|230|51|31|13|57
Expires
Tue, 19 Apr 2022 14:17:42 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
349
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 19 Apr 2022 14:17:42 GMT
Expires
Tue, 19 Apr 2022 14:17:42 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
PugMaster
image6.pubmatic.com/AdServer/ Frame FC9D 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77303921&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
940b7eabbe1c9e437fd5e14a16339efc7a4856b1acb1e52fab1d4c21e84b0a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:42 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame D6E7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
746367e8-4851-46c9-91f4-cee233d885f6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FB3C 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
109c3489-06b4-44d7-9fe3-6741a7f549cd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 9568 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2OEQzSVEtRy0zT1hM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2OEQzSVEtRy0zT1hM
Protocol
H3
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI2OEQzSVEtRy0zT1hM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rmpj99r9-EbQPvg3mMifmQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=300619173170518649
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=300619173170518649
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Tue, 19 Apr 2022 14:17:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=300619173170518649
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9568
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=160028vnSMOLw6nHcFm7kg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=160028vnSMOLw6nHcFm7kg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=160028vnSMOLw6nHcFm7kg
Protocol
HTTP/1.1
Server
52.94.220.185 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CJR1WWX79QH472YRRAK1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=160028vnSMOLw6nHcFm7kg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 9568 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 9568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAyOqR7JqZV8J1httEyROaI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAyOqR7JqZV8J1httEyROaI&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAyOqR7JqZV8J1httEyROaI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 9568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L268D3IQ-G-3OXL&sigv=1&esig=2~544403f3fd6cf252372daad929adc1da09cdea8f
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L268D3IQ-G-3OXL&sigv=1&esig=2~544403f3fd6cf252372daad929adc1da09cdea8f
Protocol
H2
Server
2a00:1288:80:807::2 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L268D3IQ-G-3OXL&sigv=1&esig=2~544403f3fd6cf252372daad929adc1da09cdea8f
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NzhhZmJjMTM2ODY5ZGI4ZGQxNTcyZTI3ZjM4ODlhOTcyODFjMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NzhhZmJjMTM2ODY5ZGI4ZGQxNTcyZTI3ZjM4ODlhOTcyODFjMA
Protocol
H3
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M5NzhhZmJjMTM2ODY5ZGI4ZGQxNTcyZTI3ZjM4ODlhOTcyODFjMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A87C 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A87C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.3 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K9EHP76TMXH8M8N43ZGF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
24JSTY6AHD69M8KEZASC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7EhvIAAc5d4MZ1t-RqtAAABGYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A87C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A87C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl7Ehpn9HpjTSFXoo7ywXQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A87C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1d06c63d-ad32-42ab-b010-d2f57a2a1227&expiration=1681913862
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1d06c63d-ad32-42ab-b010-d2f57a2a1227&expiration=1681913862
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:42 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1d06c63d-ad32-42ab-b010-d2f57a2a1227&expiration=1681913862
date
Tue, 19 Apr 2022 14:17:42 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A87C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6130625e-c487-4f00-a43e-8561f60628a3&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6130625e-c487-4f00-a43e-8561f60628a3&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:43 GMT

Redirect headers

Date
Tue, 19 Apr 2022 14:17:43 GMT
Server
MT3 4335 2c68c00 master pao-pixel-x22 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6130625e-c487-4f00-a43e-8561f60628a3&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Apr 2022 14:17:42 GMT
crum
dsum-sec.casalemedia.com/ Frame A87C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:42 GMT

Redirect headers

date
Tue, 19 Apr 2022 14:17:42 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ix
ad4m.at/ad/sim/ Frame A87C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A87C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yl7EhvIAAc5d4MZ1t.RqtAAA%261126
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:42 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2078
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:52:20 GMT
casale
match.adsrvr.org/track/cmf/ Frame E99B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E99B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl7Ehpn9HpjTSFXoo7ywXQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECmgrYCBb1ThhTkWEgu-g9E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E99B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.3 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
A4H5E6Y6QHWP0XK368WW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4QQRV9P9GXYB3P40J5MS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E99B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl7Ehpn9HpjTSFXoo7ywXQAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E99B 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.174.248 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
noop
px.owneriq.net/ Frame E99B
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7036642621990075442&uid=Q7036642621990075442&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
104.89.45.32 -, , ASN (),
Reverse DNS
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame E99B
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:42 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Tue, 19 Apr 2022 14:17:42 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
crum
dsum-sec.casalemedia.com/ Frame E99B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084920482419468
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084920482419468
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:17:42 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084920482419468
Date
Tue, 19 Apr 2022 14:17:42 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E99B 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yl7Ehpn9HpjTSFXoo7ywXQAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thefirsttv.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 14:17:42 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2078
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 19 Apr 2022 14:52:20 GMT
match
c1.adform.net/serving/cookie/ Frame 2B1F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 19 Apr 2022 14:17:43 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 19 Apr 2022 14:17:43 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1B30 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 19 Apr 2022 14:17:43 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4071-HHN
x-timer
S1650377863.203979,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame C2B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ad1625e-c487-4e00-b257-e32ab70696a1&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ad1625e-c487-4e00-b257-e32ab70696a1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug025:0:484

