urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://showtimeanytime.xyz/
Effective URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 11 countries across 77 domains to perform 350 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 230393.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 17th 2021. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.178.23 32244 (LIQUIDWEB)
11 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
28 2a00:1450:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 3.209.43.118 14618 (AMAZON-AES)
17 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 184.51.9.184 16625 (AKAMAI-AS)
10 2a00:1450:400... 15169 (GOOGLE)
1 23.35.237.56 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
24 52.28.203.152 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
2 4 51.89.9.253 16276 (OVH)
1 35.158.222.62 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 4 104.18.19.126 13335 (CLOUDFLAR...)
5 10 37.252.173.38 29990 (ASN-APPNEX)
1 35.156.194.7 16509 (AMAZON-02)
1 169.63.109.126 36351 (SOFTLAYER)
1 147.75.85.234 54825 (PACKET)
1 35.244.182.124 15169 (GOOGLE)
1 2a06:8640:764::2 55081 (24SHELLS)
1 34.107.148.139 15169 (GOOGLE)
7 18.195.160.66 16509 (AMAZON-02)
1 23.35.236.247 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
13 18.66.248.119 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 18.208.240.0 14618 (AMAZON-AES)
1 104.18.12.242 13335 (CLOUDFLAR...)
4 13.224.195.78 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
1 3.220.58.99 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
13 2a00:1450:400... 15169 (GOOGLE)
4 35.170.30.54 14618 (AMAZON-AES)
1 13.225.78.37 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 92.123.21.200 16625 (AKAMAI-AS)
7 14 104.18.18.126 13335 (CLOUDFLAR...)
1 185.94.180.123 35220 (SPOTX-AMS)
1 198.47.127.22 3257 (GTT-BACKB...)
1 18.159.242.39 16509 (AMAZON-02)
1 3.65.16.214 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
2 178.250.2.146 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.15 16509 (AMAZON-02)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
10 38 142.250.185.66 15169 (GOOGLE)
2 2 172.104.105.5 63949 (LINODE-AP...)
2 2 69.173.144.139 26667 (RUBICONPR...)
1 1 2600:9000:219... 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
1 52.198.226.249 16509 (AMAZON-02)
1 13 144.76.91.199 24940 (HETZNER-AS)
1 5 138.201.220.30 24940 (HETZNER-AS)
2 142.250.186.162 15169 (GOOGLE)
3 3 3.121.59.219 16509 (AMAZON-02)
2 2 54.229.65.185 16509 (AMAZON-02)
3 3 37.157.3.28 198622 (ADFORM)
1 35.227.252.103 15169 (GOOGLE)
2 2 76.223.111.18 16509 (AMAZON-02)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2600:9000:21f... 16509 (AMAZON-02)
13 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
4 4 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
2 4 2a01:4f8:d0a:... 24940 (HETZNER-AS)
2 49.12.16.151 24940 (HETZNER-AS)
2 54.76.176.197 16509 (AMAZON-02)
2 23.205.253.64 16625 (AKAMAI-AS)
1 82.113.101.132 6805 (TDDE-ASN1)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 169.50.137.190 36351 (SOFTLAYER)
1 1 35.190.0.66 15169 (GOOGLE)
2 69.166.1.10 27630 (AS-XFERNET)
1 1 124.146.215.52 2514 (INFOSPHER...)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 92.123.9.160 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
350 85
2    72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
showtimeanytime.xyz
11    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
28    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:92ff:fe2d:3e71 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    3.209.43.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-43-118.compute-1.amazonaws.com
embed.sendtonews.com
17    2a02:26f0:11a::6867:483b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
5    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    184.51.9.184 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-184.deploy.static.akamaitechnologies.com
a.teads.tv
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
at.teads.tv
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
24    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
4    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    35.158.222.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-222-62.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
10    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    35.156.194.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-194-7.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com
in-appadvertising.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com
s.seedtag.com
1    2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    18.195.160.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    18.66.248.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-119.dus51.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    18.208.240.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-240-0.compute-1.amazonaws.com
s2l.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
4    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.220.58.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-58-99.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
13    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    35.170.30.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-30-54.compute-1.amazonaws.com
timber.sendtonews.com
1    13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net
player.sendtonews.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
14    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
dsum-sec.casalemedia.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
1    18.159.242.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-242-39.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    3.65.16.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
19    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
1    108.157.4.15 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
38    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    172.104.105.5 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-5.members.linode.com
a.c.appier.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2600:9000:219c:e400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    213.19.147.44 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    52.198.226.249 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-226-249.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
13    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
hal900018.redintelligence.net
5    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
3    3.121.59.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-59-219.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.229.65.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com
ads.avct.cloud
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2600:9000:21f3:b400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
13    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
4    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
2    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
2    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
2    23.205.253.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com
www.awin1.com
1    82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a05:d018:d29:3602:330c:6850:f997:69b7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
pubads.g.doubleclick.net — Cisco Umbrella Rank: 368
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
260 KB
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
437 KB
25 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
2 KB
22 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5551
csm.eu.criteo.net — Cisco Umbrella Rank: 5700
50 KB
18 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 35377
hal900018.redintelligence.net — Cisco Umbrella Rank: 292383
hal900016.redintelligence.net — Cisco Umbrella Rank: 199869
113 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 755
as-sec.casalemedia.com — Cisco Umbrella Rank: 2163
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
14 KB
17 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 625
188 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19566
s2l.sendtonews.com — Cisco Umbrella Rank: 20543
timber.sendtonews.com — Cisco Umbrella Rank: 21199
player.sendtonews.com — Cisco Umbrella Rank: 22426
208 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
399 KB
13 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1 MB
11 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 2637
ib.adnxs.com — Cisco Umbrella Rank: 329
10 KB
11 simcast.com
simcast.com — Cisco Umbrella Rank: 230393
127 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 10082
ads.eu.criteo.com — Cisco Umbrella Rank: 5636
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7591
56 KB
7 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1586
1 KB
6 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1415
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
12 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
imasdk.googleapis.com — Cisco Umbrella Rank: 456
336 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
cloudflare.com — Cisco Umbrella Rank: 180
30 KB
4 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 177154
11 KB
4 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 36991
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
176 KB
4 gstatic.com
fonts.gstatic.com
168 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 362
47 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1479
x.bidswitch.net — Cisco Umbrella Rank: 420
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 1015
2 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 863
eb2.3lift.com — Cisco Umbrella Rank: 652
1 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1632
998 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1505
s.tribalfusion.com — Cisco Umbrella Rank: 3853
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15259
1 KB
2 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 72820
624 B
2 futalis.de
futalis.de — Cisco Umbrella Rank: 215403
818 B
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 36358
785 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4500
890 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 14783
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 894
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1392
at.teads.tv — Cisco Umbrella Rank: 4668
4 KB
2 showtimeanytime.xyz
showtimeanytime.xyz
3 KB
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 23387
519 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4119
292 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
862 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1511
1 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 14793
550 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1468
709 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 41343
639 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2066
680 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2282
351 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4008
44 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
572 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 991
436 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
266 B
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
112 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 678
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2186
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1084
356 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5408
163 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
386 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 11660
96 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 942
13 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1802
180 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6082
1 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 7623
402 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1508
272 B
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 25217
548 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 848
165 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3176
145 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
644 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 23564
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
42 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 460456
278 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 38994
139 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 976
30 KB
0 inmobi.com Failed
sync.inmobi.com Failed
0 smilewanted.com Failed
prebid.smilewanted.com Failed
350 77
Domain Requested by
38 cm.g.doubleclick.net 10 redirects fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
28 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
24 c2shb.pubgw.yahoo.com cdn.adapex.io
19 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
17 img-s-msn-com.akamaized.net simcast.com
13 pix.eu.criteo.net ads.eu.criteo.com
13 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
13 s0.2mdn.net imasdk.googleapis.com
showtimeanytime.xyz
s0.2mdn.net
13 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
simcast.com
11 simcast.com showtimeanytime.xyz
simcast.com
code.jquery.com
10 ib.adnxs.com 5 redirects cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
googleads.g.doubleclick.net
8 hal9000.redintelligence.net fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
hal900018.redintelligence.net
hal900016.redintelligence.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
showtimeanytime.xyz
7 static.criteo.net ads.eu.criteo.com
7 s2l.sendtonews.com embed.sendtonews.com
7 btlr.sharethrough.com cdn.adapex.io
5 hal900016.redintelligence.net 1 redirects fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
hal900016.redintelligence.net
5 hal900018.redintelligence.net 1 redirects fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
hal900018.redintelligence.net
5 fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.com tpc.googlesyndication.com
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
5 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
showtimeanytime.xyz
4 cdn.retailads.net 2 redirects futalis.de
4 pv.medialead.de 4 redirects
4 www.googletagservices.com fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 timber.sendtonews.com embed.sendtonews.com
4 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
4 fonts.googleapis.com embed.sendtonews.com
hal900018.redintelligence.net
hal900016.redintelligence.net
4 onetag-sys.com 2 redirects cdn.adapex.io
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
4 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
3 c1.adform.net 3 redirects
3 x.bidswitch.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
3 embed.sendtonews.com simcast.com
showtimeanytime.xyz
embed.sendtonews.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 sync.go.sonobi.com fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
2 www.awin1.com fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
2 ad-server.eu fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
2 futalis.de hal900018.redintelligence.net
hal900016.redintelligence.net
2 pb.media01.eu hal900018.redintelligence.net
hal900016.redintelligence.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 eb2.3lift.com 2 redirects
2 ads.avct.cloud 2 redirects
2 googleads4.g.doubleclick.net showtimeanytime.xyz
2 sync.1rx.io 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 a.c.appier.net 2 redirects
2 px.ads.linkedin.com 2 redirects
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 showtimeanytime.xyz showtimeanytime.xyz
1 token.rubiconproject.com eus.rubiconproject.com
1 im.bluevoox.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 tg.socdm.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 portal.o2online.de
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 rtb.openx.net fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
1 cc.adingo.jp fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ads.eu.criteo.com fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com showtimeanytime.xyz
1 sb.scorecardresearch.com simcast.com
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 secure.cdn.fastclick.net showtimeanytime.xyz
1 player.sendtonews.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 match.adsrvr.org js-sec.indexww.com
1 cdn.resonate.com embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 prebid.media.net cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 at.teads.tv a.teads.tv
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 sync.inmobi.com Failed fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
0 prebid.smilewanted.com Failed cdn.adapex.io
350 109

This site contains no links.

Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-17 -
2022-09-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.360yield.com
Amazon		 2022-06-29 -
2023-07-28		 a year crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-06 -
2023-06-29		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
redintelligence.net
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
*.futalis.de
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh

This page contains 32 frames:

Primary Page: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Frame ID: AD14EE7109F7E47AED921FC152B16A14
Requests: 136 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Frame ID: D0C3D43494BBBBC8643895C716D71BA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1663180180&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663180179866&bpp=3&bdt=889&idt=250&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3765954509710&frm=20&pv=2&ga_vid=1369281649.1663180180&ga_sid=1663180180&ga_hid=1187808849&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44772486&oid=2&pvsid=2354995151772382&tmod=308465318&uas=0&nvt=1&ref=http%3A%2F%2Fshowtimeanytime.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: 36D5B96DBD0F8863EA66307F51235A68
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 461CD95658BA70092F0FDABD91ECC42B
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Frame ID: 6126CC91B46408D469EC9FCE101E79C4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 94620EDC8A83CD7AB0200E8B25B69156
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 376E0E37B833C6EF5CD1E1F6FA0A4250
Requests: 2 HTTP requests in this frame

Frame: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F2D4EEEC1F47F4D28EF8B900D8E8C83
Requests: 1 HTTP requests in this frame

Frame: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1298B617C14CB6F5702767885F211151
Requests: 10 HTTP requests in this frame

Frame: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C9836CDD62EF5AEDAA1055D6B6F51DF
Requests: 14 HTTP requests in this frame

Frame: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B870D4326678AF1C562C82DFE78560B
Requests: 14 HTTP requests in this frame

Frame: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B46F0DB93516F48C1DC8A92ADE5DE72
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNVdxlscNleUfNq5uLpcL2Fr8hOaC9cOoYFFvWdEN8t_Roe1d7QHxxPpCf3B08YeF4vUDbordczaQ3I0qZR1WPNrdeYv1UETsaACKdk25an4JdlUGEdQBY9UOx74yRAdZxT3q6cA0B3iteBtVDGm0un8g_uCa9VSEnmUo_hLqLeOmgJpI-XxL2qde0PRRLZHkhj0CYtMl4rFXGg4HIXndbY7UDbmjA
Frame ID: 2E2C5EF1C7918EDE070681BEF07E4D13
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: C12332A898B672A5D535B0B4E78B22DD
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66A5751C6B01DB9C7067C9CE91EA4F34
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVCPpe1By6lmXe0t9LUHgXaaho3W6sEsB4Z7_yQqixqFVnzCR_9wopfdKWbhggPY7ZjcP371JCSTBwQE540CuXPOJ08TjYVTso94B-5dPjmF3O7dY_joif1e9dPFZGjPrZeUH9U6LEsDMCY9cu31tYTkP2qR8yexk6HL2Oj5-SDyQZMjcHq1S4maEYJMeC4VVxD65EUNMK0lbuuOk2gwxxAzA1DDg
Frame ID: 5AD1A2D4659BC893A2F6C5FD065A400E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXuwwUDnWItbShFngAZIOxLrbHUh_EBoKg2AhnYoagXtoY45wkk3BRVmIDmFqgC43HZBrDWLpW1lBvkyn0MkIkdm0grEjlFXBZ3JzaVmzOVd_Ls54TWVFK4yNCO1ofOZQanRfmpV4Uf60cMT9olEvmpdrQucJLWYfHi0_NKQbUiLMuP7m9yObQq7zUbOOycodpWKoJg5ts-U-XOF2USRaOAqBLB8g
Frame ID: 011A57BB8852361C3B37EAF5A80266CE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6902DA2AA92430E200B848B1A90E46B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F8343E81BD2021BD630156523F4A1E08
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B82029716666566B9C070E31CF7A3153
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
Frame ID: 6B52C8A2958FBBC0440496E345D5373F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7BEFED03A1AC5D857D03EAAB7597A1C4
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Frame ID: BED9C2D0B1026D921DEEF0D14BB7A128
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042480
Frame ID: 9AAE537229C5064F8928E94E9176DF9B
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Frame ID: 12A23558A8669FF732E08341EB046354
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A24EB9CDD4F1B84854ED998B3C253B7
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Frame ID: 95B17F526E8A85D1AE6CDEFFF87FD59F
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042481
Frame ID: F3836967BA1608336031D1B1FC04927B
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Frame ID: 9DDE3A675860FE7F7473F6843D6F2F1F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 67E0F803E9006220E381831B0000DF6F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Frame ID: FAD07A71D0A54D4271D4700D7E249B44
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0CC3B8D8A43D38BB51767E383F43BB8E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://showtimeanytime.xyz/ Page URL
  2. http://showtimeanytime.xyz/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf30UpIgC1cuCU7SbZp5LNuxbN8T2ZwbaE7vD12... Page URL
  3. https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