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 19 Apr 2022 14:17:43 GMT
Expires
Tue, 19 Apr 2022 14:17:42 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master pao-pixel-x4 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ad1625e-c487-4e00-b257-e32ab70696a1&gdpr=0&gdpr_consent=
adx
match.prod.bidr.io/cookie-sync/ Frame 363F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDaGkwN0V2WWtBQURoUTVjakdWdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.7.127 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Tue, 19 Apr 2022 14:17:43 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
bridge
cm.adgrx.com/ Frame B1E5 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.52.31.49 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 19 Apr 2022 14:17:43 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
sjc-delivery-8
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 6B3C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug013:0:388

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 14:17:42 GMT
expires
Tue, 19 Apr 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1494706
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 2C94 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 19 Apr 2022 14:17:42 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 120F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:udtAqyQm1NGOFN5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:udtAqyQm1NGOFN5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug024:0:421

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 19 Apr 2022 14:17:42 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:udtAqyQm1NGOFN5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-022b0454a7aa0bd60@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F628
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664186172074
42 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664186172074
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug028:0:524

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664186172074
i.match
s.tribalfusion.com/z/ Frame B55F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fe643eefea69b49-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fe643ed6b789b49-FRA
content-type
text/html
date
Tue, 19 Apr 2022 14:17:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
4890
noop
px.owneriq.net/ Frame D7AF
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.45.32 -, , ASN (),
Reverse DNS
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 19 Apr 2022 14:17:43 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 19 Apr 2022 14:17:43 GMT
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Server
AkamaiGHost
usersync
match.bnmla.com/ Frame 5DC0 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 19 Apr 2022 14:17:43 GMT
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 13F3
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=4f68d4b0-fd77-4a61-892f-211fd1c0e2a6
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=4f68d4b0-fd77-4a61-892f-211fd1c0e2a6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug017:0:393

Redirect headers

content-length
0
date
Tue, 19 Apr 2022 14:17:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=4f68d4b0-fd77-4a61-892f-211fd1c0e2a6
strict-transport-security
max-age=15724800; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 172C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=1d06c63d-ad32-42ab-b010-d2f57a2a1227&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
42 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.37.161 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Tue, 19 Apr 2022 14:17:43 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 19 Apr 2022 14:17:43 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug022:0:550
Pug
simage2.pubmatic.com/AdServer/ Frame A874
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Apr 2022 14:17:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug013:2:288

Redirect headers

content-length
0
date
Tue, 19 Apr 2022 14:17:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xW4GKEQyT6ivq3wYFf2FWg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
23.35.228.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:42 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55038
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 20 Apr 2022 05:35:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame FC9D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:42 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a998625e-c487-4700-8ccc-be064800a9d5
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a998625e-c487-4700-8ccc-be064800a9d5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 19 Apr 2022 14:17:43 GMT
Server
MT3 4335 2c68c00 master pao-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a998625e-c487-4700-8ccc-be064800a9d5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Apr 2022 14:17:42 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzU2RTA2MjgtNDQzMi00RkE4LUFGQUItN0MxODE1RkQ4NTVB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:406
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKjD0PqNtyojo_q_W1S3iFI&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKjD0PqNtyojo_q_W1S3iFI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:460
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKjD0PqNtyojo_q_W1S3iFI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FC9D 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 18 Apr 2022 14:17:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3358207684545962194&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3358207684545962194&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:534
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3358207684545962194&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da717259-5f23-43a8-b222-915439826ac3
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da717259-5f23-43a8-b222-915439826ac3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:593
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da717259-5f23-43a8-b222-915439826ac3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
C56E0628-4432-4FA8-AFAB-7C1815FD855A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FC9D 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C56E0628-4432-4FA8-AFAB-7C1815FD855A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:9290:fe02:2ee8:2378 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WCQIpqZE2uWvhXvvg7t.iOM1i7IeEiI-~A&gdpr=0&gdpr_consent=
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WCQIpqZE2uWvhXvvg7t.iOM1i7IeEiI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WCQIpqZE2uWvhXvvg7t.iOM1i7IeEiI-~A&gdpr=0&gdpr_consent=
date
Tue, 19 Apr 2022 14:17:43 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3993354963865332781&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3993354963865332781&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:387
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:42 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
362dd480-4b0c-4d69-b1af-d544c3e634c8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3993354963865332781&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7a6b8878-bfeb-11ec-9ef8-b58c47202952&gdpr=0&gdpr_consent=
1 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7a6b8878-bfeb-11ec-9ef8-b58c47202952&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug030:0:484
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=7a6b8878-bfeb-11ec-9ef8-b58c47202952&gdpr=0&gdpr_consent=
Date
Tue, 19 Apr 2022 14:17:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
7a6b8879-bfeb-11ec-9ef8-b58c47202952
current
pubmatic-match.dotomi.com/match/bounce/ Frame FC9D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame FC9D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cWVmEyRja0ZqYjEUI2R-RHc2akRqYzFAdGeyCXJZ
42 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cWVmEyRja0ZqYjEUI2R-RHc2akRqYzFAdGeyCXJZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cWVmEyRja0ZqYjEUI2R-RHc2akRqYzFAdGeyCXJZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920482419468&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3302f104-d4d4-4600-8c8e-d1b9e721c24c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3302f104-d4d4-4600-8c8e-d1b9e721c24c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:471
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3302f104-d4d4-4600-8c8e-d1b9e721c24c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 19 Apr 2022 14:17:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8262819883627744097
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8262819883627744097
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:345
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:43 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8262819883627744097
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame FC9D 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC9D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3993354963865332781
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3993354963865332781
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug024:0:348
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:43 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
315d40e9-cfec-41f0-8b29-d78364b020a1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3993354963865332781
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D6E7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:43 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
66593a9e-12e7-47dc-9af9-de3ab13d6eec
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FB3C 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 14:17:43 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9cfe8068-46c0-434c-8c0b-3abe7bd14920
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FC9D 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 9461 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39524871&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
886b1a4de8fadde2eec3cb56bea66d0b89676ee09822f4433f54ef8c77cc7643

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1573
content-type
text/html; charset=UTF-8
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 99FB
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d151d505-344e-48e8-9f4b-332bf7cca69d-tuct9584a09&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d151d505-344e-48e8-9f4b-332bf7cca69d-tuct9584a09&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Tue, 19 Apr 2022 14:17:45 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4022-HHN
x-timer
S1650377866.926462,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Tue, 19 Apr 2022 14:17:45 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d151d505-344e-48e8-9f4b-332bf7cca69d-tuct9584a09&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4068-HHN
x-timer
S1650377866.843272,VS0,VE9
x-vcl-time-ms
9
Pug
simage2.pubmatic.com/AdServer/ Frame C523
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650377865922
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug019:0:457

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 19 Apr 2022 14:17:45 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame A829
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:419F89DCFE4B4452BBC1E26AD2101BF0
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:419F89DCFE4B4452BBC1E26AD2101BF0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 19 Apr 2022 14:17:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug021:0:351

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Tue, 19 Apr 2022 14:17:45 GMT
expires
Mon, 18 Apr 2022 14:17:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:419F89DCFE4B4452BBC1E26AD2101BF0
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
pubmatic
gocm.c.appier.net/ Frame 08BA 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame FD0D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YyIFG68WQ2hC1JcNWE3wh9ly14U
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YyIFG68WQ2hC1JcNWE3wh9ly14U
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 19 Apr 2022 14:17:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug004:0:579

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Apr 2022 14:17:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YyIFG68WQ2hC1JcNWE3wh9ly14U
/
loada.exelator.com/load/ Frame 9461
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C56E0628-4432-4FA8-AFAB-7C1815FD855A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=da717259-5f23-43a8-b222-915439826ac3&icm
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=8262819883627744097&gdpr=1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 9461
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&addseg=19,36,42
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 9461
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C56E0628-4432-4FA8-AFAB-7C1815FD855A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C56E0628-4432-4FA8-AFAB-7C1815FD855A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C56E0628-4432-4FA8-AFAB-7C1815FD855A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:43 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:43 GMT
frontend-id
5
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C56E0628-4432-4FA8-AFAB-7C1815FD855A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 9461 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.148.208 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:45 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 9461 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.218.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 14:17:45 GMT
content-length
0
content-type
text/plain
d1ba4609
rtb.gumgum.com/getuid/ Frame 9461 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.100.43 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Apr 2022 14:17:45 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/core/bridge3.510.1_en.html
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
loada.exelator.com
URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C56E0628-4432-4FA8-AFAB-7C1815FD855A&addseg=19,36,42