350
Requests

86 %
HTTPS

33 %
IPv6

77
Domains

109
Subdomains

85
IPs

11
Countries

4098 kB
Transfer

8413 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://showtimeanytime.xyz/ Page URL
  2. http://showtimeanytime.xyz/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf30UpIgC1cuCU7SbZp5LNuxbN8T2ZwbaE7vD12Q7X3wrQdKXECUhMIK5SDCGz30O%2FeUF32g1ve5se0OIXKIx5EI8hOfZGWdUZTUXgMZyCmT19QeosBmCfOmG3DY8kkOmD1g01FSBScxTirfcDbThjz6r2KbQV57r11nT0RAP81%2BAkZMFoFsCXGJDVCLV1Za9c44Y4O9iGya1CoijZCu72ZU9CavlifQ5ezUPSlVnIBfck6YqZML9XUxTAlAvH7LpId3CgZ4obn7KS2zAJEy2ldB3GgGVYFTn627B%2FQ%2BGmvM38yw6zh3COSvNCOTVd2n%2FRUuhjrJwRGkJ0SCkFDBqnNOtMIoODmkb7x7%2Fqchi4U0GvwrTvRcwt9d4ITrmPU3HiK%2FfKRd8HgSMZAoJ8tE%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 165
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=DqZpw3wzS0JHWkgzRnBQR3dQTjlzY2I3OTd5aVdFTFB6M0NNUTdMNVNuUEx1bHF0NlFyQ09DajR0MnN5eTQzeHZoc3lSRk05N0lzSlFCTU5nUGNrNzhLaVhsMzJScE12WU04SkpCUkRraWpkR21rVEdxcTE2bFVIcFkxRGFNRlVZM3Q3bU9QbFcyY29GZWpQNkMzVkp6bDJHSE9uVG5yd1pVakoxZE9LcXF6dDhjWnY3T2hlZXZ3Q29DQWhaMVgxd2c2bmxHY0h5Qzg2K3p2dmJESzg1UWgvUzUybVhPWld5dlZQVHAzUTN0MjVmSVFrPXw&cppv=2
Request Chain 209
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO98C3l2LlwiZZb1V4_SSZU&google_cver=1&google_push=AehlK4C3kmb4pTcwb2XVcxkb8VBjsat8vUDPpZkuViqioxMaYNGZjMYMCk0b5WC2HWEBHVN5mrfi-gsZkAyohludiWLCYGeDL-M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C3kmb4pTcwb2XVcxkb8VBjsat8vUDPpZkuViqioxMaYNGZjMYMCk0b5WC2HWEBHVN5mrfi-gsZkAyohludiWLCYGeDL-M
Request Chain 210
  • https://a.c.appier.net/gcm?google_gid=CAESEIDVhzb8T3VwjaaEjy9T2ls&google_cver=1&google_push=AehlK4AMaQb7wb9boiGgslOYZR-AtCVY4IKmKRda9vBU2e5vVuOAN0OJcKcMbWGOQD4_FrnKTx4mD9_SlV4-Hbe9pQVkfMdNnCY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qjl0MUMtRnBDSnVGcE52Vmx4MGlZdw%3D%3D&google_push=AehlK4AMaQb7wb9boiGgslOYZR-AtCVY4IKmKRda9vBU2e5vVuOAN0OJcKcMbWGOQD4_FrnKTx4mD9_SlV4-Hbe9pQVkfMdNnCY
Request Chain 211
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFyQIt7hZZz6yxioOJReig4&google_cver=1&google_push=AehlK4COmHJs9zZ-0HPyS2opIDHDvxgsfmBdEQACgSakeP5JRMrObKbvoNWWRk3dKOwPVsDW3YFdJOsvwPJBlDGQaaO2VGBFjg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFQ0QtMjctOE5YSw==&google_push=AehlK4COmHJs9zZ-0HPyS2opIDHDvxgsfmBdEQACgSakeP5JRMrObKbvoNWWRk3dKOwPVsDW3YFdJOsvwPJBlDGQaaO2VGBFjg
Request Chain 212
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_cver=1&google_push=AehlK4Dg4AJkxzmDVbrtvBEryD5hw7cK-CRgIdZ8N8IZIRlfIJ_MiCU-HlvugEM6hN4bx6YA7aBsJuCgUS1oXHbo8BTZH9Xj7-Y HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_push=AehlK4Dg4AJkxzmDVbrtvBEryD5hw7cK-CRgIdZ8N8IZIRlfIJ_MiCU-HlvugEM6hN4bx6YA7aBsJuCgUS1oXHbo8BTZH9Xj7-Y&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_hm=YyIdlkwWSEuFZPPkBnLqIAAABFoAAAAB&google_nid=index&google_push=AehlK4Dg4AJkxzmDVbrtvBEryD5hw7cK-CRgIdZ8N8IZIRlfIJ_MiCU-HlvugEM6hN4bx6YA7aBsJuCgUS1oXHbo8BTZH9Xj7-Y
Request Chain 213
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAimYDpEH9aYVxKXoPMcG-g&google_cver=1&google_push=AehlK4CenN7Es3pRnsCZLaxDrMfyv6bf1e0kaOq-ohaQ0b0nY3uHx9xXo3YXzroaI4s6XuXiuXZ7qMqRLVz9XBGiqkCg5pg9beg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CenN7Es3pRnsCZLaxDrMfyv6bf1e0kaOq-ohaQ0b0nY3uHx9xXo3YXzroaI4s6XuXiuXZ7qMqRLVz9XBGiqkCg5pg9beg
Request Chain 214
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECLsTJdMN6E4tNdTZkK22Rw&google_cver=1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663180182869 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-92a08bbf-b016-4c22-90b6-b1c60c7b2f1a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ%26google_hm%3DA5Kgi7-wFkwikLaxxgx7Lxo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ&google_hm=A5Kgi7-wFkwikLaxxgx7Lxo
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1&C=1
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyIdlkwWSEuFZPPkBnLqIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
Request Chain 220
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Request Chain 222
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyIdlkwWSEuFZPPkBnLqIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
Request Chain 224
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5NTM1MjIwNDQxNjU3ODM0MA%3D%3D
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyIdlkwWSEuFZPPkBnLqIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
Request Chain 237
  • https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 242
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 247
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEHfLrdTZOCfqsxtGlMOhCM&google_cver=1&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqWeLvlmiATUw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEHfLrdTZOCfqsxtGlMOhCM&google_cver=1&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqWeLvlmiATUw HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=e8d2dbf7-5b8f-4781-9822-1a65a768295f&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqWeLvlmiATUw&google_hm=6thaVrDGRI2tp1WpCoKjUw==
Request Chain 248
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_w4qVqIeCGZm5rWG1oUoc&google_cver=1&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuhqZRDdpGfEQDXn-_EERkfwF7A HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP_w4qVqIeCGZm5rWG1oUoc&google_cver=1&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuhqZRDdpGfEQDXn-_EERkfwF7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuhqZRDdpGfEQDXn-_EERkfwF7A
Request Chain 250
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFyQIt7hZZz6yxioOJReig4&google_cver=1&google_push=AehlK4CIbyH69UgB-GdXj1Sb26WnpDTZsOEpMrNAgcF9Rm6xrD4QGHnMPpMBCvo4ERkut9hX4OF1jrQ0U1f9uK8B3WW2B5yeDsLjLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFSDMtMjgtRjZIRA==&google_push=AehlK4CIbyH69UgB-GdXj1Sb26WnpDTZsOEpMrNAgcF9Rm6xrD4QGHnMPpMBCvo4ERkut9hX4OF1jrQ0U1f9uK8B3WW2B5yeDsLjLg
Request Chain 251
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELHT_JeJLUdfx7WJFQMnSwE&google_cver=1&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnEZ6cA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnEZ6cA&google_gid=CAESELHT_JeJLUdfx7WJFQMnSwE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzOTMxMTM0OTA0NjQwNjQzNTE2OQ%3D%3D&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnEZ6cA
Request Chain 253
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBDWfmHJAUcJPbryqkNaWkw&google_cver=1&google_push=AehlK4CfP93C10YLP86tdwGVYe8V1hIq_7WuFDFDlzVc7YZCwLiBlQbQDtpTsF9e-V3R0ACa5ma2AqBcbDCfgVrMFPqc96wX9XF4K5A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CfP93C10YLP86tdwGVYe8V1hIq_7WuFDFDlzVc7YZCwLiBlQbQDtpTsF9e-V3R0ACa5ma2AqBcbDCfgVrMFPqc96wX9XF4K5A HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 283
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=85125700116846704444554012082018&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Request Chain 284
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=85125700116846704444554012082018&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042480
Request Chain 286
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=85125700116846704444554012082018 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 290
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=38067400114327204444550012082016&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Request Chain 291
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=38067400114327204444550012082016&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042481
Request Chain 293
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=38067400114327204444550012082016 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 310
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK9aV1olupFqWNCopuLpl58&google_cver=1&google_push=AehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK9aV1olupFqWNCopuLpl58&google_cver=1&google_push=AehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 311
  • https://um.simpli.fi/gp_match?google_gid=CAESEJG2cqcfNMiEaSdOi9iiLvo&google_cver=1&google_push=AehlK4AxYXikcOBiC8vyn4IWduj7AK53uLwf3O3PZge1VmBxPgIuRDRO6I6FLBsso1X4Ng2a-9qaCbxjEpBx_O1iZHH8k6ZQFP34 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=81591491B9C3487487EF3BD29543232F&google_push=AehlK4AxYXikcOBiC8vyn4IWduj7AK53uLwf3O3PZge1VmBxPgIuRDRO6I6FLBsso1X4Ng2a-9qaCbxjEpBx_O1iZHH8k6ZQFP34
Request Chain 312
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECTySgv6QoHBHiymq1SENN8&google_cver=1&google_push=AehlK4Df5tlGvG8cLvXMtQzP2HatbR0KH0CXpe02DOLos4o1yXOdsGA8yULzaYgzvuUcs3cQF5j6UdT51hsIR8hrEPtAVFZ6oBC5 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHof9mHVQpaCk6I1KJV-jg2&google_push=AehlK4Df5tlGvG8cLvXMtQzP2HatbR0KH0CXpe02DOLos4o1yXOdsGA8yULzaYgzvuUcs3cQF5j6UdT51hsIR8hrEPtAVFZ6oBC5
Request Chain 313
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_w4qVqIeCGZm5rWG1oUoc&google_cver=1&google_push=AehlK4DoJsTiTB6b7JTxfi03CsoP945ULMX7L08nm3XNBZziWAAEK0DV8pFAKC3SORN3VveGjDHUq-KY4ZFpXSWB_vRPiSXUjKi9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4DoJsTiTB6b7JTxfi03CsoP945ULMX7L08nm3XNBZziWAAEK0DV8pFAKC3SORN3VveGjDHUq-KY4ZFpXSWB_vRPiSXUjKi9
Request Chain 315
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBDWfmHJAUcJPbryqkNaWkw&google_cver=1&google_push=AehlK4D5ttFy8GXBzGzRvF7P9-N0yUBj1b-WeBp1Mhgr1Oi3Pd5XeyCPPnOJ0znl8Zl-U8TKe6Yv5KsKS7S65XnQQgqus0mite6o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4D5ttFy8GXBzGzRvF7P9-N0yUBj1b-WeBp1Mhgr1Oi3Pd5XeyCPPnOJ0znl8Zl-U8TKe6Yv5KsKS7S65XnQQgqus0mite6o
Request Chain 316
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHPiWMZtdFFW5YaC32gWbq8&google_cver=1&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9vQiMDO0SskcJe4sIIZRp3ga HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9vQiMDO0SskcJe4sIIZRp3ga&google_hm=WXlJZG1NQ284WGNBQU81VEhid0FBQUFB
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEECVXLgAb2HytiHrau6tzX8&google_cver=1&google_push=AehlK4DTP37HBRxLlhd0L3EF7m23dvxi8jWRttVIPBWnFMW6fDVNJvIWDLtcpu6rtEWjrHPc5dqhZX-hSpA_0EbobXUCCim0W33g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DTP37HBRxLlhd0L3EF7m23dvxi8jWRttVIPBWnFMW6fDVNJvIWDLtcpu6rtEWjrHPc5dqhZX-hSpA_0EbobXUCCim0W33g
Request Chain 327
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO98C3l2LlwiZZb1V4_SSZU&google_cver=1&google_push=AehlK4D-NBwCVMiirgGRrSVaRVtr9Lc7fKz-3RtECzUElxduRUvlB_B1lpG_EfK1KcRfHbLmkoM11VqJ-APyawax9A3cWiAky5Idaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4D-NBwCVMiirgGRrSVaRVtr9Lc7fKz-3RtECzUElxduRUvlB_B1lpG_EfK1KcRfHbLmkoM11VqJ-APyawax9A3cWiAky5Idaw
Request Chain 328
  • https://a.c.appier.net/gcm?google_gid=CAESEIDVhzb8T3VwjaaEjy9T2ls&google_cver=1&google_push=AehlK4DK489cJAVZT8xaae4PbwrhG76Wgm4GBjd5iLq0cfA_p0_tBdbZtEikJDZn8dIt3KztIXytFyUP_5rgbsHcZhO3mvMm1nfUvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=czlWRVdVV3VDbGVzTUROamx4MGlZdw%3D%3D&google_push=AehlK4DK489cJAVZT8xaae4PbwrhG76Wgm4GBjd5iLq0cfA_p0_tBdbZtEikJDZn8dIt3KztIXytFyUP_5rgbsHcZhO3mvMm1nfUvA
Request Chain 329
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgZskuNCRIC4V4GxrydOeE&google_cver=1&google_push=AehlK4Bf8EQdKc-PeiGFBdjnCDHXEM2PcjccqHs8C6PE_7GTB4B1f4EShhQQM20U1v-zUUrjkdI8C4HMHnAGjTuJbC3MpwaRWdcrBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bf8EQdKc-PeiGFBdjnCDHXEM2PcjccqHs8C6PE_7GTB4B1f4EShhQQM20U1v-zUUrjkdI8C4HMHnAGjTuJbC3MpwaRWdcrBw&google_hm=NTc2ODU5NDgxNzM3MzgxMTkzMw%3D%3D
Request Chain 330
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEN8a5dtbLChLIxbQk1deRk0&c_param1=AehlK4D-pQFWF-GFR_c-kk-SdHRNfNISi6SVwBsO34b199ynayOPTlP8JhNv_hqIYm7FNxEiHZrYzfopil4BXQVD99LtrEFTDIaesQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4D-pQFWF-GFR_c-kk-SdHRNfNISi6SVwBsO34b199ynayOPTlP8JhNv_hqIYm7FNxEiHZrYzfopil4BXQVD99LtrEFTDIaesQ
Request Chain 332
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELjO376-tK4aPu1WGj85Udw&google_cver=1&google_push=AehlK4BGVG9xxv2bxcgbLT01-YOvhrn5N5P2ZeYMeJ4C9hsu3qoQmUQinyvucgqdZCqz8ucsgXW8PTrI9GwD_yBgA5Dh6D_h8l1zoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BGVG9xxv2bxcgbLT01-YOvhrn5N5P2ZeYMeJ4C9hsu3qoQmUQinyvucgqdZCqz8ucsgXW8PTrI9GwD_yBgA5Dh6D_h8l1zoA&google_hm=QlMuOTkzNS04NDQwLTQ1MDQtOTI3Yg==

350 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
showtimeanytime.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://showtimeanytime.xyz/
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 18:29:37 GMT
Keep-Alive
timeout=5, max=84
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
showtimeanytime.xyz/page/ 		712 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
http://showtimeanytime.xyz/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf30UpIgC1cuCU7SbZp5LNuxbN8T2ZwbaE7vD12Q7X3wrQdKXECUhMIK5SDCGz30O%2FeUF32g1ve5se0OIXKIx5EI8hOfZGWdUZTUXgMZyCmT19QeosBmCfOmG3DY8kkOmD1g01FSBScxTirfcDbThjz6r2KbQV57r11nT0RAP81%2BAkZMFoFsCXGJDVCLV1Za9c44Y4O9iGya1CoijZCu72ZU9CavlifQ5ezUPSlVnIBfck6YqZML9XUxTAlAvH7LpId3CgZ4obn7KS2zAJEy2ldB3GgGVYFTn627B%2FQ%2BGmvM38yw6zh3COSvNCOTVd2n%2FRUuhjrJwRGkJ0SCkFDBqnNOtMIoODmkb7x7%2Fqchi4U0GvwrTvRcwt9d4ITrmPU3HiK%2FfKRd8HgSMZAoJ8tE%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
HTTP/1.1
Server
72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://showtimeanytime.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 18:29:37 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		37 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/page/bouncy.php?&bpae=GbhOd60Gokx7j3Nkf30UpIgC1cuCU7SbZp5LNuxbN8T2ZwbaE7vD12Q7X3wrQdKXECUhMIK5SDCGz30O%2FeUF32g1ve5se0OIXKIx5EI8hOfZGWdUZTUXgMZyCmT19QeosBmCfOmG3DY8kkOmD1g01FSBScxTirfcDbThjz6r2KbQV57r11nT0RAP81%2BAkZMFoFsCXGJDVCLV1Za9c44Y4O9iGya1CoijZCu72ZU9CavlifQ5ezUPSlVnIBfck6YqZML9XUxTAlAvH7LpId3CgZ4obn7KS2zAJEy2ldB3GgGVYFTn627B%2FQ%2BGmvM38yw6zh3COSvNCOTVd2n%2FRUuhjrJwRGkJ0SCkFDBqnNOtMIoODmkb7x7%2Fqchi4U0GvwrTvRcwt9d4ITrmPU3HiK%2FfKRd8HgSMZAoJ8tE%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
0d2b1dccf9ea05744a27af69bafa3bef2369eb128d3474f19673a48cb25aaa72