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails number| _sf_startpt function| gtag object| dataLayer object| freestar function| OneSignal object| google_tag_manager function| fbq function| _fbq object| google_tag_data string| GoogleAnalyticsObject function| ga object| _sf_async_config object| _dcq object| _dcs object| gaplugins object| gaGlobal object| gaData object| _dcfg object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| EntryDate object| ExternalLinks object| Modal object| MobileMenu object| Social object| Track object| Zype function| Slideout object| wp object| intlTelInputGlobals object| _dc undefined| Drip_547876670 number| __oneSignalSdkLoadCount function| __jp0 object| recaptcha object| closure_lm_153695 object| fsdata object| fsprebid function| load_script object| googletag function| fsprebidChunk object| _pbjsGlobals object| mnet function| Tapad object| ggeac object| google_js_reporting_queue undefined| Drip_217906011 undefined| Drip_790135199 object| ats function| AkaHTML5MediaAnalytics function| setAkamaiMediaAnalyticsData function| akamaiPlaybackCompleted function| akamaiGetViewerId function| akamaiSetStreamURL function| akamaiSetURLManifest function| akamaiSetViewerId function| akamaiSetViewerDiagnosticsId function| akamaiUpdateAdObject function| akamaiHandleAdStarted function| akamaiHandleAdCompleted function| akamaiHandleAdLoaded function| akamaiHandleAdFirstQuartile function| akamaiHandleAdMidPoint function| akamaiHandleAdThirdQuartile function| akamaiHandleAdError function| akamaiHandleAdStopped function| akamaiHandleStreamSwitch function| akamaiHandleTitleSwitch function| akamaiSetupAIS function| akamaiHandleBitRateSwitch function| akamaiHandleApplicationExit function| akamaiSetVideoObject function| akamaiSubscribeVideoObject function| akamaiEnableLocation function| akamaiDisableServerIpLookup function| akamaiEnableServerIpLookup function| akamaiHandleError function| fragmentDownloadStarted function| fragmentDownloadCompleted function| akamaiFragmentDownloadStarted function| akamaiFragmentDownloadCompleted undefined| google_measure_js_timing object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| THEOplayer function| P object| cast object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| _qevents object| Criteo function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _0xba54 function| loadPolyfill function| MMChunkInformation function| MMRepresentation function| MMPresentationInfo object| MMAdState function| MMAdInfo object| MMPlayerState object| MMQBRMode object| MMConnectionInfo object| MMOverridableMetric object| MMSTREAMSMARTERCONSTANTS function| MMMD5 function| ObjectIron function| MMX2JS function| _defineEnumerableProperties function| _defineProperty function| _typeof object| MMAdvertisentInformation object| MMExperienceProbeState function| ExperienceProbe function| HttpUtil object| MMEXPERIENCEPROBEMETRICS object| QBRFactoryMaker object| MMLogger object| utils function| MMSmartStreamingImpl object| MMSmartStreaming object| mmStreamType function| mmMediaTailorSSAIPlugin object| VAST function| mmTheoJSAdapter object| ad_sources object| theoconfig function| __onGCastApiAvailable object| closure_lm_220731 object| theoplayer object| per string| AKAMAI_MEDIA_ANALYTICS_CONFIG_FILE_PATH number| zypePlayerVersion object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| amaURLUtility object| streamError function| streamInfoBase function| hlsStreamInfo function| dashStreamInfo function| nonAdaptiveStream function| StreamTypeDetector object| fragmentState function| fragment function| streamFragments function| hlsStream number| offset number| end object| closure_lm_852765 object| ampInaboxIframes object| ampInaboxPendingMessages object| match string| parentKey string| key object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 number| _sf_endpt object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY undefined| Drip_211198943 object| google_image_requests object| _presentationInfo

38 Cookies

Domain/Path Name / Value
.thefirsttv.com/ Name: _ga
Value: GA1.2.236284673.1650377854
.thefirsttv.com/ Name: _gid
Value: GA1.2.670834807.1650377854
.thefirsttv.com/ Name: _gat_gtag_UA_148110630_1
Value: 1
www.thefirsttv.com/ Name: fsbotchecked
Value: true
.thefirsttv.com/ Name: _fbp
Value: fb.1.1650377853999.93648247
www.thefirsttv.com/ Name: _fssid
Value: 81cb58a1-c906-4e1c-a722-a992e264ae83
www.thefirsttv.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.thefirsttv.com/ Name: _lr_geo_location
Value: DE
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYASABKAEw_4j7kgY4AUABSAEQ_4j7kgYYAA..
.adnxs.com/ Name: uuid2
Value: 3993354963865332781
.rubiconproject.com/ Name: khaos
Value: L268D3IQ-G-3OXL
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2421m2pffigszzH/SUMvpGs1wMD2ZZQDKsAHTXr+Vc7hCg7aA+CcUru4iggGhwEYqKgsR/KUydcuCAnekPgJibWmaOzEQf7jLQD5U7tEfUTQ==
www.thefirsttv.com/ Name: HTML_VisitValueCookie
Value: 0|0|0|0|0|0|0|0|0|0|0|0|0
www.thefirsttv.com/ Name: HTML_BitRateBucketCsv
Value: 0,0,0,0,0,0,0,0
www.thefirsttv.com/ Name: AkamaiAnalytics_BrowserSessionId
Value: 7c0055da-b39c-2754-a091-d49ae321cbb9
www.thefirsttv.com/ Name: HTML_VisitCountCookie
Value: 1
www.thefirsttv.com/ Name: HTML_VisitIntervalStartTime
Value: 1650377856203
www.thefirsttv.com/ Name: HTML_isPlayingCount
Value: 1
.pub.network/ Name: _fsuid
Value: 9f42a5c0-f5b1-47ac-9a28-0e04477ffb21
.quantserve.com/ Name: mc
Value: 625ec480-5bbd3-20a92-4b630
.thefirsttv.com/ Name: __qca
Value: P0-860484753-1650377856177
.thefirsttv.com/ Name: __gads
Value: ID=0df4978c3ff651c3-22867d087acd00c4:T=1650377856:S=ALNI_MZ3P2cL8HDJtw_BZDh9LXJBPjf2dA
.doubleclick.net/ Name: IDE
Value: AHWqTUkHVA52gqVwFLURxiFa6UiEYxbBGfIE2_6ADAo2eZPEwkbueCsnp5sZKn3Qmfw
.springserve.com/ Name: ssid
Value: 3b5baf9b-ff2a-4137-859b-f8c9025882e3
.springserve.com/ Name: sst
Value: 1650377857604
.criteo.com/ Name: uid
Value: bf23458a-3b30-4c0b-9cef-3117c7b272ac
www.thefirsttv.com/ Name: _cb_ls
Value: 1
www.thefirsttv.com/ Name: _cb
Value: DAUBEyCC0vc0BlQK9H
www.thefirsttv.com/ Name: _chartbeat2
Value: .1650377857679.1650377857679.1.Ckda2jTMiGcCwDIxXsuZUAC5QeDg.1
www.thefirsttv.com/ Name: _cb_svref
Value: null
.thefirsttv.com/ Name: cto_bundle
Value: tTiH_19vaHdUTVh2Zk5KYzNtUUxWJTJCc2s0eTdib3VWQlR1RTA4ekNpZjRWSUQwOGptUWdDelRUeG1zTEtuUVdqd2ppeks3WUZqMTF6YkJGdEhxblRyeFNUZ2dISWpEN2ZMYUtmTnhMelljWXFhWmtoQUVCbE0wbUFVTSUyRnFXd0RFWWN0WUR1YmJ1cXlJeGY5MXF0R1VWcmR4eXNRJTNEJTNE
.thefirsttv.com/ Name: _drip_client_3760909
Value: vid%253D29d619f10114499e99190224fa53ac07%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1650377854438%2526weeklySessionCount%253D1%2526lastSessionAt%253D1650377854438%2526form%255B177971%255D%255Bauto_open%255D%253D1650377858
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMPS
Value: 3194
.casalemedia.com/ Name: CMST
Value: Yl7EhmJexIYA
.casalemedia.com/ Name: CMID
Value: Yl7Ehpn9HpjTSFXoo7ywXQAA
.casalemedia.com/ Name: CMPRO
Value: 1109
.casalemedia.com/ Name: CMRUM3
Value: 2d625ec48605a0&33625ec48605a0&1f625ec48605a00&27625ec4860b40&f1625ec48605a0&0d625ec48605a0&e6625ec4862760&39625ec48605a0