Request headers

Referer
http://showtimeanytime.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
6918
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 18:29:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15851"
vary
Accept-Encoding
x-hw
1663180179.dop204.fr8.t,1663180179.cds137.fr8.hn,1663180179.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
application/javascript
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		500 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd41e12c07e431794e5922d4875363fd9b87b8800f6f8549933741cf47cbc79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Sep 2022 08:11:48 GMT
server
cloudflare
etag
W/"63203b44-7d178"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BBEkzfrS2qjdZQCW2Oltpupbf%2BBMlXiOQgYoJH5HIiFz%2BSuzBhZFJ%2BmYbO5%2FzMO1B%2BLuqfPE36m2kZpQIpkQweacOn8Dvlc3TiecavPT4fW4adRp5NIsiPKTh6nUHa89w5NgTW9%2FqVEJuVq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
74ab30770ceb9152-FRA
expires
Thu, 15 Sep 2022 08:12:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddaeff2b388c7c77474661b3ddd73cc8f565999ed7efa4d59d048b6710c376bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57946
x-xss-protection
0
server
cafe
etag
15606624731187323413
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 18:29:39 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/png
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		0
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=showtimeanytime.xyz
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:92ff:fe2d:3e71 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:39 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=100
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7206073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdcjtBsLAZvLSuvaN%2FW1H2gDgUwFxC1bUPinCduJScv%2BOfQF0TZmVhzQHOo54X%2FAfAAjuBvM7ounOt8byqKrdjgnUv%2BzyHySMHtAWnOLwy%2Forif1LXTRqtGNH1nC%2BB6ijhkJJZ29etsv38WrHXRhkkdS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ab307ae920906a-FRA
expires
Mon, 04 Sep 2023 18:29:39 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3624691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW4DcJuc2DzxzQGlKF1n%2FsaLZ9Dmq2AM6WwlhX0y4MuLjhv7%2B1fiXUn2o%2FUrepiA8%2Bqf6yypbp6vkbFr7x1he5WIQfWnh56WcrrNUBuRd9Fvtq8%2FbK%2Fv9XUWJrssYXJ81JgAXZSgZag4gnfGM9yqYjlk"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ab307af928906a-FRA
expires
Mon, 04 Sep 2023 18:29:39 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
352
embedcode.js
embed.sendtonews.com/player3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-43-118.compute-1.amazonaws.com
Software
Apache /
Resource Hash
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3098
expires
Wed, 14 Sep 2022 19:29:39 GMT
2.jpg
simcast.com/images/clipart/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/2.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
last-modified
Thu, 09 Dec 2021 00:11:41 GMT
server
Apache/2.4.38 (Debian)
etag
"23c5-5d2ab73682940"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/jpeg
content-length
9157
AACl6Lf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 07 Sep 2022 19:31:07 GMT
x-datacenter
eastus
x-source-length
18254
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=219675
x-activityid
7d854bc0-08b3-4e29-8a6c-5fe69900e475
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AACl6Lf
content-length
18254
expires
Sat, 17 Sep 2022 07:30:54 GMT
AA11OSHW.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OSHW.img?h=100&w=100&x=1024&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
75dab9fc4ca543c015b90760248f541c81edf1c7088e925255e9ceb1b88e0dde
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 12:57:29 GMT
x-datacenter
eastus
x-source-length
333236
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=412114
x-activityid
d80fe8fe-cc47-48c9-a89c-f48aad462e2c
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OSHW?h=100&w=100&x=1024&y=640&m=5
content-length
2550
expires
Mon, 19 Sep 2022 12:58:13 GMT
AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		417 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 24 Aug 2022 11:00:34 GMT
x-datacenter
westus
x-source-length
417
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=145898
x-activityid
14f1fb15-7062-44b7-98ec-610a428b0bd4
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length
417
expires
Fri, 16 Sep 2022 11:01:17 GMT
AARL88c.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARL88c.img?h=100&w=100&x=400&y=280.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
89afd70b0877fa1840b47f11d078075929be719148e0d951ca3935897d913c40
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 07:39:37 GMT
x-datacenter
northeu
x-source-length
47152
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=393015
x-activityid
b3e8c3b3-fee0-4f88-a303-35d371d237f0
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AARL88c?h=100&w=100&x=400&y=280.5&m=5
content-length
3117
expires
Mon, 19 Sep 2022 07:39:54 GMT
AA11OZdC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OZdC.img?h=100&w=100&x=371.5&y=150.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d24f88dfeb7302b208ca259be0300179a72b653cf311dea473aec17e7275528f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 15:23:41 GMT
x-datacenter
eastus
x-source-length
73716
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=420787
x-activityid
c6f5902a-880b-43a1-8623-f286ebf10233
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OZdC?h=100&w=100&x=371.5&y=150.5&m=5
content-length
4474
expires
Mon, 19 Sep 2022 15:22:46 GMT
AA11Owaz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11Owaz.img?h=100&w=100&x=405.5&y=245.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cd96820f43b482b6bfd5183a906932bb491fcf0b6f6001f21c8676079f1acfbb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 13:10:29 GMT
x-datacenter
eastap
x-source-length
74375
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=412816
x-activityid
acd8d592-1449-41e8-a1b2-7726568017a3
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11Owaz?h=100&w=100&x=405.5&y=245.5&m=5
content-length
3935
expires
Mon, 19 Sep 2022 13:09:55 GMT
AA11OxRn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OxRn.img?h=500&w=1000&x=400&y=252&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0e9be8f5fd84522ce8d24cb4b639c9c2b76aead9a62d2445a0b9c5f1cc48ef82
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 13:16:03 GMT
x-datacenter
eastus
x-source-length
59709
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413133
x-activityid
aab734a2-9eb0-4f3d-9de2-6f472f42e491
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OxRn?h=500&w=1000&x=400&y=252&m=2
content-length
62635
expires
Mon, 19 Sep 2022 13:15:12 GMT
AA11OTJR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OTJR.img?h=70&w=95&x=543&y=126&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6402f5d61afb2894b206c00c0b38edfa9004a28198085b2120e48d3809e8e541
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 13:30:17 GMT
x-datacenter
eastap
x-source-length
403681
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413995
x-activityid
3629aad5-c203-4010-8ddf-a726483e99f9
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OTJR?h=70&w=95&x=543&y=126&m=5
content-length
2059
expires
Mon, 19 Sep 2022 13:29:34 GMT
AA11OXaJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OXaJ.img?h=70&w=95&x=600&y=337.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e0d2c313fe636e649c16ff0141b6d93cdc6a5a4910f5b69ee3a6573464170ce7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 12:56:01 GMT
x-datacenter
westus
x-source-length
130223
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=411918
x-activityid
90fc3344-11fa-4404-90bb-04a3536ae497
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OXaJ?h=70&w=95&x=600&y=337.5&m=5
x-resizerversion
1.0
timing-allow-origin
*
content-length
3696
expires
Mon, 19 Sep 2022 12:54:57 GMT
AA10Ozqi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA10Ozqi.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0aedac10cb6f36176a2974f3b29a0bd8fbc032d213beea4c9052a129dd0685f2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Fri, 09 Sep 2022 14:49:24 GMT
x-datacenter
eastap
x-source-length
18098
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=375652
x-activityid
27b6da21-b1d7-42fc-9523-00787dcd8a10
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA10Ozqi
content-length
18098
expires
Mon, 19 Sep 2022 02:50:31 GMT
AA11OZdC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OZdC.img?h=70&w=95&x=371.5&y=150.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b3364373fbce1a7ec71aef282974dcdcaf47410406b55c51fabd22b520c757e4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 15:23:35 GMT
x-datacenter
westus
x-source-length
73716
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=420853
x-activityid
82ee785c-396b-49ca-ad62-7617f0b047d8
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OZdC?h=70&w=95&x=371.5&y=150.5&m=5
content-length
3305
expires
Mon, 19 Sep 2022 15:23:52 GMT
BB1gaOxk.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gaOxk.img?h=70&w=95&x=400&y=266.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2be635b0732bc0561a39548cbce3b7653498926eb2098918544e5eec58e5191c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 11:57:18 GMT
x-datacenter
eastap
x-source-length
64161
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=408481
x-activityid
6f6ae686-e559-4d54-bd54-583d1c9f4c0b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1gaOxk?h=70&w=95&x=400&y=266.5&m=5
content-length
2471
expires
Mon, 19 Sep 2022 11:57:40 GMT
AA11PMKf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11PMKf.img?h=70&w=95&x=596.5&y=250.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1f965711fb55448124edce4414e7034f6341376235ca3a086e675265b045047b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 17:54:35 GMT
x-datacenter
northeu
x-source-length
294787
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429982
x-activityid
59a4619b-e6ad-4688-bc2b-dfbc034e0f23
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11PMKf?h=70&w=95&x=596.5&y=250.5&m=5
content-length
3168
expires
Mon, 19 Sep 2022 17:56:01 GMT
AA11OSHW.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11OSHW.img?h=70&w=95&x=1024&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94513ad72124cecf25256240a8cfc2a26b6012b25f85f8b0ae0200e890872370
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:40 GMT
last-modified
Wed, 14 Sep 2022 12:56:11 GMT
x-datacenter
eastus
x-source-length
333236
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=412057
x-activityid
57d59970-ade3-4bab-94df-72203561bcb6
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11OSHW?h=70&w=95&x=1024&y=640&m=5
content-length
1796
expires
Mon, 19 Sep 2022 12:57:17 GMT
9.jpg
simcast.com/images/clipart/news/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/9.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
625e16893b9fa85b2cb666eb1ec4d07d22a5d1fdffcbcddbcde69b5e65013f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
last-modified
Thu, 09 Dec 2021 00:11:49 GMT
server
Apache/2.4.38 (Debian)
etag
"3d9f-5d2ab73e23b40"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
image/jpeg
content-length
15775
AA11PjSX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11PjSX.img?h=70&w=95&x=522&y=275.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
64625cc5086b2a853d308fe6d35bafb3880ab94444999796186738c1af08a70d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 14:08:31 GMT
x-datacenter
eastus
x-source-length
1233120
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=416404
x-activityid
5a272083-36f8-4778-9dfa-bfe1b5ede5ea
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11PjSX?h=70&w=95&x=522&y=275.5&m=5
content-length
3048
expires
Mon, 19 Sep 2022 14:09:43 GMT
AA11Owaz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11Owaz.img?h=300&w=400&x=405.5&y=245.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d208159fe6aa901098f3be0a3d9b7ec935668db65e428a98bf4ec1ea8acf5b33
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 13:16:33 GMT
x-datacenter
eastus
x-source-length
74375
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413198
x-activityid
62a0355f-4822-4633-a6bb-6fefd2dafdbe
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11Owaz?h=300&w=400&x=405.5&y=245.5&m=2
content-length
24585
expires
Mon, 19 Sep 2022 13:16:17 GMT
AA11PD3u.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA11PD3u.img?h=300&w=400&x=1024&y=615&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::6867:483b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6542fecd3eeb8b5bee1788b22bb4080c6467e29885c79c5089ffe6a649723ef7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 14 Sep 2022 17:57:26 GMT
x-datacenter
eastap
x-source-length
302435
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430022
x-activityid
b4d06e52-959c-4584-8859-bf6b74d0aed4
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA11PD3u?h=300&w=400&x=1024&y=615&m=2
content-length
28652
expires
Mon, 19 Sep 2022 17:56:41 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
text/css
content-length
351
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8ec62489d020c68582784b7b8f9ab4e55ea0b6f00231532043901b667bfb06f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42160
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Sep 2022 18:29:39 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Wed, 14 Sep 2022 18:29:39 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		310 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd82355ae973a198efe0786bf270cff40efb910f13c56a59f0d0d09fe510fa72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
74ab307b2da9698b-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1531e00dd4be7c74bf3dab550df7e4b4e609a3dc3874504d440aecab88f1826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29157
x-xss-protection
0
server
sffe
etag
"1334 / 206 of 1000 / last-modified: 1663153767"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Sep 2022 18:29:39 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.184 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
CiKHX4xqxgFLMLxE9KKEwvOwE3PStQI4
content-encoding
br
last-modified
Wed, 07 Sep 2022 12:45:11 GMT
x-amz-request-id
DK2AC0YS7F3PD7H8
etag
"ceb80d9e3795d1d7b4cbf5e7b8d7dddc"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Wed, 14 Sep 2022 18:29:39 GMT
accept-ranges
bytes
content-length
3339
x-amz-id-2
hQ/MYljxqSKTkklF/lGKXSJAIe0nI2BG99x3CFDCIqczleLO+cHfwLI4DnQanp7NbVnAzEOoygQ=
pubads_impl_2022090801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 08:05:11 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Wed, 14 Sep 2022 18:29:39 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f2cc3ff20e2648c6c37c5415b26523088b570fe657b6d94c709e38016e68d8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124742
x-xss-protection
0
server
cafe
etag
1506013802295912726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 18:29:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame D0C3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 06:07:26 GMT
etag
8616628553774171045
expires
Wed, 28 Sep 2022 06:07:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:39 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
connection
Upgrade
accept-ranges
bytes
content-type
font/woff2
content-length
75440
fpc
at.teads.tv/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=bd83746&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:40 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 14 Sep 2022 18:29:40 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20220901/ 		655 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-43-118.compute-1.amazonaws.com
Software
Apache /
Resource Hash
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 00:03:42 GMT
server
Apache
etag
"a3c23-5e7a6767c5380-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Wed, 14 Sep 2022 19:29:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5260
date
Wed, 14 Sep 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 14 Sep 2022 19:02:00 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-type
text/html; charset=UTF-8
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
839c23220a304e823b1f70b1150ad479982e9d3ca99d2a32b1375b4bbd506965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&tn=DIV&cls=gdpr-block&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 36D5 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1663180180&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663180179866&bpp=3&bdt=889&idt=250&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3765954509710&frm=20&pv=2&ga_vid=1369281649.1663180180&ga_sid=1663180180&ga_hid=1187808849&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44772486&oid=2&pvsid=2354995151772382&tmod=308465318&uas=0&nvt=1&ref=http%3A%2F%2Fshowtimeanytime.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:40 GMT
expires
Wed, 14 Sep 2022 18:29:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		817 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
427f8dac0a822f895050838b1f2c4b3d76f41267ec9874241ee16ad1e3330725

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.225.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://simcast.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hbjson
grid.bidswitch.net/ 		24 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.222.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-222-62.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d44f0cd209f99548e010bf5f3367d1891f7bc470ba37c00fc20b374fc5be20d3

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2278de3a8f541f863%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fshowtimeanytime.xyz%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%22b9a80756-6da0-4865-a663-14666c97d3dc%22%2C%22divId%22%3A%22b9a80756-6da0-4865-a663-14666c97d3dc%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22793a25bf76667ba%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%23774a9159-45a6-4369-a21a-e6bef3a5b248%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%228322ec29d90583f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22320x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%23855588a5-6da6-487c-aec7-1284a87dc92e%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%228771db9cd0962f4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%2312815763-cfc9-48c4-a8c5-5c2a36ef45a9%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22894b65ce4d02bae%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%23b9a80756-6da0-4865-a663-14666c97d3dc%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d6a488c-642d-4b5f-903a-db4891e88f31%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8009dd31e8be0aa66ae6f6d35f6e43d2264c9b744c7e663531d045f0329446bd

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mY%2FyQUwm3OELFoczFeL0JgTjwlffwnzM%2FrqxdixRZoTRjoNW2pl2MldYDFAiqV1%2BvzcLnqFgZlkeOHYapG59zqDeR%2B1eGONYVP62hYQFDn35ZlyivrMCEV%2BvA%2Bm1jM20zTB2EV%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ab307e8e619013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61ade81bfb09c4c2b2f227c2f4ef8b79cef17753b827ac521a79eb711df2e1bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:40 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a7c9871-e9a9-43d5-af66-467cc210000c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.194.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-194-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bidRequest
in-appadvertising.com/api/ 		56 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=101c106df5dca07b&pubId=30557&sectionId=10399&vers=7.12.0&url=https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
0f57e47549eb768df261fedac1232a684bb8de72cfa1a6c5c72a1df6d1adadc1

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:40 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://simcast.com
Cache-control
no-cache
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
c
prebid.a-mo.net/a/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
7
vary
origin, Accept-Encoding
bid
s.seedtag.com/c/hb/ 		11 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
ghb.adtelligent.com/v2/auction/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
585051b0131f8ffd63ef1f9bb09c548d5af38bb7188eb29b2f7c5aac4b271972

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 14 Sep 2022 18:29:40 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
869
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3dd21c2835f2244f8a46826f92cb40532cfffdb635521ef0d477977ce01915ef

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dcbf0209deec6e1f0d3a78fcd42477fb572d9e871056b9284158f484022d80e6

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
71c45236858e7d8a0a34f5f23087ea21463fe2cb9335ceca85b940924a688343

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b77a18563230d12a83ff7001225223ebda943111ceab0b077b92cc95f2aa280d

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2feeb2d6402c80025a59f50d6d52d672c8420897f98cd6285a51020e8200ace2

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4d3f9e5a6d44c141d03ecae6ab071a918587e220a4d7158e0f2aedb97e85a847

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f79b9ad88f43b6ea275a24355de1142c946887c4fa122e284f44c36263a3e1b4

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d8c9ad8ce2ed3e36ccea9df334c0cc101b41ead25643618bc5eeb55162b74d4c

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
593bcdb75cb3422d7dd1c79e63f0873dd811bd1d32674f5f48761f49ecfef517

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d97ef5e328d375d59ef39891ef9e38ff4970dd6208327379d78b29e908f7442c

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
78aea9fc5937c002b77ec3f4d853241dd528a7275b0efca724d2f24ef79c1073

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
89ab4d21e450c120a1bb6ce5ae1f5fff56e343f9eca4416dc55a2571dbf32429

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
prebid
prebid.media.net/rtb/ 		32 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
via
1.1 google
server
nginx
content-type
application/octet-stream
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
clear
content-length
32
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:40 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1187808849&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&dr=http%3A%2F%2Fshowtimeanytime.xyz%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=173747534&gjid=1954327702&cid=1369281649.1663180180&tid=UA-205158314-1&_gid=956581886.1663180180&_r=1&gtm=2ou9c0&z=1567815751
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Sep 2022 18:26:18 GMT
Server
Apache
ETag
"762177-9a4f-5e8a743cc616b"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3507
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13270
Expires
Wed, 14 Sep 2022 19:28:07 GMT
css
fonts.googleapis.com/ 		3 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 16:35:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 18:29:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 18:29:40 GMT
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 18:29:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 18:29:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 18:29:40 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1815379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diR6W6t7OPDVwdp8hTNJzvk6vpfkeIuXmQ7CPnnOVZAAK5JMDghMVpWSWm3HrfU%2BQf1p65BHcBC%2BEheHUd1bMD5Y%2FmjsL9U5V%2Fz2RnKwvHITj1sPipOmOaopaCLUApbD2rWxe%2FS60Xj3JhyzBieoe9Ro"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ab3082e8c86904-FRA
expires
Mon, 04 Sep 2023 18:29:40 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 461C 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1816941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
timing-allow-origin
*
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCKqt8P4r%2F%2BHH8e61dIAHvNLO3KtiP7IuR4DFJQ9cqwsic0hl%2BKEL%2BW8X6kVcsfDibhqmeVEIyDwpc0ncmQoE3TvmHtFqCPQYfEUWiaq0elKr5rE%2BIAqaz3iQ%2BciMoMB%2FzaKfrRbOfWj3vuNjJKZBAZt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74ab3082e8c36904-FRA
expires
Mon, 04 Sep 2023 18:29:40 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 461C 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
yiiPEeyoChNRPj6WvW3hE_W13NGERpVBzWOG-_4nE4ouZucYQ5E09g==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 461C 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 02:01:10 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
age
59320
etag
"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
342796
x-amz-cf-id
TlebFArZZS30ysOvMoucK1Waign70N7V7FUl0870W6DLUiZ0STRwig==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128594
x-xss-protection
0
expires
Wed, 14 Sep 2022 18:29:40 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:47:36 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
27788
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
1094
x-amz-cf-id
PPi87TaIb_ma7azNWZHHtJ5UnsKPljj31eh4kCpbEwKQqKXrj_p9Iw==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:10:47 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
51579
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
322
x-amz-cf-id
oo3WL7CEXF46zhv9XzaA2Wf3rm6GjsIeyIEt5h3RWKp6djHCd-c0Kg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:03:49 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
52050
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
832
x-amz-cf-id
ygdEObKRKAf3sz6kNxlTXsCWL_8YqOt_0vCvmF8fewgrstzPt-51tw==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:10:47 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
age
51578
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
773
x-amz-cf-id
pvI_QHiraEGso3ac-2CuTdkkIg9oyPM_h-1L97l96rIrSZBQloxgHg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=813961&version=7.8.0&age=220914&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=3122.7&relativeTime=0.1&canonical=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		39 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=Ff2cEfAKBfSTtXdp&instance=813961&version=7.8.0&age=220914&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.43.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-43-118.compute-1.amazonaws.com
Software
Apache /
Resource Hash
998d48f18a77ff3dbe552d9adf388e8550ffa09144f7a0223b17cf500adcf891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
7889
expires
Wed, 14 Sep 2022 18:29:41 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 461C 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
74ab30836e3c8fe0-FRA
date
Wed, 14 Sep 2022 18:29:41 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 461C 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 14 Sep 2022 17:52:25 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 20:50:54 GMT
server
AmazonS3
age
2236
etag
W/"d9d3c87337955401df6a2e4474e61700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA2-C1
content-encoding
gzip
x-amz-cf-id
2wgnuWuQ_v-CmZOQB3KJIABZMpOKij1vQ5UgDBCvpLBGUNWOSthebw==
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0d1d6a1e3336ca7761a570a9c2c707d73a7b91b23bb9a700b7bcda35905b054d