3 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=C56E0628-4432-4FA8-AFAB-7C1815FD855A
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ab.zype.com
acdn.adnxs.com
ad-delivery.net
ad.turn.com
ad4m.at
admin.zype.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
api.btloader.com
api.floors.dev
api.getdrip.com
ats.rlcdn.com
aud.pubmatic.com
bc-ssb-dub.springserve.com
be280dcf73a9485c8f7c5862be9656d0.safeframe.googlesyndication.com
beacon.lynx.cognitivlabs.com
beacons.mediamelon.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.pub.network
c1.adform.net
c2shb.ssp.yahoo.com
cdn.onesignal.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
csync.loopme.me
d.pub.network
d14jnfavjicsbe.cloudfront.net
dis.criteo.com
do0ne7yeju3uz.cloudfront.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
geo.privacymanager.io
gocm.c.appier.net
gu.dyntrk.com
gum.criteo.com
gvimage.zype.com
gvsm.zype.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
license.theoplayer.com
loada.exelator.com
ma1169-r.analytics.edgekey.net
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mediamelon-builds.s3.amazonaws.com
mf.zype.com
mug.criteo.com
mweb.ck.inmobi.com
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
pghub.io
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
player.zype.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
px.owneriq.net
register.mediamelon.com
resources.zype.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
tag.getdrip.com
tf-a1.azureedge.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
use.fontawesome.com
vid.springserve.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thefirsttv.com
x.bidswitch.net
aud.pubmatic.com
gocm.c.appier.net
imasdk.googleapis.com
loada.exelator.com
pmp.mxptint.net
104.102.28.239
104.36.113.23
104.45.178.220
104.89.20.125
104.89.45.32
104.92.100.195
108.138.7.53
108.138.7.71
108.157.4.59
13.226.156.190
130.211.23.194
135.125.160.77
142.250.181.226
142.250.186.98
151.101.130.49
151.101.65.44
152.199.21.114
154.59.122.79
169.197.150.7
169.50.137.182
178.250.0.163
178.250.2.131
178.250.2.146
18.156.0.31
18.66.248.107
184.87.212.24
184.87.213.8
185.183.112.148
185.33.220.100
185.33.220.145
185.64.189.112
185.64.190.80
185.64.190.81
193.0.160.129
198.47.127.20
2001:678:cb4:bbbb::11
209.54.180.3
213.19.147.44
216.52.31.49
23.35.228.201
23.88.75.189
2600:9000:2156:5800:1e:9742:1680:21
2600:9000:2156:e000:18:1fcd:34f:cdc1
2600:9000:223c:a00:6:44e3:f8c0:93a1
2602:803:c004:200::141
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::681a:18b
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4acf
2606:4700:4400::6812:230b
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:80:807::2
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:400c:c0b::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:df:39f::aa5
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42::729
2a05:d018:d29:3605:9290:fe02:2ee8:2378
2a06:98c1:3121::7
3.122.174.248
3.123.52.20
3.218.212.203
3.68.148.208
34.102.253.54
34.107.148.139
34.238.213.165
35.157.246.167
35.157.99.247
35.201.71.192
35.227.238.208
35.241.45.217
35.244.174.68
35.245.135.104
37.157.4.29
38.27.122.101
44.199.37.161
52.21.142.155
52.210.7.127
52.222.236.53
52.223.40.198
52.94.220.185
54.159.218.116
54.194.100.43
54.216.156.68
54.225.138.85
54.227.129.229
54.231.201.97
54.246.43.245
54.77.205.241
65.9.7.112
66.155.71.149
69.173.144.139
69.173.144.165
74.121.143.245
77.243.60.138
88.198.33.89
01319d2141c9aa8224ed45cf25c6abfb334526512e75f516e517b92faffdb0ec
02dc2222537f66e07c7f952a1c61489f49c9031270f6e7713777625e35e8e4b2
0438b58f6f0ae72fc6fb2a7050dbb016ba5f6dc6c255747102839ccfbbf78039
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
083a85915a490114239676d8b56d758573e56ad90850ace2c19400cc4e1ececd
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0e03ced83bf54216a0da5d88660920ace060957822e4ae1dc18cd934afc6024a
0e24c9a1b6f4a378f7f7eef9715a900eb7241a52f3bd4d94793d83e860736c83
0e7b41bb52d075f88666b7d7a1dba793ddd00cd5c37a3e2a7aac60646dfdc165
0ecf979e9506af77a369714d379cdc62f3ba81aa3ebfa76e573a8b4de8de8ca7
0ee8bbd659680b7689f6177027bd2c38c6dc4ac4bb046466522d45d45c116cc2
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131a712745978586e76564e2bf6877419df0b255e5eaf724a60813deb0e7bb08
1442734fd8c6fc75fcc8b7781997c8f08f5a30d82b8385fa48d19311346b71aa
14f0863980e3225c3c8b493bcb34436b84a09debd02a18c9bba162daf6176312
1787bd043f0094effeb8a33ed29b36a720c8319422c0a416d7fa71c6663e4ac7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bd326cb7baee270d3a00e1dfa09ab232ac171cd030f4fd0868da781ee55df48
1dffc2fd6883592784a4170f7fe511c318fecdf35130fc4b2d46b37da2381e21
1e08ece4bc8010df4def3e470bb865e46e3a4d6c844cc55dc6273546ef800ac7
24d3ffac4a558078bbbe1d26f7d60adcbc0ee7a64ee1409e6fb3cc89c1674743
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
2767df6736abef725fe8b1e39307f402dc27a7c8341f9354a8c1b883dcc563dc
2a2fa413c1092e719bc3ba1b97d9654b6f9754d601d28bf4ffe160694da55cff
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1cdb6c32b881c48a41965e8f47eb620e91a1a3ae9010430d17543a079719a8
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2fec827f51356cfc9f02f83bbec20912e9e5e6050797b13d4a94e7b37ed7d596
31cb6a50b77f613f5024aa6611bf88180e62078c07a944fc8f56d3f6acb8d31e
3627280b95728043695656f63aae2766ac598f755e19e1026edf790afd7b7c20
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ce6da5a57c3b7d91b4a57fe1c6644822abd0a0c73738ea69374ff43c71c8eb
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
461f75d119c6d4eaf11efe1500a7d814fe09e5a5724a8c1346282c12951190b2
46f76eab9e5c927596fec963d99e72a3fcf7852f157751fd4bd9ec879259e7df
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
497667aa3e95c6e082df20eb7f8370b55dafb50054bf4f0ea7886922c1d4879c
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4ab57a689db0e617e25528be5367e1449dedfd2b96137510b730e9e685fdea6b
4c58180cd3e861ea6b65f7fc286d561f7aa32b9abdf9062dd3999514a47903d8
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
4cd521e5f4678c011c84fed1e172677c7eab2cc5bc114ad813bdb48d8ba9f350
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f7c8580f6af826dc8d8750b36ba4e0ac1332a04f3ae6ac545007bd82ceb3995
53cc37ace87bfde90cc35f1c6c7cb09beb7659d7fbd4cc5b928c6bbbb9ed1011
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d7ff80c95d942a9a933b651c99a8ae45e87a90038052e0087818258834b5d
5770b31a3b0c78370bc1b40b48df59b6f5805be64dd5038a86f8f73ac881dab6
5aef37c7abe75530fac92a34f337cd7f558956e9800f5b0e05094fb83e963be6
5b96bb21ea3e92f985c21a2a4a222650a481c9daf33c902582b3e1bb5553b412
5c6e689f114889d9a7d4fbcdb6008c7350a2a19d1a9d9df73ba072e0f68bb3db
5c731794fefb6d28c892937a78451b76d22dfa8180b0f061af1acca5859d8df5
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5ee5c33b927b283aa4846cdb659798f08c0529785bf443be12446ddb72ea40d2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626912d286cba976bf83a8c6b857e74b3c226d5f9dd9eff6298c57fa33eed3cc
6648bd992db8dc9a132291ee714b9a74d63185be2089c08e577a9e2a7b301856
66fa77a0ad9af3bcddba8a5547405863961cb515d7b8fd731454a356155f8b9a
69507bf4d6d18f10d2873d125d3c7d34589845d38f2a0bd79bf5ffe16ae97777
6a727bf223177455130f22e9de17fcf54f7df069c0095c974ff3c01470e2096a
6aadc417abca0fd9b8d813b9247d03048aa6fd848e9fc826c0b38b6e036b4a4f
6acfbdf4dd87d0b3a9453bc046a6facaf4df824c1403a5249f2988729d157017
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71429c783d935c8c3abfe053dd6c027df45c83db0b1265625d940887b41a4c22
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7720265dcf7e307f10f94118d99d0bab6949bb36c52325ff614249f0639daad9