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 14 Oct 2022 18:29:41 GMT
/
id.sv.rkdms.com/identity/ 		2 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.58.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-58-99.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:41 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
bridge3.530.1_en.html
imasdk.googleapis.com/js/core/ Frame 6126 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
406736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211596
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 01:30:45 GMT
expires
Sun, 10 Sep 2023 01:30:45 GMT
last-modified
Sat, 10 Sep 2022 01:26:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 18:29:41 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=214813961&version=7.8.0&age=220914&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=3370.6&relativeTime=248&canonical=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=nhak6XaIX0&USR_ID=214813961&ST_usrKey=Ff2cEfAKBfSTtXdp&SM_ID=2237986&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 18:29:41 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Wed, 14 Sep 2022 18:29:42 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-37.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:19:50 GMT
content-encoding
gzip
age
670
x-cache
Hit from cloudfront
content-length
1394
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 21:08:40 GMT
server
Apache
etag
"e75-5d956cd664600-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
drnepPziFHobJK4YzU1xWtVkTjnaUFxD8jwfPnTALfVYNhL0dOUIGQ==
expires
Wed, 14 Sep 2022 19:18:31 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:56:32 GMT
x-content-type-options
nosniff
age
171189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 18:56:32 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 20:33:24 GMT
x-content-type-options
nosniff
age
510977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 20:33:24 GMT
n54xh1tmwf2wugfk8lbsaypj3qe2ugzx.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/n54xh1tmwf2wugfk8lbsaypj3qe2ugzx.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c05cca26bfda7ff320575fd698145fe73b18170ea4f1add0cd3d0c90648564e

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:10:57 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
4724
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
23263
last-modified
Wed, 14 Sep 2022 17:09:56 GMT
server
AmazonS3
etag
"fe9e6c8e47615aed653c4bf4d5ab9ffa"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
VeFDG5p-Z4y6SsjhKWM4Y7hgo1OC3B_YPl9jYeR7iFYhqRW03cjuEg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=214813961&version=7.8.0&age=220914&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=3397.6&relativeTime=275&sC_ID=8783&sm_id=2237986&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=nhak6XaIX0&USR_ID=214813961&ST_usrKey=Ff2cEfAKBfSTtXdp&SM_ID=2237986&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 18:29:41 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Wed, 14 Sep 2022 18:29:42 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 461C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
62716
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 24 Aug 2022 19:06:24 GMT
server
AmazonS3
date
Wed, 14 Sep 2022 01:06:46 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
D7D0eX1CVix0vbcH_ph-h9ubE4dfuwSpzDqloxuouVrUj01vpCJgxg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 461C 		248 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:50:15 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
server
Server
age
16766
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
content-length
248
x-amz-cf-id
DrEf-GJyotOIuZ-mJ1U5f7ML16fZLbbrlvXp7Qc7rueQALDjQYhl2Q==
bid
c.amazon-adsystem.com/e/dtb/ Frame 461C 		23 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&pr=http%3A%2F%2Fshowtimeanytime.xyz%2F&pid=wFY8caigRzP4L&cb=0&ws=300x150&v=22.8.252032&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
QXTE269VQ7NA2JWBQ089
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
awhlT07srAkBKAV61q-b0rgTOc3uZQXqmVFrvP5CMRh_nhRmCGirig==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 461C 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Wed, 14 Sep 2022 18:44:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
573e9123ff29812331a29fbe4f233ef0466a2dc53fbe3e4232c2a1a73381fa35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11064
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHXrQeETmEwefd1VLBMqD50jm7raxYjGwv3dDr%2BLoXP0W3js5NVUt7SEMQlGoPAqpDFdOXELNqHNaslGuJ0VFJdnGd7g9pYFg9w6uKmF0zh2D6R7zQUllkYogJ0U8IE4VrkdVwQSFac%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ab3085fdce5ca4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cygnus
htlb.casalemedia.com/ Frame 461C 		36 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221d353e9216cb36%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222a2b1283b42d72%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36af9a460dee61278d9036913a7dbdeb3ac88b12eec58557484f5079eface2fe

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr8vLiV8R7KV%2BFPkGdlA8CNK0%2FNNIMyXab1d5ph%2BsbTyx1eDM0AQXHeCDCiQnyfTLl%2FWu7LAPKw07xR%2FhCHNSMAoB9hyQuH2QdxuAU1iQcJ9%2FVKmxi03n5AfladDlWMaoVtqoH9q"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74ab308688055c3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 461C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 14 Sep 2022 18:29:41 GMT
X-SpotX-Timing-Transform
0.000424
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000957
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000582
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.020512
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000406
X-fe
113
Last-Modified
Wed, 14 Sep 2022 18:29:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.016225
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
X-SpotX-Timing-Page-Misc
0.001886
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.016225
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 461C 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Wed, 14 Sep 2022 18:29:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 461C 		19 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.242.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-242-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:41 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 461C 		173 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cd825f01e9ffd40877426518900f75d413e7a7437818057740db2655786ce060

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.98.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 461C 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e1db083eddf085c8479631c8066495a5c3509438ec5c52c976617d5326c109a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:41 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
640042ae-c8eb-48e9-9f70-746d228080ff
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 18:29:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9462 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 17:27:47 GMT
expires
Thu, 14 Sep 2023 17:27:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 376E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ceb21974501bf860c296f85479a07d2bdddc64898224009aaf6cca2777caa29e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n5_8oCHmJIVkICIdNl-GUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-n5_8oCHmJIVkICIdNl-GUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:41 GMT
expires
Wed, 14 Sep 2022 18:29:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 9462 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 12:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 12:57:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 376E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220912&jk=2354995151772382&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
6s11qn96528po383sqr3n8s9qnn963roplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/6s11qn96528po383sqr3n8s9qnn963roplaylist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c71c82f743bff8c4828f3c33441cfcf562de9ff0990eb4a6d88dd3f197f48b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:13:45 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
4557
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Wed, 14 Sep 2022 17:07:03 GMT
server
AmazonS3
etag
"38a6df9f6a8bc3c2d815d800b843c171"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
UtHqMmegR3-LTJQoqgcC3ojOu0R7fff5SA2p-9zVmogJfA8ni_XydA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=214813961&version=7.8.0&age=220914&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=3958.7&relativeTime=836.1&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.530.1&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=214813961&version=7.8.0&age=220914&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=3959.2&relativeTime=836.6&sm_id=2237986&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=75.8&prebid.bidders.spotx.time=263.3&prebid.bidders.pubmatic.time=245.7&prebid.bidders.triplelift.time=104&prebid.bidders.rubicon.time=207.1&prebid.bidders.appnexus.time=25.7&prebid.start=3680.8&prebid.time=267.5&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
s3340pq207q41sn9p16so395q321865qbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		8 KB
9 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/s3340pq207q41sn9p16so395q321865qbase.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e717e004aa333566f59c9089d1047a981519a2e3075ff5f4e1da29744f4eaf1b

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:13:47 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
4555
x-cache
Hit from cloudfront
content-length
8626
last-modified
Wed, 14 Sep 2022 17:08:14 GMT
server
AmazonS3
etag
"6ceed454ac5fb495c6aca30884d48c14"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
JAYhHi8yGY0KZ1BslqHta0pm6SX4_BHqHqDnx0Nj0wbwTCgZ8zXT0A==
ads
pubads.g.doubleclick.net/gampad/ Frame 6126 		34 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2237986&us_privacy=false&cust_params=sessionKey%3D214813961-Ff2cEfAKBfSTtXdp%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D19%26us_privacy%3Dfalse&sdkv=h.3.530.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=44d&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.530.1&sid=DEAF2860-8B2B-471B-AA93-405785941B96&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701&ref=http%3A%2F%2Fshowtimeanytime.xyz%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&dlt=1663180178977&idt=2356&dt=1663180181796&cookie=ID%3Dd0236eb9898f85af-222c8a6b1fce004b%3AT%3D1663180180%3ART%3D1663180180%3AS%3DALNI_MaaD2Efd2_hxCFJ3en2Es1KJUSeFg&cookie_enabled=1&correlator=1936696585169440&scor=208178922416289&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27a011e8d01e751751a22b7448ebb7d388f0a17da676d80e28cb7080404a4024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1528
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
6s11qn96528po383sqr3n8s9qnn963ro.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		2 KB
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/6s11qn96528po383sqr3n8s9qnn963ro.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcb9221a7839e3f60933c82a85d522bb1958797a5b055d3d2c3891679aedc3ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:13:47 GMT
content-encoding
gzip
age
4555
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 17:08:15 GMT
server
AmazonS3
etag
W/"7956503dc40d6ba62393f08d7310d6fb"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
hbhR62yOzRAL-jbd0w9fCA4jNMks1oY3EvRD-KNB7ISkI85_vhyteA==
6s11qn96528po383sqr3n8s9qnn963ro-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		288 KB
289 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/6s11qn96528po383sqr3n8s9qnn963ro-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
352d949608375f1c60e6a20a3cc56c3a9d54ac7bf62b47a111ff4d8c3f29434f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:13:50 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
4552
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
295160
last-modified
Wed, 14 Sep 2022 17:08:09 GMT
server
AmazonS3
etag
"6e2d9c05f3a45982bf08378f8ba50308"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
_u-khW9D2hRJhxASbtG4cGQpZLrsyrISEXFFajk0sbZLII88M3_PTg==
generate_204
tpc.googlesyndication.com/ Frame 9462 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pHylXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
7d807d3c-60ca-4c7e-b773-3565d955c3ae
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/7d807d3c-60ca-4c7e-b773-3565d955c3ae
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
6s11qn96528po383sqr3n8s9qnn963ro.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 KB
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/6s11qn96528po383sqr3n8s9qnn963ro.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
811c37bd6c2a528afd481463479de8aa9127382a17c35baf9bf3c373eeae18c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:14:52 GMT
content-encoding
gzip
age
4490
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 17:08:35 GMT
server
AmazonS3
etag
W/"d6796eaa2c9da909b10f4182781a71d2"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
YvblChYbczSFhkQUMjgivNvM445Xuu98rt9EBhRCLFMP4X066vm1sQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=214813961&version=7.8.0&age=220914&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=4189.2&relativeTime=1066.6&alt=0&sC_ID=8783&sm_id=2237986&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=nhak6XaIX0&USR_ID=214813961&ST_usrKey=Ff2cEfAKBfSTtXdp&SM_ID=2237986&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 18:29:42 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Wed, 14 Sep 2022 18:29:17 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6126 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214813961-Ff2cEfAKBfSTtXdp%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D19%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=DEAF2860-8B2B-471B-AA93-405785941B96&adk=2458199627&cookie_enabled=1&correlator=1936696585169440&dlt=1663180178977&dt=1663180182011&ged=ve4_td3_tt1_pd3_la3000_er270.20.698.781_vi0.0.1200.1600_vp100_ts0_eb24171&idt=2356&is_amp=0&omid_p=Google1%2Fh.3.530.1&osd=2&ptt=20&ref=http%3A%2F%2Fshowtimeanytime.xyz%2F&scor=208178922416289&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44754420%2C44760950%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=44d&sdkv=h.3.530.1&sdr=1&vconp=2&video_doc_id=2237986&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&ctv=0&cookie=ID%3Dd0236eb9898f85af-222c8a6b1fce004b%3AT%3D1663180180%3ART%3D1663180180%3AS%3DALNI_MaaD2Efd2_hxCFJ3en2Es1KJUSeFg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.530.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
247192
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=DqZpw3wzS0JHWkgzRnBQR3dQTjlzY2I3OTd5aVdFTFB6M0NNUTdMNVNuUEx1bHF0NlFyQ09DajR0MnN5eTQzeHZoc3lSRk05N0lzSlFCTU5nUGNrNzhLaVhsMzJScE12WU04SkpCUkRraWpkR21rVEdxcTE2bFVIcFkxRG...
362 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DqZpw3wzS0JHWkgzRnBQR3dQTjlzY2I3OTd5aVdFTFB6M0NNUTdMNVNuUEx1bHF0NlFyQ09DajR0MnN5eTQzeHZoc3lSRk05N0lzSlFCTU5nUGNrNzhLaVhsMzJScE12WU04SkpCUkRraWpkR21rVEdxcTE2bFVIcFkxRGFNRlVZM3Q3bU9QbFcyY29GZWpQNkMzVkp6bDJHSE9uVG5yd1pVakoxZE9LcXF6dDhjWnY3T2hlZXZ3Q29DQWhaMVgxd2c2bmxHY0h5Qzg2K3p2dmJESzg1UWgvUzUybVhPWld5dlZQVHAzUTN0MjVmSVFrPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42ac6f8f9f0befc1ec30d2ae684e51fb2066f2ae78a1ea9a567e00677663beb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1527374
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=DqZpw3wzS0JHWkgzRnBQR3dQTjlzY2I3OTd5aVdFTFB6M0NNUTdMNVNuUEx1bHF0NlFyQ09DajR0MnN5eTQzeHZoc3lSRk05N0lzSlFCTU5nUGNrNzhLaVhsMzJScE12WU04SkpCUkRraWpkR21rVEdxcTE2bFVIcFkxRGFNRlVZM3Q3bU9QbFcyY29GZWpQNkMzVkp6bDJHSE9uVG5yd1pVakoxZE9LcXF6dDhjWnY3T2hlZXZ3Q29DQWhaMVgxd2c2bmxHY0h5Qzg2K3p2dmJESzg1UWgvUzUybVhPWld5dlZQVHAzUTN0MjVmSVFrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
391626
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2354995151772382&correlator=1133685699796647&eid=31069552&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=1114210395%2C3807551739%2C1139577408%2C2454005370&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=arTest%3Dfalse%26wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D300%26wrap_l%3D1800%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D500%26padpr%3D20%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D500%26waae%3D2000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s%26wabtr%3Dsharethrough&sc=1&cookie=ID%3Dd0236eb9898f85af-222c8a6b1fce004b%3AT%3D1663180180%3ART%3D1663180180%3AS%3DALNI_MaaD2Efd2_hxCFJ3en2Es1KJUSeFg&abxe=1&dt=1663180182186&lmt=1663180182&dlt=1663180178977&idt=941&adxs=315%2C791%2C1230%2C0&adys=150%2C1012%2C245%2C1890&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&ref=http%3A%2F%2Fshowtimeanytime.xyz%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1820&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=1369281649.1663180180&ga_sid=1663180180&ga_hid=1187808849&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39a4fdaa01d9b4d4d11148e1815e6d782af86fa0db3293f7acbca297fdcf9f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30659
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F2D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Thu, 14 Sep 2023 18:29:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p
sb.scorecardresearch.com/ Frame 461C 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1663180181204&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=353887&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2237986&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1663180182294&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1090&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dshowtimeanytime.xyz%26pcid%3D48%26rid%3D112%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-15.dus51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
43
x-amz-cf-id
dvFIp6ubaQP2grtM8BMyvK6zDVgEZHhQlU1rhIZVJdLsoU_CBHEtvg==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Ff2cEfAKBfSTtXdp&instance=214813961&version=7.8.0&age=220914&cmd=PLAY&key=eKVKXbhX&c_id=12018&seq=1&order=7&absoluteTime=4494.8&relativeTime=1372.2&alt=0&sC_ID=8783&sm_id=2237986&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-0.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=nhak6XaIX0&USR_ID=214813961&ST_usrKey=Ff2cEfAKBfSTtXdp&SM_ID=2237986&C_ID=12018&C_companyName=Adapex&version=70080000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&REF=https://simcast.com/?d=showtimeanytime.xyz%26pcid=48%26rid=112%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.30.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-30-54.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 18:29:42 GMT
cache-control
max-age=1
server
Apache
content-type
text/html; charset=UTF-8
content-length
0
expires
Wed, 14 Sep 2022 18:29:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220912&jk=2354995151772382&bg=!R0SlRADNAAbG3AOo5tw7ACkAdvg8WoLfI3MakoDBesx8A2crI5sw5pnjyq0-UdYxenrEfphDgRVoYgIAAABfUgAAAAFoAQcKAErrQhzbrQg6PFeSVyW5HyCP7HEKwYsDD2w09bnlMjW_2M9AY643WQ_TIGHMibplxQU_lIEUZ3E0qIYXLz5FpEOsVSJj1daqySQEyZkC5JwbH8xodSamfF0upiXgmJC2vyrDF4-IvyPO4ZGttMMlRfZZqwwhmxi42xKCOuYNj59Wospg303Jbm3rX0Lw0h3Q_vI4AMq0WS8nb1NXfYNXprGMzXJGMQcVDXj_A8JPnnhUXU_rOKqZg4KhNN7lgorbo6J8isZ17uMR2RpkT0w-AfExrv-beMrqgowwec3oykm-OtBfF1DN_QK2RfooMhUVJQP1wtYrHCLVm13TReyA9gjajQOb53pA-8tivlkB4nJ2hEDJkIiI4lQfsPS3upvAJNYk6KZXe21a9fsHjDURcO4NoetVNiF8Z19916A6iAskmeCxuOfd7EYTg1zHhJDkfvjY72osYH5opEUWmbt6su8lfpf_FhMtKIhWf9jaRa-VyvZmyfaJ08VdP6IROEN0D0tgaeiS8jLWMmcPaXs6U-BdQcFO3AKB5HfFKN-MFHSCyN1Jh6URavzuWqskWgwEDcr3Tp8Xyy7SdnENdWnhT_gCCIkoO7TKZWGVtyhn3_A9YkSuAnwuGYuXguvd0O-b3Ag64zVZLIbxBMpCnu3aVOEy5GxcngrFh8o15-98ocZH4drdDG_kw65w8llAnGiBgwUgJjDgPNyftc-UOw6K4aYPH296Q0hdZlvTzi0qP7ZZ77Podujc353ytiegpxegybuzxSf2Hb-4PrJxQkFRKypUlo3gjd35uVGtA1prXHhI6Mwv4liXV5o_T355ikC3Dw3a9wIRFuSf04HU2VSE5Uf9sNlrTrqNXnBSvz6FrytoACmYL6d9hhlItVRK8FhgKEd5Kz-tw5cyIMKRx8u83wYbQylsF3DST6GOR7kXfprbgrQYLsuCFIjy-TQWLRYwYtZF1AXqKzxTiz1Yyi5RZXWN-3By2cKs5ZfP2lqimtA0Kfx3IomKlpIROAhcgsf5emJonKMAMwAtm5MTD4HujzxyVn6aa989gxicpl9KDfyjQDzzgzpm1qf1EAFOWpzpTjWx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
container.html
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1298 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Thu, 14 Sep 2023 18:29:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C98 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Thu, 14 Sep 2023 18:29:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Thu, 14 Sep 2023 18:29:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B46 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Thu, 14 Sep 2023 18:29:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2E2C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNVdxlscNleUfNq5uLpcL2Fr8hOaC9cOoYFFvWdEN8t_Roe1d7QHxxPpCf3B08YeF4vUDbordczaQ3I0qZR1WPNrdeYv1UETsaACKdk25an4JdlUGEdQBY9UOx74yRAdZxT3q6cA0B3iteBtVDGm0un8g_uCa9VSEnmUo_hLqLeOmgJpI-XxL2qde0PRRLZHkhj0CYtMl4rFXGg4HIXndbY7UDbmjA