78da514c9f16a47d8e2374012619445409c56fd4da464e9cbd7b581cbf809b08
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b8eb39fd6dfe8059e1236cdf5f3a121a5b1ac9b8e3f253011526a2892d556c3
7c339053741a176be919347bdfabd8b19a26afb08bf7dd98941384924d18417b
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
8228b62486c57f915e01605b7a73596f6107b8f8aa4e17f04fce2151d2943fdd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e03ca3bc2a40f302dc112da0ed6125b3aa7c91de3fbe26765b223ca80bddbe
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
886b1a4de8fadde2eec3cb56bea66d0b89676ee09822f4433f54ef8c77cc7643
8a499356d75bf95334ba8b9682cbe6994bdf56e16647fcd5cb6be2cb776717fa
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b45fdca27b9437f33c213cfa5ffe384ff404a598bcb11e229b07707a5c8ae97
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d94d58cedb841e73b4c8a7ac0e991286b96e87d54443578dac283fbf9b6ab6b
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
911b1a5904ffde75ad46f348610dea3bde75fb10143f5010da33dbe64d5aa7ca
938b75121ed8954313acb9302006056359148efbbe125500c8d55027f647cf29
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
940b7eabbe1c9e437fd5e14a16339efc7a4856b1acb1e52fab1d4c21e84b0a85
944a7a9ee4655c4db518ebfb3ce1d6dbcc3fa27317a63449cad2cdb93a269d9c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5842a661b9e0c5c9b6d62783b1c9f4f229fb85acaef3236eb1253db3bdf06a
9a69b23235bae2a3f9a05bd21f547a27d467501715ba6e9dcf2457d85017ac45
9a8c704324d0633c8506b48022d84945164e189dd3d2318d4b02b5e54c7427b6
9b048fd99ccfdc25109319e183a58d23693c2a5e05f93a08b63c14067ef358cc
9d31ba6646e46f3b036de14325472c4be1c992e80ed978b470c4f598e803a953
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2cc17ec336c625cecc16808666f52d05517e86336be42e943f3cdd5649d1f42
a47a0bbe96dd3548c256feb4d08677daf10d254e4121d5f0ac35439886414f30
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5944be6fc68fe389f32cb9fd52dcd66eb7a509ca3799b5437bb071afa6a0d93
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a9844f8a4b8e55df71cade072301c24da983fb468ce528b502200c49beb1997c
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
b59c57f72cf5688d6420b9102860ab9215d03dbe3f0d96fcedb2c9086b4d0d90
ba458188e66e04db7909e71989d444db999b08ffd7bdfb98d86a8c446baf473c
ba7486e4108919a1a689c2a5d345afe9d2b5bddd1eb746dfc28ebdb4ed94ea2f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcb8040a38eb5f6cfc9b625c2b0f2045e4636b5c1f8ba39ffdb4f0f2ebed6046
bdc8321b2e91a6509adeb7e128edd933c3df7a9bd7255cf27a0ee368ac5d8b09
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
caac51f2acbbf0c6f7fc62dbc7b2e12b0a452a19ac62f676b83137ef98f29a44
cb04565851a17df618793edf6b8d9b438363242ed5bf97b53149b98da9319510
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
daffdd6f62e491d3b2ab8012fb6c886e904863487f503e76a4fc6281594d533b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc89c933d5f3a060b6d6529c1f6748bbe87213a8aa11eca62361b67a2c39266b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec55679642cc46b124a30998355c5eddba5c98349a8ae6e198376d4babf719c
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
ea8807b741f494786a037b6d69f8a65d61a59b0811f466418e5d49625663de5b
ebb7df79da4d890789f178fcf4dee3ce8a5ae41a4054a91d8dc40dceec3b8926
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
edd5229fffe086c693f84a2b8210a72c7f071f63039781e073c87d17863e58da
ee13b5ffe90e8f7fb7ef408eb1caf6db28ffb71863fa610836fb4935b6cf9471
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08a9ef4b0047a78cc8d947fe5aa72e7c9fc7d1d95d004de88ab03ee5e25d3f1
f1905817596b2e32feacf863b31d4961af478773296ebb04941a4af8ba7da8c1
f3c619270bf51ef99a5e8b43cb7081e9edf49c3e2d5eb63ab4185f2c5088b73e
f3d3117f8f9f0011114a8a7424e9ca8962c5de2a136790660c119b2a0955a05c
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4