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6C98 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_CN0AXOC8GIy9H21MickMBiSS2PMqKbjpY4DJWx01fr0se8YK9tt9MtTwplel1N-PGbxPbjLeAKAWrduAqrcZPDVqEz6HrWJM4fawQGC-gwaKI1B4oDuuZWNqYnk6DmunlAcrIWIXEmGU3h2WiVyRuaY3UA&dbm_d=AKAmf-Cs34jGnweGk-HylT089pfZLljly9z_XuvELPUtRpWcNIBSPnUNsmcCapgvRP7AVUoak6w-z0mB5Gm8aiyWmvVNEkI01yhLKLyu7O-rA-3ReSWDrD0MrVpIKTGU6yEpGF529Ql7cjJknu5L1n4Xm4_3XEDxY3_Qo0ZGNuFIW7URQSImuyWoj2ZS083wlE_5JQc_kho3uIX5Bsi6IzdSa8rB3sXdbOSJW1vXywQZCaEsho6930Pu_em4PCxYmoaowMZ3oahcQGEszSqu2kGK2Va7KJ0JFYqX5bCuEcvtMwl-vX5MHAMD7WAqq6bIj7ypQ36aZOWImWqxGAHfGzYABbWg7HOL0HITU8XG28oGFxuqN2o5sVwnzGqogAShCagCegNR46TEBgYx0kkJnGHTRnZkQrg3o3QiZ9bPCuN0gl-2MDLmEN59_j46m0jiY0iSpPxA-c9qScoIA1qaCk1ems6LFnDLz5qlLTlekiRt-a53IRPbx8NUjGZQ5FEpa7EZ-6YcyR7v2FoI7Dpuch5mcW4xHlFCfytPtOvGmxmqv4jeOQwHWmVPwAlcGJFK0r7Tl5J004J0bNOJwnczZccKQx4UemjOHxDtnw6xzaMxS_WnHrYCE1ZSgr_lO6PKfH7JRAv1rC2TuCBHO_6fU41iA3HAyNzn83QTX_gS_kbIuxQUG61Hhjx-iqdKrV5RUFSnbiksaP0ctqpLbtTMT5kgmcT4IdUCHHYBy8rNFGW-VwnnRxxw9J-xrYpcRUreiUp6N6CcQK0rnXtLLJIBYdyrz2srU-RHQv5Nq-vGmL0A2BHM6uSfUno44I3XgT1UeGb5wNKwzxCnCR9xz1aMzdpmZryeF-2iRQnD87lMgpDA8P5MH2xrbS6hW0a3YeU9SW6Npry2QBkHQdY-4c04I5CoupgAwrSFvA1KrxYC_fxWUv1SdWTyvMR4tsbYXif2_w2zQEFGtvzIw4ny9O0rIXkBPw7zC3EWwsecG8no7uh9ZBl6u9wCBP9DqJDLqqzl6kmOZHffwjZL0eL3Avrioey4MRxIQ10OCNEzOOkSV5b0Aum2K7JldEJkVeJCS2r1XgVMGX_a_A0YzggG9KKW-pt10GWvNBmrySi2MttPGgg0T_LD5KxWGHEUxFCyy9Cfx-EmmoskcarFAfSxd5wPFly3aIu1-jDLaou19jYzOYv94HM53gS5ciGVYP98GcANSruwJsEF5N9y6NSTZGNBpbb_apqHvXRuEb0i9Gnuw-TbHp4JsY3c8AlROVTpLbZP7hoWGkGHXJXfBUWkh0044LEKwokzmaKXz2GKwc6BJT7v-fsqFa1USXCCTj5OhvY5Fs64eksljHjBMJb8LbcPCOz8ukjq-UzHpl5v7vQZm1efh38dPJW7SwhWEVKPDcZ00GVj45Sen6Okb72LY-woHEglVFU96YG_3dH66evY_l_OE3WSxSAMR_v0vPQnAOGbctTo-n6yXpUYQ4Qc6B3zQU2-ou8gZHmaaV2l9Br_Vlcv5-KW1VF1DkAibTBiscTgchDHPwZne98gEys6ItFu3svF7QnQ-JEFlDGaMYy1HysqfNH3iM6hnbvSocptDRgYSlD9mOyj8PxpFUtdwi2_zu0j0hpXbWr0qo63OhRTIAi2HubWCJvbEegPgeoabkeS_b4enJ28QlD5gA1s9fNYa3ocZrUZ-_wY4PQyHFb_J-_d8YGitx3Ja4aOKfYKmXkcL3SGj3sEcFuL5g-1fAKRXVxoB1xIO-aq40bGWf4Jj_bEGn-xyaoJx5KgJeEHvIQoJk7uqeuW8m4T5ZNovheA3mad-Z0Acj0M_4938YFDB772HF_54WnjpR2WeXoMMhAV9h2iyVHMCLcBk3SQyUC-Yf5-V36jE5dFyi-akXsCFXE2z1004eBYHJz3Nn9kZYHk5SBzf4U93pLb-ul_knCJu6zQm8VnRTSmQrKl2XcblaCsCb4gMWH5v--WbIbBKwURiIidf8Fne9r4wjLH73LBNelKSKOHi58mPeBrmmN73fMTNSnig9cz6EOcxzJlSd-VaByP50nMTm20wvnF4VvU4MxiBHl5rUTbPXZdY1dt10bfLlcNhwU6ezOLLjpVVl9xLHKi43zKPmyM4pb22bd05Ghl_4aewRDIsfAmvJw7GNf3evAQ5uTs1u2GtEs__w84H3ZLEboJNifcHaNl_z73Llxyc8RkMU-B1xTmMYeldzvJvoa3vIvvcyZK1XX-JI8IiXSDPTr-DKiQfeG3tGVr0uFFnrhMz0OoMYdec2OyKchyWUfelfVprBviUoQ5z3HY9knb1DE2q-ROxbyRPCsfug9O1NrKngm6qVkgN-fFWStRtuv_h_57Kf6PKh5Tz1vvx6l5045igDO5rlHAc6mV1DczX-WMBB9-hDPewgHOwNt3JZkDQELbf2r3ZJhArtVGAadciUfqfXdihrMpn4ZKUrZKgH04dS7U03N530DWhZaBnh8H2wRugU_YB73r2QCd6EKzQWtuZXKjBQaf8Fepqe-CmqcA4VbK1ABCIFQQJ1tR1lgk7bE0EDrkPE9XU6IPTo1h08An-puh6BsJ-pkrwlpddXeyaPY9d68J1lCUvyfutIsOjCCcPOgTXESGE0MlJBrRQodV9O9mZ6xsdlfwUZTa_v7Sle43PlK3FTDYn_JdyPKGRGOwXTlU7_RoQTlSW_kQvaPQ6HpJFQyVBmZWdcSKi49xwVopbL_wNRnBxSF6-0wyxbzuOC1xmhCWf7bE7nFVCMsPcNfABwxjUHQ8KeCbCytjw1RzuFTjNbQ_vw-oL1lHGioliyaLGz_ZMzBjT5mwNFUEWQuHKvN14jBZixl2Zpa7Fbqlbf5VgSWmRzBKZL8QaPaym6qIw08ccfQiy-a8ijKHUXlrYVbrXuMvZEQ5urOHaQVdyLXHFFbHJ2RwwxwePlT--qZaoe3uWFeMZWjHPUAGwfZyiOo9ab3kaCNWVeudgcD_MwsCV6Lh0VZ1iatgHfNnF_jZBQpJCOeu37U0CCZCS7PAzvAeUeEzYKr1pMWso9QvVCmjwdgFf2vzFRUm-P7UD4WMjLV1DgzA47kLyP0WHb95MCVP92I6MN7Zjgk2Gvq-QjpvcyrQSsZjZf0Oo70WYRKHFRDUVC4cj2Ah7qjjvxyxR5wXGbXTFI1oUfG-6l4TysRbRrxx4_hwF4lYjIVVMASPONJUVOg4Ojd6p5aNJVdbNuj6_W5ezxZRnKnK7Uay45BgvSAQLmxfVRWq0WOwMvkoZ26nuU5bReOtBNHsXfLe6mW545FLVznICmwxyYGcce01G_yWuU99U9GAR3Ehnr7iz09QZr79f2ANRkEI5arXlJMbXWNuah_coazzk0bEun63C7L2d06QjwXs8UBbfyc&cid=CAASJeRoWT8JGbsHYlxuo_mEZIRhHngCX6BQCknDOxgJdr_Xvz-v3g4&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56af1f4a12360b58bbe7747ac0d9f6b4114d875434fd2970d744b09f3cdc2084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35438
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C98 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqHSZqpvy62K1elNUJzNEpzx3D2XFzz5EYXcGQyvb0IO5u6027k_iVhdZyWIk3svG9IzT7Jaqp-qPMR7CjFS19BQVZD0biCJpFXbjbePmOiv_yr_M
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 6C98 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:19:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 6C98 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:23:56 GMT
l
www.google.com/ads/measurement/ Frame 6C98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5ifHRIa26jsp58bM-_vOAWJ-_hy7C8SkeofxavmBz2gvygQyXD4ZJArJchO6xoiFRSuHqCUw63XXjR45tUp9KG9rxHA
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C98 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 18:29:42 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1298 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Coogulh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEogJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dWq6JU1BpBb4gkJ1b6zki6NBQYw_DN8by83QcPICivd7lgrSSNWV-AEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=5vQp-woYwcQ&uach_m=[UACH]&cid=CAQSPACsnQUxwOjr9ue85KI4HiHIsiET5p7PG7C-T2MYk_Qutsd4cTYbMh0JpEr7bHQjwteKmCYHD8IQcoLa2BgB
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1298 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFOv_CsoH-gGdg2ICAgAAANzcIsRkPmtirXdIVgk5jtsQlR0iY0FGNRrHq63nWJMjABIAAA&wp=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
server
Kestrel
server-processing-duration-in-ticks
264177
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame C123 		176 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f39ac4b29138f639c9597720d98da097eff57c120701204214289ed701ab4abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KZC1JRYywNrK8DyrNSYJ5B4ixfopDj-0DI63rcznmKxq6bZ7zgJK2GUroSlAIqNImJgNjYd9LuxIxUxgx94dNGMFqAlZFTxgqTzgwmuGZBGhJgsPS8A1MuTEwKxDxszt8U6IKYN2MsZL4Ek-aA-dd-dzpEKnfvqdR_FKfGXg_Gz1JNVQTerAqzp3seWwTd9s9KOxvToQ_B2VHzfUW8NTWooxwYoRTszpx5apiYhxo2iXnsOUywBXn6Rwhx0C2TqUt17moQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
132685984
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 1298 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:19:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 66A5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10960
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 15:27:02 GMT
etag
48472445140208031
expires
Thu, 15 Sep 2022 15:27:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 1298 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:23:56 GMT
l
www.google.com/ads/measurement/ Frame 1298 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRG3w4wXTVyWgwoqDC5gJjR-Sbgsv-4CigYyvNQnhtT-IFDQL4HnWt1E7A6yZefjhmZxCQC1Sw2wBdjmqc6OMkefQfZAQ
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1298 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 11:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 11:07:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1298 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 18:29:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5AD1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVCPpe1By6lmXe0t9LUHgXaaho3W6sEsB4Z7_yQqixqFVnzCR_9wopfdKWbhggPY7ZjcP371JCSTBwQE540CuXPOJ08TjYVTso94B-5dPjmF3O7dY_joif1e9dPFZGjPrZeUH9U6LEsDMCY9cu31tYTkP2qR8yexk6HL2Oj5-SDyQZMjcHq1S4maEYJMeC4VVxD65EUNMK0lbuuOk2gwxxAzA1DDg
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2B87 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3DQKPFaKNtnddITz4qBKm5ul4VlUzWeaN_QgeA29Bl_XZQkcCJ26eptVKlu3Lcpjzjrw9o7PGnIsivFHlZfDISF_LiEeNGx0TCcNgXLjFNiVdI4n_5KaqVDdxjkUGWHFADH-JrUPi2FnNy25T7XqsAAeK0Q&cry=1&dbm_d=AKAmf-DKEbSGyXC0guBpobfeBpbfoZ_MsacGvKlVAFPBRsSstTEvzRoVO7uo9_pBMZFulKqObwXNNjDXXILogiIPCWLwKx7hP24507IBH2J0Nabhtpw6jLxDsgrbgWLxvP0L2F72EJKm00hRm0BdJ_Yy_u3XKFfO2cwEY-Rd3bAbG80FPNZ3_MdvcaV4-NrDypWs1ImF87vkqHGoyiE8NgUtYqWLV6tQaQrYfC9wIyzXnYsTWCuvjlWVjq4DRC4LLzAJJm0VQwobKzapmtI-H-AQSUdwQ7c013ToB5NCC2hOYMlEKTeUxMsuLAXo7Np-KLoby9qsRQcP0E6Mv2qIEnlgK0aduVS_ghsTv6jvzYpzXQVWq4f_V8q_atI7lQzSFuKic9KXoG3C_nJwTzslkOmMtjKRrJbCXR1wHf35gO-GV2NN9km6e_MDYhwmb8pfw_y5b_iSrhM6rm1lnNtfzU2_YJyZhD_2EZWFthq5LXM-20o81I8mK3VkWd8jqASfmTochBa7t8MXxBn68mWv3-olB8z7UFo8FK9UjtCGuBIh0kpAp-o44Tv82HCZNNJR23yTIl6ktNocx-VmKEKAXLBToWnrkBBvw7TRkMrHlmGjJqol1inIoFSHU85ZYsgnM6gGUCX7d98KcyRmLvMim0f1A7O5smYP29O0GKalsdc9cCYUmwQ3HHhnvPTITbZHIyexhyewNQJvS3qJkjoee5zHMkdC4s8JpQdgoRZyCJQjLWasLuiM22ongJYkJcr4ZJoj5gbCRCgoxV-aLgbiLz7oGVfXf5hlXyy1mPSLKHaE0VW8G-OwTTK33Ai7E6QtMPfdKsYdF_Fr26mb-mISRXcmTOOApzlE3Al3Hi2nONnf4jd7GGNoOh2kiQSLk_OVjwSFn_Wv_boo-XTanrl_Alw1XdinPp5OdDGgn0GnAd9XHEKAzARThltVmF6AVfyauCB7FhLvQkb6ouPQR5QO01FL2YewbnuHAail36BiLpfzP7nwS298_Kn46wBOd02gGyVzJKxcMpR1yxb9cunWoGUDMo9ncNp6-P-QGtfEB__-B4KCstFwFyQ1z6UUB36q34AxU3_V0__nmGLXrQC-TtoM5jYc0BbQmTeBKbwShoEMlTAlvMA-TCICm0yzyoENPi5L96ZhpTn_KhVSXyBKFZGg0lnd51ij7cUOy9XkEepngy_TM9crv3rUn2-ywistSLTWd2eJBkIwLYJM7kqFh1E2Dtn7eVnRJDp9nGB19xnC1EPx3mf5-h2n3zuD3crQZLyJXZi6YAWzKXdS8z6xwwnsrTpIXeLy9HKGgtBJqo_qWpS_bLrd6OQxTJBDp69v3gCbRdSJRYPcqkCItFhucA81paz7iTUV98aZ5S7TQPLrR3m0FInftoEE96SyDxxdDPiv1cPQvq84BboOHDYgCH8iABtL3raWGbXzwErq6frfngqJN-UUIZxtL-J4l-ow8rcRPSY_IgfjrAGUw9toKMjqebAZqKsg7KghxUdlKfdw-Xqj0Czup5tJ9uPKDHlvyc-qBy_HlNtdS7REyid_h4inl0IHnZeVNF-UdQCmH5d-WvRqO9z01_WqqcFMMNRRox6esBKPYOttG7GIxj-N2rXp0BKcQCkezXFybmROcVDzBYolY4EB4-Xf7vtqy8WsF__V6FIGSwISovE5m3d5CgdLfTZnD7O7nxn8dmNLfDcQHl0ynbUdLXlTzyE7qxDZRvWYHeSDarn-_aOKWaEWMjA0IMWtHBIdSylxdjbdil5Udv12V1-FImPc0UBTGlWrAeij5CjErru30Djr8BeHUIXwTA1BvammDjvZRPIqeKxuTPzgew_G40k3HiintIADXZHku5ZmEYD7RJOi7xaFUBjIK2rG4xjXS8vj4u4VjMYmP_mZ89LipWXVYMlWdXivx-Wjmth62EYPk839JbuHIgUz8E9QUDb2p2-Cx5due5zc5gYEZSoXJwpqXaWg-r5ba-LL3uv7Svti65FrOwGxFmG_7YqqHFnD9krMJeiIsAd_MS5t9O4yccjFMBlvIQt3o1VxU0P3yMC9NPU_lGE8NKkMqkJwc6DbMK-NXAjAu16Q6Yx_is77MpyY2vitkhZq5XTGT0KSsuV1p2AZjz0VJZAwaF7tcDZN88-S4znmytxA0H9a6Uvjrez94ne_EhA6D5VBK-9NJYmd8rVBC-PCIenfHOby0ih0xoR-3nTlPenYXEoliA-mfCJ8J4Ci6RTf8eOjtGDKgyMCOdOP5PjygibC3r6nJnoJTf0bGoAYVuKiFrRf0hOv9GioWd8AYLSJLrefsodNIpKfq71KKw5UJJOKfMs3tRSqhiXDEpxKrjleDibVc1v2wLOqwwcZY90wBVpGccOZoGHyeB0oLp_OwzVe_hfX4HHfMNXvZZosiuSKNdq3sXo22GUeOAvxEpQ2tkwJaOYPNzl20FjFldc80TA8ZFkfmOyhQOulXT0Gxc7yoPPDYEaWlZLdWCBoF9YtfR4zSomnL9aNcGk3Vo4FJz4Bg0RMxJOqVdY92KDyqHoMkMwirJ8Canv_k6EechdKiyrOAUDc3mj4NANvytSpc1l3cLZiG1NM9pfqVLIV3QhuF-biHKLgs-m2zhzWb9aSK7iKHNpnIhIQUIXh9PO3Xr2dUmmtG5Zc4DsYbXA1iIXN99ZB77ZIblPETgdnVuc489iihcDui_u4ZR6ECSX_ofNjXAUiPRej6X9u_V0FenhFGQGiSPuBZAFspB4FnPAQhCj6P59ThRBRrnbtEOth3iB1rjCbgp_LW-DYEp5jxngaLVPkqPyGIBal-nZ4ZB7jBeqAkSg3YenyMTrTx8gdpxjqAx91-RBSLgAX_w4fOFcj3SjOpk_tyT9KiKhvQ9eeeB2pEJHRQPbZeQVKtLYbovcL4bbutQYvl4z2jFdlP7_sSvwn_z58S9WViSMxa6lLBFSwpVP4_aex3-5sGzrHwheC_QA5KUBVKWIv1qpx9KUVEv1bap9SZL5MITDj90wUvXV6dAxfvffoC2b_4gvqMRoKThtCLgdBuz1zSPJZJ9S3L2vlbgPdSvjS_ILfaBIPzKBL4bEI6tcuVPvN6t4tcbg6b6BJWwsUy4rfOn5EgCZ0jFoAxej-UV16izii0hbqHZA7NyhUEqy27PdAizoUYFdp_GmmB5MT4S8HIZ4nIgmo4f1G_UtdygvBi02RkeHe0KrYPsQUZERLUV6YtWvGFudD3__LK1mR2N6tNYtnAchgemSfmERRF19Tn8dGWG4Y9IuzFo9Ag6dk9diVrVEuLBIMXVDmgIfYYI3-umsvrZBAYaArd1PEwqKUJb9bhyp_sYKXkDAiIc_ALLB9wGWfwYXskwhkcHAxlIMiPZwzyb-mSQkt2rNXBg1In5YSOERArsWAOpMxP_MiSAltauQbgo14T0BsXu6qsriJJj_8sBrtRuiWAraU1v7w1-6u_Uu3j-Hm4xILpuWLufevr_-jHty0KlQp1wHmNiKOFdt69v0aTYaj5Vc7ZMtGgrF0zvYs87SjMeMO0zeq&cid=CAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4e6b339dca6de9e6fe7acd7002cce86108a86991025beb91074c239fd760e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B87 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3eK4qmMwnO8ZFSJQ03iqWSZJxt76mqZcDqb1ajggarszq4hkFV07ZKozj7itLQ-eguVDOFMmWNNovXwgbflToF0d6YBciqg3BpqlkIOgZbdymwbc
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 2B87 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:19:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 2B87 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:23:56 GMT
l
www.google.com/ads/measurement/ Frame 2B87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXwHkylSXWZ1xJkIMtYSoqVFbxfYaOFJ6HmY0oe0XoD9V3cMNNPdpgTuYi7FwMwEHKhd515EWl4Bb0gUsslXsnA8D93A
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B87 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 18:29:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 011A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXuwwUDnWItbShFngAZIOxLrbHUh_EBoKg2AhnYoagXtoY45wkk3BRVmIDmFqgC43HZBrDWLpW1lBvkyn0MkIkdm0grEjlFXBZ3JzaVmzOVd_Ls54TWVFK4yNCO1ofOZQanRfmpV4Uf60cMT9olEvmpdrQucJLWYfHi0_NKQbUiLMuP7m9yObQq7zUbOOycodpWKoJg5ts-U-XOF2USRaOAqBLB8g
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0B46 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4wQCslKK5JT4fL3AKocZHfnIAGE-2h5MTO19CMqChN_BhPXgZzRK892ArGE5rJfvK-2KhS5dbWP2hb8WHuQ9VwBxz-4F8Wob-jfuTGB1cUv0-fM-YivCQwi7MUKEwNTRLgwyAKTASIx-EqiY8qgh6t3Nd0g&cry=1&dbm_d=AKAmf-BCDu_CssO5u4W-YAl-rJ8iE52K3iCLRnv241B1pgVGi2uaX82yCtNahBeMjwLDGG3XFIrYdb3EEmRstsfRnAzNqQTmqfTP61HzCKJdlhi3kLxs1fnZinysuJziBhOaHowZJq7pL-V5bga-rwsUcq-gMMpqxT5lHvJ7C5dWBIN5CJOluEbIzyV1VUoDcUYwN1B8RuMu5kP3mucJOiJ_aqzcEZMfcA1tTrBXHwlZbIrMAw-r45Xw6dcWDTbTspJIj42MXNbNGOpU7nMYWN0HQG0KcVSx5tYCe5_DNT4Q4G4eAQ6J_bSRxQCbMZVCjPkdb917eI84RNYEecZ8w37xu_UoCtknJ4w07tcG7TIiKNsq0qmUF3evl-IZLpbMI_DfARht5jFXlCLjpLffMQRCP1NGv4Sgjy1xmChnWEYwA6tbbAMWCAjdhVTiJnLGxCZaco9rzQIN0YNd9--dl_zmd0xpCGTklaXnEUmjTFWo-mXQ9cFsIPiWt43XP5lj5dpaWA5McNsaEpqLT8SFX28KSZvWSJ93SPWFJAEHRbfoliIpBc7YXwpvSBuTthcrT4einZFT6tlk9HO9psgtTMIG41H7eXG1NMgyAiKjtZc78ww5hOnBpkhUjqR1JRvU8ua-h7F-CQxHVKMh1gwgWaIkWaHcGVCC9XPcxxqdRmpbTgqQ1YqNxdBV3fsKA1F6yXe4fcF-vTiDdYEB0d2nETgcZydqTPT3rAoFtv1u6vxY3VOBplCi3g_wYMR4n5L6e3eRkX0wZbcnDX33Sz2s10i2KmMo8C4-2J7Lavy0iUl5u9jd5WybRS3NBMjZe26iFSz2gSJFkmSgEJ9qqiqqstlBfxsu7tuODIsiN-vN7HXDTOyUygC39Febab7hNGe3dN6pE7KDfzE6lGQCwKJ7WOVFyCGhbO6g8sDn589i5xhb36nfU2nu7esh6hRbSb2XwaPwfzgWxGCiSoYE_bzx0V0YT_hnIqX1dXpDbhGz64dFZXxkySCulgzGBUeImkkaQ-eC-kpJdzKV3X5VkNMR7PYRsX_k1xr_wuVGgm_Qg1ETrs3S50QNUQCn-CuLDSV8qGI7wtKSxGytU3aq39ICq6nSOcLOP3ZZRywENt8qS4zeQM4NZOZId9TRiOFSHUL_QLajD9u3cMVLWgh-_-FCYYbmihIo3cGplxXx6y26DmIBoMVNOOeRDhQ40Ncb8wX_O81o4Y5ATqiNv-0cVCw6HnvUXtlnnk-n3kIFA0Wm7ss74t4PXb4x9elweOkPol1eaIVe9SJqSLQIHdA-IRTg8PypKl4U3VUynqpdbiBNj2bDVAg9v0Pj7K-Ko0Tdlw-fHCnSPtog1xfzHJnlZLjYgafPTtix_YlRJppoXjwIfvneDbPEjcNoJ7l5Y3OssWVupGL8F9JKet2a-eanZa3cNQJ4sw2cZKwLy4hJmpwEpU3BynTrbokBmkS6a4b1R8IhFi6FFLyu-AbD7wvqEA2ftAgWmYMhAwBMbpAOkSs-cWi_lgp7ZvUAXS2C2lqAzyN1QSmFnC_7wkzS02B_gZ6p2fTl2b9-qfXtByEsjN0Bva9sXmSqGokOd-C9s6wZP3sDW18n5RTmzfRwcDgQ44rl3FZJMZ5OEsDPJmLXJRvFl4tsHixtsVAxYUIyjVnkMqjFM7OzIgrrxlBjUgQC2NOX0gcftpcyovXkxhjCw-SeD1PJPMIAicZAg-WbMC8pJte-FbwPn9zMqSlY5bAN7Z11tA5a21S6Vemj-jTNA-JaAgFg0K-2HrmAe7DeJiHRDnvz-LqgS2yIHA-JC4slxlrmqmQSw_YqjG54yB-zy68VzdY6XeXh8HNtRsSRRCMUvOy8-ukeqjNW1YCFkdgjlDBJo7Vh8jAM-qoDmUSOifwVRtL4mb8OIhAMFGaUDodzTctSs4vofnFm1i7MQx1ZUP_HzCLZKiaNSWa5-a5Ld6aRzW4vZw8Sq5an8rkJJW-WbWSwZ_gaYrnFaXL1oN5SzYnOsVCQDdsXA0i0uLMe2haza83hl87nLrJorl4OOtWwMWj2E16K2FILe6SDG0a_9ovOJqyW5Dh0CwRDbVaTc1ui00cBNf7N5Shwa_RcpFJMfdUmzx1h4Lg5x4TK9uVAiJdqEbdgVmt4iyXAEzi95DeymwiJRu1FzLvonlUt95m49n0jkPlZNpl_Cer0ofYoh7_sffAHsAYuuQXPfIIKLQaGtCnRAarFmKsfz3RETM1pdzgYaEigZ_7HKAoDMMa_SYcn3agqALHv1651Tsc2Snjiz1bEMOaS85fdpyn324UCrJn2p2bBBICZd5QRTRiiWpxc3ZRHaGR7ZDTH0xgCN3fJLn8mBK0RuQquErq30l-9ML44H_dRByf5u8gLo9FVDvVdHJRfCBWTS83G298e5VoMkPBoMaKjk4xJadkttKX1pZNSFCD_O4ILnqI7eKH1_9vqLLQFSRHCwfn0ShSx1jE4zvXm8VXkR9RrakSbtCMq5cevDoprVcLiutpht0b9rD9DM08ns8HPq8LCDR7JCYXcBCwB37Znn9KleG2GYPbPMmelePivbn96eOHq352t1W9hNGULR_2B41ZAIDswArecBxYV5wwbXYzqgbFkEOZQIGSkFoR68iLD4lpKGRTxuSLCHL1C3WgUEhjmeUxbe78yQylw08-zGMv3pl2iGer_FluTTfjnJz6R7R52D3Pn6Esj_VNAVlq4qtKnniFpYOC3D0NAYuHyR-jmy2WVzMQQVvhNW4v7_5VyEvURkOceGA7Pc6yktamzgSW5uSyo32dlSw8-EZAsiWbggzoLFQxkI9oUinVu_oG2KjtgnoQ2dacL4iDO_Simj_TTKwBgM1zfIif0wVYEjoB0q2YW6X7A8_P_HDr4YksMlIn0nRAwdfjk9nKh13LdmI7kG-QUOzxYUR-teIkLsPxDejxzsG-dpcgb_E805JozzELvW6VJy8RzKLBOkX9m2qrj6x7_INAP5SCFFCQlWMy0wbhs_qbezUpDPp21sDyHCuevZ6nbRwugeRoFbPnn6A3KkNMI3WLgp90NrPGBkbBAT9_dbhSk9Fvn1A4ZEu_FhNfarueWiax2TTQMbSnK26YXx5mQeolmL77cbHk-tBZCB8jmuDeMOuwlTKp47rJ-N9prJfg9EaEfw_CG-DZayLmkztC5i7h4HFzK-mO3ko1FuZ_4EvKpIxVsF_HR494tTDIqJyTZLbhQPsEifpN4EtuP6ZewrXT5C9NMUa2ata-LQSH7rS5PSTsVVQnQuIuz7bSBMdZ92F8DhWesNuGRFOaLx8Q-L0CYUZ2ILWG277MdQzgz37BuF3WdkJBpNFd0mNdGRg0oN8q5az1f-PNc-8HPGU2FxFNcUgLPZUr6CgYDmdjGJAhxmDhfY9usuktG-TYFUw9GCX-4lbShHcaMvtNYzPQsaWfFoJS6Y0_bq-WkguvG9WeeWUR06dXP8CHzxVLZt-EAeXXgubz8pIq0ctF26GPa2PghyloFPBRm-DCQVUw&cid=CAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa75e5d3e2910fda312ceee7887ae7cf68917ba190ed1492900c842e7a33a9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11344
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B46 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3aLKGrWMCX-mwxqTmzCtWg9BtkWmTLHcBCRDGfbaqB3jlrqSQCyL2TwXf_jSeg5n_p6VCOrcZXiJa3tC9Sl_UvuC_Hs3vfxUzarOuB_32rJIRLTQ
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 0B46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:19:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 0B46 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:23:56 GMT
l
www.google.com/ads/measurement/ Frame 0B46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbHfDX4bN_00nmuTrZ0-_fNPwxzZoccmPlUbohhxK5_pkQlrrbhBa1ZXTvjcx61n9TarLXCCeVAMUaBs1RPfngE2NNKQ
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B46 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 18:29:42 GMT
truncated
/ Frame 1298 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e167218392be2c6bcda77f886486537ff3f18e4310320f1898ba80aebad68a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 66A5
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO98C3l2LlwiZZb1V4_SSZU&google_cver=1&google_push=AehlK4C3kmb4pTcwb2XVcxkb8VBjsat8vUDPpZkuViqioxMaYNGZjMYMCk0b5WC2HWEBHVN5mrfi-...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C3kmb4pTcwb2XVcxkb8VBjsat8vUDPpZkuViqioxMaYNGZjMYMCk0b5WC2HWEBHVN5mrfi-gsZkAyohludiWLCYGeDL-M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C3kmb4pTcwb2XVcxkb8VBjsat8vUDPpZkuViqioxMaYNGZjMYMCk0b5WC2HWEBHVN5mrfi-gsZkAyohludiWLCYGeDL-M
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 18:29:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 56C5B0A5D7994DDF8BEF117DD31E796E Ref B: FRAEDGE1309 Ref C: 2022-09-14T18:29:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C3kmb4pTcwb2XVcxkb8VBjsat8vUDPpZkuViqioxMaYNGZjMYMCk0b5WC2HWEBHVN5mrfi-gsZkAyohludiWLCYGeDL-M
x-li-proto
http/2
x-li-source-fabric
prod-ltx1
content-length
0
x-li-uuid
AAXop0//75oqH8yi/zwzOg==
pixel
cm.g.doubleclick.net/ Frame 66A5
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEIDVhzb8T3VwjaaEjy9T2ls&google_cver=1&google_push=AehlK4AMaQb7wb9boiGgslOYZR-AtCVY4IKmKRda9vBU2e5vVuOAN0OJcKcMbWGOQD4_FrnKTx4mD9_SlV4-Hbe9pQVkfMdNnCY
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qjl0MUMtRnBDSnVGcE52Vmx4MGlZdw%3D%3D&google_push=AehlK4AMaQb7wb9boiGgslOYZR-AtCVY4IKmKRda9vBU2e5vVuOAN0OJcKcMbWGOQD4_FrnKTx4mD9_SlV4-H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qjl0MUMtRnBDSnVGcE52Vmx4MGlZdw%3D%3D&google_push=AehlK4AMaQb7wb9boiGgslOYZR-AtCVY4IKmKRda9vBU2e5vVuOAN0OJcKcMbWGOQD4_FrnKTx4mD9_SlV4-Hbe9pQVkfMdNnCY
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qjl0MUMtRnBDSnVGcE52Vmx4MGlZdw%3D%3D&google_push=AehlK4AMaQb7wb9boiGgslOYZR-AtCVY4IKmKRda9vBU2e5vVuOAN0OJcKcMbWGOQD4_FrnKTx4mD9_SlV4-Hbe9pQVkfMdNnCY
date
Wed, 14 Sep 2022 18:29:43 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 66A5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFyQIt7hZZz6yxioOJReig4&google_cver=1&google_push=AehlK4COmHJs9zZ-0HPyS2opIDHDvxgsfmBdEQACgSakeP5JRMrObKbvoNWWRk3dKOwPVsDW3YF...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFQ0QtMjctOE5YSw==&google_push=AehlK4COmHJs9zZ-0HPyS2opIDHDvxgsfmBdEQACgSakeP5JRMrObKbvoNWWRk3dKOwPVsDW3YFdJOsvwPJBlDGQaaO2VGBFjg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFQ0QtMjctOE5YSw==&google_push=AehlK4COmHJs9zZ-0HPyS2opIDHDvxgsfmBdEQACgSakeP5JRMrObKbvoNWWRk3dKOwPVsDW3YFdJOsvwPJBlDGQaaO2VGBFjg
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFQ0QtMjctOE5YSw==&google_push=AehlK4COmHJs9zZ-0HPyS2opIDHDvxgsfmBdEQACgSakeP5JRMrObKbvoNWWRk3dKOwPVsDW3YFdJOsvwPJBlDGQaaO2VGBFjg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 66A5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_hm=YyIdlkwWSEuFZPPkBnLqIAAABFoAAAAB&google_nid=index&google_push=AehlK4Dg4AJkxzmDVbrtvBEryD5hw7cK-CRgI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_hm=YyIdlkwWSEuFZPPkBnLqIAAABFoAAAAB&google_nid=index&google_push=AehlK4Dg4AJkxzmDVbrtvBEryD5hw7cK-CRgIdZ8N8IZIRlfIJ_MiCU-HlvugEM6hN4bx6YA7aBsJuCgUS1oXHbo8BTZH9Xj7-Y
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWTZYpy2fivCk3iddd8kDltwqv5mhr4iJ3b6ST%2BnUur%2FJ3yOvUg%2B%2FFvbLFG662qDZpu8bj5f6qw9NSBJdCPR60E%2FSSnhTvyTOI3frXIckK0Akr1FaP3AZcHTAOg9Z2j2qeAMRLCbU0u0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELsvQmGUumOrvxuEPBssOcU&google_hm=YyIdlkwWSEuFZPPkBnLqIAAABFoAAAAB&google_nid=index&google_push=AehlK4Dg4AJkxzmDVbrtvBEryD5hw7cK-CRgIdZ8N8IZIRlfIJ_MiCU-HlvugEM6hN4bx6YA7aBsJuCgUS1oXHbo8BTZH9Xj7-Y
cache-control
no-cache
cf-ray
74ab308f7d0a5c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 66A5
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAimYDpEH9aYVxKXoPMcG-g&google_cver=1&google_push=AehlK4CenN7Es3pRnsCZLaxDrMfyv6bf1e0kaOq-ohaQ0b0nY3uHx9xXo3YXzroaI4s6XuXiuXZ7qMqRLVz9XBGi...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CenN7Es3pRnsCZLaxDrMfyv6bf1e0kaOq-ohaQ0b0nY3uHx9xXo3YXzroaI4s6XuXiuXZ7qMqRLVz9XBGiqkCg5pg9beg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CenN7Es3pRnsCZLaxDrMfyv6bf1e0kaOq-ohaQ0b0nY3uHx9xXo3YXzroaI4s6XuXiuXZ7qMqRLVz9XBGiqkCg5pg9beg
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 18:29:42 GMT
via
1.1 12b082104e9893409b9ae6386e88d350.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CDG3-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4CenN7Es3pRnsCZLaxDrMfyv6bf1e0kaOq-ohaQ0b0nY3uHx9xXo3YXzroaI4s6XuXiuXZ7qMqRLVz9XBGiqkCg5pg9beg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
bxe26FmDCul7V20k8cX25dJU-hJxIolVCnKzSfIj0RVcD2PfpCy09g==
pixel
cm.g.doubleclick.net/ Frame 66A5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ&redir=https%3A%2F%2Fcm.g.doublec...
  • https://sync.targeting.unrulymedia.com/csync/RX-92a08bbf-b016-4c22-90b6-b1c60c7b2f1a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4Cm4Zlu53KUHvPiUegIA...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ&google_hm=A5Kgi7-wFkwikLaxxgx7Lxo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ&google_hm=A5Kgi7-wFkwikLaxxgx7Lxo
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cm4Zlu53KUHvPiUegIAdGuMurVgQ28vNNoSv4mGHaLgsSteh_yAzMPXKIHtXFWBCaKpJ8HhpZS9E7C0pDmNjJe9VZqQQ&google_hm=A5Kgi7-wFkwikLaxxgx7Lxo
date
Wed, 14 Sep 2022 18:29:43 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX92a08bbfb0164c2290b6b1c60c7b2f1a003
content-type
text/html
/
cc.adingo.jp/adx/push/ Frame 66A5 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESED4OiqHf7of7dBoObJycwsM&google_cver=1&google_push=AehlK4B4esm9AMeaaWQuOTN89Wv71kVo-8S7KgVz8w5ICBodR9XcWoS-vjaHeOigvVNiDGJW1S97VM_erWFlaVjdFdljTzjhJ_g
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.226.249 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-226-249.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 66A5 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LB9syj4809jV4KSsNEu73kT1H0CZG_xZt4gGENq2hH7vLA3gJfKlSpRL0SXGsK__SVdcQo
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame 2E2C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1&C=1
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNVdxlscNleUfNq5uLpcL2Fr8hOaC9cOoYFFvWdEN8t_Roe1d7QHxxPpCf3B08YeF4vUDbordczaQ3I0qZR1WPNrdeYv1UETsaACKdk25an4JdlUGEdQBY9UOx74yRAdZxT3q6cA0B3iteBtVDGm0un8g_uCa9VSEnmUo_hLqLeOmgJpI-XxL2qde0PRRLZHkhj0CYtMl4rFXGg4HIXndbY7UDbmjA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74ab308f7f935b3e-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmVXnc4eXXokY8Ci7%2FIsBSXn7owKEr77l%2B7qH2q6X%2FS5ZbBbg5G7x%2BzZ%2Fzuy0vh7jV9gtQlvdJ%2F12nKh421nW6gsvm15St3Iy8rEN%2B5cLOJuHCSHQSKYajoIX7B%2BvmkiGQfI71e4kRSDyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA1B%2BDxXKDcVIcKNMB34i%2ByHEs4TIBE5wD2z0nfQXeGGlpoL4zbmraDRblrLu7cq8uV%2Fu9Zh2kE0rto3362NqDbeRX9G6wsDnWpWcZ3UPVK8hIJossSEFX8vQf%2BKiH17jQmI726X%2BhDTJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1&C=1
cache-control
no-cache
cf-ray
74ab308f1f179a00-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 2E2C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyIdlkwWSEuFZPPkBnLqIAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNVdxlscNleUfNq5uLpcL2Fr8hOaC9cOoYFFvWdEN8t_Roe1d7QHxxPpCf3B08YeF4vUDbordczaQ3I0qZR1WPNrdeYv1UETsaACKdk25an4JdlUGEdQBY9UOx74yRAdZxT3q6cA0B3iteBtVDGm0un8g_uCa9VSEnmUo_hLqLeOmgJpI-XxL2qde0PRRLZHkhj0CYtMl4rFXGg4HIXndbY7UDbmjA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74ab3090389d5b3e-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QM6r80074MjWMZXToli6eYv44fvVSPAPiCrkdse1TAGCjN1ISO77Ck5EV0x5DV7URnqaknMph2eqUtUyKZ%2F2x3somOjY8whJ0FwnSkf8sgm2BLNhQvvd%2FoCAzLr9oRMywtZVEo8fiK5SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2E2C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNVdxlscNleUfNq5uLpcL2Fr8hOaC9cOoYFFvWdEN8t_Roe1d7QHxxPpCf3B08YeF4vUDbordczaQ3I0qZR1WPNrdeYv1UETsaACKdk25an4JdlUGEdQBY9UOx74yRAdZxT3q6cA0B3iteBtVDGm0un8g_uCa9VSEnmUo_hLqLeOmgJpI-XxL2qde0PRRLZHkhj0CYtMl4rFXGg4HIXndbY7UDbmjA
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:42 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d0bce86c-6a9d-4da8-9d30-dacf0717b51f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2E2C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNVdxlscNleUfNq5uLpcL2Fr8hOaC9cOoYFFvWdEN8t_Roe1d7QHxxPpCf3B08YeF4vUDbordczaQ3I0qZR1WPNrdeYv1UETsaACKdk25an4JdlUGEdQBY9UOx74yRAdZxT3q6cA0B3iteBtVDGm0un8g_uCa9VSEnmUo_hLqLeOmgJpI-XxL2qde0PRRLZHkhj0CYtMl4rFXGg4HIXndbY7UDbmjA
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:42 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
86eb6608-5c76-4d7d-8c14-309489cebf37
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVCPpe1By6lmXe0t9LUHgXaaho3W6sEsB4Z7_yQqixqFVnzCR_9wopfdKWbhggPY7ZjcP371JCSTBwQE540CuXPOJ08TjYVTso94B-5dPjmF3O7dY_joif1e9dPFZGjPrZeUH9U6LEsDMCY9cu31tYTkP2qR8yexk6HL2Oj5-SDyQZMjcHq1S4maEYJMeC4VVxD65EUNMK0lbuuOk2gwxxAzA1DDg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74ab308f7f925b3e-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCtLP6LPsaDC1lXIXN2IXi0LhBcfhkKyRTXcrbsDsKRu5r45sAQZHOLXUU9YgdvdQBor7hJf0ucVQaKo9NI3fCDHObx9uxArC6f99BgcTEupgvXPlwBY78lln5GIZ71%2FFRiuEsYTeve3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AD1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyIdlkwWSEuFZPPkBnLqIAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVCPpe1By6lmXe0t9LUHgXaaho3W6sEsB4Z7_yQqixqFVnzCR_9wopfdKWbhggPY7ZjcP371JCSTBwQE540CuXPOJ08TjYVTso94B-5dPjmF3O7dY_joif1e9dPFZGjPrZeUH9U6LEsDMCY9cu31tYTkP2qR8yexk6HL2Oj5-SDyQZMjcHq1S4maEYJMeC4VVxD65EUNMK0lbuuOk2gwxxAzA1DDg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74ab309028865b3e-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vy0IPNPyM7bbbgyV%2B6d1ORNK3vdfWuW5CSuwGYtK3c4Prn8jR7%2F0Hr1BRpALh4FmIHNquMWRhHV%2Baa9Fxe0HpgBqSAUoif3NuGKMcoX1wV4CHU4qYXLnOT3y4na7tHFjA3ic95zgOyJMdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5AD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVCPpe1By6lmXe0t9LUHgXaaho3W6sEsB4Z7_yQqixqFVnzCR_9wopfdKWbhggPY7ZjcP371JCSTBwQE540CuXPOJ08TjYVTso94B-5dPjmF3O7dY_joif1e9dPFZGjPrZeUH9U6LEsDMCY9cu31tYTkP2qR8yexk6HL2Oj5-SDyQZMjcHq1S4maEYJMeC4VVxD65EUNMK0lbuuOk2gwxxAzA1DDg
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:42 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
52fd0b38-d1bb-4204-b0b2-1f8aedf977ac
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5AD1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5NTM1MjIwNDQxNjU3ODM0MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5NTM1MjIwNDQxNjU3ODM0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVCPpe1By6lmXe0t9LUHgXaaho3W6sEsB4Z7_yQqixqFVnzCR_9wopfdKWbhggPY7ZjcP371JCSTBwQE540CuXPOJ08TjYVTso94B-5dPjmF3O7dY_joif1e9dPFZGjPrZeUH9U6LEsDMCY9cu31tYTkP2qR8yexk6HL2Oj5-SDyQZMjcHq1S4maEYJMeC4VVxD65EUNMK0lbuuOk2gwxxAzA1DDg
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:42 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d19a49e2-113c-443e-aeb2-df8d2db296db
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5NTM1MjIwNDQxNjU3ODM0MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2B87 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3DQKPFaKNtnddITz4qBKm5ul4VlUzWeaN_QgeA29Bl_XZQkcCJ26eptVKlu3Lcpjzjrw9o7PGnIsivFHlZfDISF_LiEeNGx0TCcNgXLjFNiVdI4n_5KaqVDdxjkUGWHFADH-JrUPi2FnNy25T7XqsAAeK0Q&cry=1&dbm_d=AKAmf-DKEbSGyXC0guBpobfeBpbfoZ_MsacGvKlVAFPBRsSstTEvzRoVO7uo9_pBMZFulKqObwXNNjDXXILogiIPCWLwKx7hP24507IBH2J0Nabhtpw6jLxDsgrbgWLxvP0L2F72EJKm00hRm0BdJ_Yy_u3XKFfO2cwEY-Rd3bAbG80FPNZ3_MdvcaV4-NrDypWs1ImF87vkqHGoyiE8NgUtYqWLV6tQaQrYfC9wIyzXnYsTWCuvjlWVjq4DRC4LLzAJJm0VQwobKzapmtI-H-AQSUdwQ7c013ToB5NCC2hOYMlEKTeUxMsuLAXo7Np-KLoby9qsRQcP0E6Mv2qIEnlgK0aduVS_ghsTv6jvzYpzXQVWq4f_V8q_atI7lQzSFuKic9KXoG3C_nJwTzslkOmMtjKRrJbCXR1wHf35gO-GV2NN9km6e_MDYhwmb8pfw_y5b_iSrhM6rm1lnNtfzU2_YJyZhD_2EZWFthq5LXM-20o81I8mK3VkWd8jqASfmTochBa7t8MXxBn68mWv3-olB8z7UFo8FK9UjtCGuBIh0kpAp-o44Tv82HCZNNJR23yTIl6ktNocx-VmKEKAXLBToWnrkBBvw7TRkMrHlmGjJqol1inIoFSHU85ZYsgnM6gGUCX7d98KcyRmLvMim0f1A7O5smYP29O0GKalsdc9cCYUmwQ3HHhnvPTITbZHIyexhyewNQJvS3qJkjoee5zHMkdC4s8JpQdgoRZyCJQjLWasLuiM22ongJYkJcr4ZJoj5gbCRCgoxV-aLgbiLz7oGVfXf5hlXyy1mPSLKHaE0VW8G-OwTTK33Ai7E6QtMPfdKsYdF_Fr26mb-mISRXcmTOOApzlE3Al3Hi2nONnf4jd7GGNoOh2kiQSLk_OVjwSFn_Wv_boo-XTanrl_Alw1XdinPp5OdDGgn0GnAd9XHEKAzARThltVmF6AVfyauCB7FhLvQkb6ouPQR5QO01FL2YewbnuHAail36BiLpfzP7nwS298_Kn46wBOd02gGyVzJKxcMpR1yxb9cunWoGUDMo9ncNp6-P-QGtfEB__-B4KCstFwFyQ1z6UUB36q34AxU3_V0__nmGLXrQC-TtoM5jYc0BbQmTeBKbwShoEMlTAlvMA-TCICm0yzyoENPi5L96ZhpTn_KhVSXyBKFZGg0lnd51ij7cUOy9XkEepngy_TM9crv3rUn2-ywistSLTWd2eJBkIwLYJM7kqFh1E2Dtn7eVnRJDp9nGB19xnC1EPx3mf5-h2n3zuD3crQZLyJXZi6YAWzKXdS8z6xwwnsrTpIXeLy9HKGgtBJqo_qWpS_bLrd6OQxTJBDp69v3gCbRdSJRYPcqkCItFhucA81paz7iTUV98aZ5S7TQPLrR3m0FInftoEE96SyDxxdDPiv1cPQvq84BboOHDYgCH8iABtL3raWGbXzwErq6frfngqJN-UUIZxtL-J4l-ow8rcRPSY_IgfjrAGUw9toKMjqebAZqKsg7KghxUdlKfdw-Xqj0Czup5tJ9uPKDHlvyc-qBy_HlNtdS7REyid_h4inl0IHnZeVNF-UdQCmH5d-WvRqO9z01_WqqcFMMNRRox6esBKPYOttG7GIxj-N2rXp0BKcQCkezXFybmROcVDzBYolY4EB4-Xf7vtqy8WsF__V6FIGSwISovE5m3d5CgdLfTZnD7O7nxn8dmNLfDcQHl0ynbUdLXlTzyE7qxDZRvWYHeSDarn-_aOKWaEWMjA0IMWtHBIdSylxdjbdil5Udv12V1-FImPc0UBTGlWrAeij5CjErru30Djr8BeHUIXwTA1BvammDjvZRPIqeKxuTPzgew_G40k3HiintIADXZHku5ZmEYD7RJOi7xaFUBjIK2rG4xjXS8vj4u4VjMYmP_mZ89LipWXVYMlWdXivx-Wjmth62EYPk839JbuHIgUz8E9QUDb2p2-Cx5due5zc5gYEZSoXJwpqXaWg-r5ba-LL3uv7Svti65FrOwGxFmG_7YqqHFnD9krMJeiIsAd_MS5t9O4yccjFMBlvIQt3o1VxU0P3yMC9NPU_lGE8NKkMqkJwc6DbMK-NXAjAu16Q6Yx_is77MpyY2vitkhZq5XTGT0KSsuV1p2AZjz0VJZAwaF7tcDZN88-S4znmytxA0H9a6Uvjrez94ne_EhA6D5VBK-9NJYmd8rVBC-PCIenfHOby0ih0xoR-3nTlPenYXEoliA-mfCJ8J4Ci6RTf8eOjtGDKgyMCOdOP5PjygibC3r6nJnoJTf0bGoAYVuKiFrRf0hOv9GioWd8AYLSJLrefsodNIpKfq71KKw5UJJOKfMs3tRSqhiXDEpxKrjleDibVc1v2wLOqwwcZY90wBVpGccOZoGHyeB0oLp_OwzVe_hfX4HHfMNXvZZosiuSKNdq3sXo22GUeOAvxEpQ2tkwJaOYPNzl20FjFldc80TA8ZFkfmOyhQOulXT0Gxc7yoPPDYEaWlZLdWCBoF9YtfR4zSomnL9aNcGk3Vo4FJz4Bg0RMxJOqVdY92KDyqHoMkMwirJ8Canv_k6EechdKiyrOAUDc3mj4NANvytSpc1l3cLZiG1NM9pfqVLIV3QhuF-biHKLgs-m2zhzWb9aSK7iKHNpnIhIQUIXh9PO3Xr2dUmmtG5Zc4DsYbXA1iIXN99ZB77ZIblPETgdnVuc489iihcDui_u4ZR6ECSX_ofNjXAUiPRej6X9u_V0FenhFGQGiSPuBZAFspB4FnPAQhCj6P59ThRBRrnbtEOth3iB1rjCbgp_LW-DYEp5jxngaLVPkqPyGIBal-nZ4ZB7jBeqAkSg3YenyMTrTx8gdpxjqAx91-RBSLgAX_w4fOFcj3SjOpk_tyT9KiKhvQ9eeeB2pEJHRQPbZeQVKtLYbovcL4bbutQYvl4z2jFdlP7_sSvwn_z58S9WViSMxa6lLBFSwpVP4_aex3-5sGzrHwheC_QA5KUBVKWIv1qpx9KUVEv1bap9SZL5MITDj90wUvXV6dAxfvffoC2b_4gvqMRoKThtCLgdBuz1zSPJZJ9S3L2vlbgPdSvjS_ILfaBIPzKBL4bEI6tcuVPvN6t4tcbg6b6BJWwsUy4rfOn5EgCZ0jFoAxej-UV16izii0hbqHZA7NyhUEqy27PdAizoUYFdp_GmmB5MT4S8HIZ4nIgmo4f1G_UtdygvBi02RkeHe0KrYPsQUZERLUV6YtWvGFudD3__LK1mR2N6tNYtnAchgemSfmERRF19Tn8dGWG4Y9IuzFo9Ag6dk9diVrVEuLBIMXVDmgIfYYI3-umsvrZBAYaArd1PEwqKUJb9bhyp_sYKXkDAiIc_ALLB9wGWfwYXskwhkcHAxlIMiPZwzyb-mSQkt2rNXBg1In5YSOERArsWAOpMxP_MiSAltauQbgo14T0BsXu6qsriJJj_8sBrtRuiWAraU1v7w1-6u_Uu3j-Hm4xILpuWLufevr_-jHty0KlQp1wHmNiKOFdt69v0aTYaj5Vc7ZMtGgrF0zvYs87SjMeMO0zeq&cid=CAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:42:29 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame 2B87 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
fdfe744f2ecd950b8c0f60a17475a4f8ec42a84ec16102ea7d450e07fe1dc62a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4106
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 011A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXuwwUDnWItbShFngAZIOxLrbHUh_EBoKg2AhnYoagXtoY45wkk3BRVmIDmFqgC43HZBrDWLpW1lBvkyn0MkIkdm0grEjlFXBZ3JzaVmzOVd_Ls54TWVFK4yNCO1ofOZQanRfmpV4Uf60cMT9olEvmpdrQucJLWYfHi0_NKQbUiLMuP7m9yObQq7zUbOOycodpWKoJg5ts-U-XOF2USRaOAqBLB8g
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74ab308f7f905b3e-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xltbyFAhN5z8%2FQCrF1YUswqH0chED88weNh3lfxZKQknEY%2BhioS%2BzPv9C45fw2dhXP9x1U7quTOjD4cOitTT0p%2Bzc9%2Bkl7%2F8nzmgdkaXSh3CtudH0nDhKACXPEBd3lMe6v5RN5RUpPHSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 011A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyIdlkwWSEuFZPPkBnLqIAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXuwwUDnWItbShFngAZIOxLrbHUh_EBoKg2AhnYoagXtoY45wkk3BRVmIDmFqgC43HZBrDWLpW1lBvkyn0MkIkdm0grEjlFXBZ3JzaVmzOVd_Ls54TWVFK4yNCO1ofOZQanRfmpV4Uf60cMT9olEvmpdrQucJLWYfHi0_NKQbUiLMuP7m9yObQq7zUbOOycodpWKoJg5ts-U-XOF2USRaOAqBLB8g
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74ab309048a45b3e-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v99ZxU99cDXKXtcGuO1dJMewb57KPmnX1ZYuF%2BVjbM1iEGYIGd1Nt9C2Rf1%2FVVHYhmEjB485HUKyD3sOUh%2Bg6dNZCdoSHh8vHtdAuFpbQLRVrniVYTB3jQk2dAGWM6SMdZP3kWPjA4u5Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENXZLyl9nACidI0jMsJZnGQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 011A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXuwwUDnWItbShFngAZIOxLrbHUh_EBoKg2AhnYoagXtoY45wkk3BRVmIDmFqgC43HZBrDWLpW1lBvkyn0MkIkdm0grEjlFXBZ3JzaVmzOVd_Ls54TWVFK4yNCO1ofOZQanRfmpV4Uf60cMT9olEvmpdrQucJLWYfHi0_NKQbUiLMuP7m9yObQq7zUbOOycodpWKoJg5ts-U-XOF2USRaOAqBLB8g
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:42 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4a4c1db3-60a4-4153-a5f0-b8f831ac383d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJKZ9jCF8e5j65K1SYMGfPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 011A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXuwwUDnWItbShFngAZIOxLrbHUh_EBoKg2AhnYoagXtoY45wkk3BRVmIDmFqgC43HZBrDWLpW1lBvkyn0MkIkdm0grEjlFXBZ3JzaVmzOVd_Ls54TWVFK4yNCO1ofOZQanRfmpV4Uf60cMT9olEvmpdrQucJLWYfHi0_NKQbUiLMuP7m9yObQq7zUbOOycodpWKoJg5ts-U-XOF2USRaOAqBLB8g
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:42 GMT
X-Proxy-Origin
217.114.218.27; 217.114.218.27; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
01bd797f-4f38-4c6e-bb97-e23d9ba73be5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyNjAzMjM4NzM1NTI2MDQ0Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6C98 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Origin
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 16:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 16:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame 6C98 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_CN0AXOC8GIy9H21MickMBiSS2PMqKbjpY4DJWx01fr0se8YK9tt9MtTwplel1N-PGbxPbjLeAKAWrduAqrcZPDVqEz6HrWJM4fawQGC-gwaKI1B4oDuuZWNqYnk6DmunlAcrIWIXEmGU3h2WiVyRuaY3UA&dbm_d=AKAmf-Cs34jGnweGk-HylT089pfZLljly9z_XuvELPUtRpWcNIBSPnUNsmcCapgvRP7AVUoak6w-z0mB5Gm8aiyWmvVNEkI01yhLKLyu7O-rA-3ReSWDrD0MrVpIKTGU6yEpGF529Ql7cjJknu5L1n4Xm4_3XEDxY3_Qo0ZGNuFIW7URQSImuyWoj2ZS083wlE_5JQc_kho3uIX5Bsi6IzdSa8rB3sXdbOSJW1vXywQZCaEsho6930Pu_em4PCxYmoaowMZ3oahcQGEszSqu2kGK2Va7KJ0JFYqX5bCuEcvtMwl-vX5MHAMD7WAqq6bIj7ypQ36aZOWImWqxGAHfGzYABbWg7HOL0HITU8XG28oGFxuqN2o5sVwnzGqogAShCagCegNR46TEBgYx0kkJnGHTRnZkQrg3o3QiZ9bPCuN0gl-2MDLmEN59_j46m0jiY0iSpPxA-c9qScoIA1qaCk1ems6LFnDLz5qlLTlekiRt-a53IRPbx8NUjGZQ5FEpa7EZ-6YcyR7v2FoI7Dpuch5mcW4xHlFCfytPtOvGmxmqv4jeOQwHWmVPwAlcGJFK0r7Tl5J004J0bNOJwnczZccKQx4UemjOHxDtnw6xzaMxS_WnHrYCE1ZSgr_lO6PKfH7JRAv1rC2TuCBHO_6fU41iA3HAyNzn83QTX_gS_kbIuxQUG61Hhjx-iqdKrV5RUFSnbiksaP0ctqpLbtTMT5kgmcT4IdUCHHYBy8rNFGW-VwnnRxxw9J-xrYpcRUreiUp6N6CcQK0rnXtLLJIBYdyrz2srU-RHQv5Nq-vGmL0A2BHM6uSfUno44I3XgT1UeGb5wNKwzxCnCR9xz1aMzdpmZryeF-2iRQnD87lMgpDA8P5MH2xrbS6hW0a3YeU9SW6Npry2QBkHQdY-4c04I5CoupgAwrSFvA1KrxYC_fxWUv1SdWTyvMR4tsbYXif2_w2zQEFGtvzIw4ny9O0rIXkBPw7zC3EWwsecG8no7uh9ZBl6u9wCBP9DqJDLqqzl6kmOZHffwjZL0eL3Avrioey4MRxIQ10OCNEzOOkSV5b0Aum2K7JldEJkVeJCS2r1XgVMGX_a_A0YzggG9KKW-pt10GWvNBmrySi2MttPGgg0T_LD5KxWGHEUxFCyy9Cfx-EmmoskcarFAfSxd5wPFly3aIu1-jDLaou19jYzOYv94HM53gS5ciGVYP98GcANSruwJsEF5N9y6NSTZGNBpbb_apqHvXRuEb0i9Gnuw-TbHp4JsY3c8AlROVTpLbZP7hoWGkGHXJXfBUWkh0044LEKwokzmaKXz2GKwc6BJT7v-fsqFa1USXCCTj5OhvY5Fs64eksljHjBMJb8LbcPCOz8ukjq-UzHpl5v7vQZm1efh38dPJW7SwhWEVKPDcZ00GVj45Sen6Okb72LY-woHEglVFU96YG_3dH66evY_l_OE3WSxSAMR_v0vPQnAOGbctTo-n6yXpUYQ4Qc6B3zQU2-ou8gZHmaaV2l9Br_Vlcv5-KW1VF1DkAibTBiscTgchDHPwZne98gEys6ItFu3svF7QnQ-JEFlDGaMYy1HysqfNH3iM6hnbvSocptDRgYSlD9mOyj8PxpFUtdwi2_zu0j0hpXbWr0qo63OhRTIAi2HubWCJvbEegPgeoabkeS_b4enJ28QlD5gA1s9fNYa3ocZrUZ-_wY4PQyHFb_J-_d8YGitx3Ja4aOKfYKmXkcL3SGj3sEcFuL5g-1fAKRXVxoB1xIO-aq40bGWf4Jj_bEGn-xyaoJx5KgJeEHvIQoJk7uqeuW8m4T5ZNovheA3mad-Z0Acj0M_4938YFDB772HF_54WnjpR2WeXoMMhAV9h2iyVHMCLcBk3SQyUC-Yf5-V36jE5dFyi-akXsCFXE2z1004eBYHJz3Nn9kZYHk5SBzf4U93pLb-ul_knCJu6zQm8VnRTSmQrKl2XcblaCsCb4gMWH5v--WbIbBKwURiIidf8Fne9r4wjLH73LBNelKSKOHi58mPeBrmmN73fMTNSnig9cz6EOcxzJlSd-VaByP50nMTm20wvnF4VvU4MxiBHl5rUTbPXZdY1dt10bfLlcNhwU6ezOLLjpVVl9xLHKi43zKPmyM4pb22bd05Ghl_4aewRDIsfAmvJw7GNf3evAQ5uTs1u2GtEs__w84H3ZLEboJNifcHaNl_z73Llxyc8RkMU-B1xTmMYeldzvJvoa3vIvvcyZK1XX-JI8IiXSDPTr-DKiQfeG3tGVr0uFFnrhMz0OoMYdec2OyKchyWUfelfVprBviUoQ5z3HY9knb1DE2q-ROxbyRPCsfug9O1NrKngm6qVkgN-fFWStRtuv_h_57Kf6PKh5Tz1vvx6l5045igDO5rlHAc6mV1DczX-WMBB9-hDPewgHOwNt3JZkDQELbf2r3ZJhArtVGAadciUfqfXdihrMpn4ZKUrZKgH04dS7U03N530DWhZaBnh8H2wRugU_YB73r2QCd6EKzQWtuZXKjBQaf8Fepqe-CmqcA4VbK1ABCIFQQJ1tR1lgk7bE0EDrkPE9XU6IPTo1h08An-puh6BsJ-pkrwlpddXeyaPY9d68J1lCUvyfutIsOjCCcPOgTXESGE0MlJBrRQodV9O9mZ6xsdlfwUZTa_v7Sle43PlK3FTDYn_JdyPKGRGOwXTlU7_RoQTlSW_kQvaPQ6HpJFQyVBmZWdcSKi49xwVopbL_wNRnBxSF6-0wyxbzuOC1xmhCWf7bE7nFVCMsPcNfABwxjUHQ8KeCbCytjw1RzuFTjNbQ_vw-oL1lHGioliyaLGz_ZMzBjT5mwNFUEWQuHKvN14jBZixl2Zpa7Fbqlbf5VgSWmRzBKZL8QaPaym6qIw08ccfQiy-a8ijKHUXlrYVbrXuMvZEQ5urOHaQVdyLXHFFbHJ2RwwxwePlT--qZaoe3uWFeMZWjHPUAGwfZyiOo9ab3kaCNWVeudgcD_MwsCV6Lh0VZ1iatgHfNnF_jZBQpJCOeu37U0CCZCS7PAzvAeUeEzYKr1pMWso9QvVCmjwdgFf2vzFRUm-P7UD4WMjLV1DgzA47kLyP0WHb95MCVP92I6MN7Zjgk2Gvq-QjpvcyrQSsZjZf0Oo70WYRKHFRDUVC4cj2Ah7qjjvxyxR5wXGbXTFI1oUfG-6l4TysRbRrxx4_hwF4lYjIVVMASPONJUVOg4Ojd6p5aNJVdbNuj6_W5ezxZRnKnK7Uay45BgvSAQLmxfVRWq0WOwMvkoZ26nuU5bReOtBNHsXfLe6mW545FLVznICmwxyYGcce01G_yWuU99U9GAR3Ehnr7iz09QZr79f2ANRkEI5arXlJMbXWNuah_coazzk0bEun63C7L2d06QjwXs8UBbfyc&cid=CAASJeRoWT8JGbsHYlxuo_mEZIRhHngCX6BQCknDOxgJdr_Xvz-v3g4&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:28:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 6C98 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_CN0AXOC8GIy9H21MickMBiSS2PMqKbjpY4DJWx01fr0se8YK9tt9MtTwplel1N-PGbxPbjLeAKAWrduAqrcZPDVqEz6HrWJM4fawQGC-gwaKI1B4oDuuZWNqYnk6DmunlAcrIWIXEmGU3h2WiVyRuaY3UA&dbm_d=AKAmf-Cs34jGnweGk-HylT089pfZLljly9z_XuvELPUtRpWcNIBSPnUNsmcCapgvRP7AVUoak6w-z0mB5Gm8aiyWmvVNEkI01yhLKLyu7O-rA-3ReSWDrD0MrVpIKTGU6yEpGF529Ql7cjJknu5L1n4Xm4_3XEDxY3_Qo0ZGNuFIW7URQSImuyWoj2ZS083wlE_5JQc_kho3uIX5Bsi6IzdSa8rB3sXdbOSJW1vXywQZCaEsho6930Pu_em4PCxYmoaowMZ3oahcQGEszSqu2kGK2Va7KJ0JFYqX5bCuEcvtMwl-vX5MHAMD7WAqq6bIj7ypQ36aZOWImWqxGAHfGzYABbWg7HOL0HITU8XG28oGFxuqN2o5sVwnzGqogAShCagCegNR46TEBgYx0kkJnGHTRnZkQrg3o3QiZ9bPCuN0gl-2MDLmEN59_j46m0jiY0iSpPxA-c9qScoIA1qaCk1ems6LFnDLz5qlLTlekiRt-a53IRPbx8NUjGZQ5FEpa7EZ-6YcyR7v2FoI7Dpuch5mcW4xHlFCfytPtOvGmxmqv4jeOQwHWmVPwAlcGJFK0r7Tl5J004J0bNOJwnczZccKQx4UemjOHxDtnw6xzaMxS_WnHrYCE1ZSgr_lO6PKfH7JRAv1rC2TuCBHO_6fU41iA3HAyNzn83QTX_gS_kbIuxQUG61Hhjx-iqdKrV5RUFSnbiksaP0ctqpLbtTMT5kgmcT4IdUCHHYBy8rNFGW-VwnnRxxw9J-xrYpcRUreiUp6N6CcQK0rnXtLLJIBYdyrz2srU-RHQv5Nq-vGmL0A2BHM6uSfUno44I3XgT1UeGb5wNKwzxCnCR9xz1aMzdpmZryeF-2iRQnD87lMgpDA8P5MH2xrbS6hW0a3YeU9SW6Npry2QBkHQdY-4c04I5CoupgAwrSFvA1KrxYC_fxWUv1SdWTyvMR4tsbYXif2_w2zQEFGtvzIw4ny9O0rIXkBPw7zC3EWwsecG8no7uh9ZBl6u9wCBP9DqJDLqqzl6kmOZHffwjZL0eL3Avrioey4MRxIQ10OCNEzOOkSV5b0Aum2K7JldEJkVeJCS2r1XgVMGX_a_A0YzggG9KKW-pt10GWvNBmrySi2MttPGgg0T_LD5KxWGHEUxFCyy9Cfx-EmmoskcarFAfSxd5wPFly3aIu1-jDLaou19jYzOYv94HM53gS5ciGVYP98GcANSruwJsEF5N9y6NSTZGNBpbb_apqHvXRuEb0i9Gnuw-TbHp4JsY3c8AlROVTpLbZP7hoWGkGHXJXfBUWkh0044LEKwokzmaKXz2GKwc6BJT7v-fsqFa1USXCCTj5OhvY5Fs64eksljHjBMJb8LbcPCOz8ukjq-UzHpl5v7vQZm1efh38dPJW7SwhWEVKPDcZ00GVj45Sen6Okb72LY-woHEglVFU96YG_3dH66evY_l_OE3WSxSAMR_v0vPQnAOGbctTo-n6yXpUYQ4Qc6B3zQU2-ou8gZHmaaV2l9Br_Vlcv5-KW1VF1DkAibTBiscTgchDHPwZne98gEys6ItFu3svF7QnQ-JEFlDGaMYy1HysqfNH3iM6hnbvSocptDRgYSlD9mOyj8PxpFUtdwi2_zu0j0hpXbWr0qo63OhRTIAi2HubWCJvbEegPgeoabkeS_b4enJ28QlD5gA1s9fNYa3ocZrUZ-_wY4PQyHFb_J-_d8YGitx3Ja4aOKfYKmXkcL3SGj3sEcFuL5g-1fAKRXVxoB1xIO-aq40bGWf4Jj_bEGn-xyaoJx5KgJeEHvIQoJk7uqeuW8m4T5ZNovheA3mad-Z0Acj0M_4938YFDB772HF_54WnjpR2WeXoMMhAV9h2iyVHMCLcBk3SQyUC-Yf5-V36jE5dFyi-akXsCFXE2z1004eBYHJz3Nn9kZYHk5SBzf4U93pLb-ul_knCJu6zQm8VnRTSmQrKl2XcblaCsCb4gMWH5v--WbIbBKwURiIidf8Fne9r4wjLH73LBNelKSKOHi58mPeBrmmN73fMTNSnig9cz6EOcxzJlSd-VaByP50nMTm20wvnF4VvU4MxiBHl5rUTbPXZdY1dt10bfLlcNhwU6ezOLLjpVVl9xLHKi43zKPmyM4pb22bd05Ghl_4aewRDIsfAmvJw7GNf3evAQ5uTs1u2GtEs__w84H3ZLEboJNifcHaNl_z73Llxyc8RkMU-B1xTmMYeldzvJvoa3vIvvcyZK1XX-JI8IiXSDPTr-DKiQfeG3tGVr0uFFnrhMz0OoMYdec2OyKchyWUfelfVprBviUoQ5z3HY9knb1DE2q-ROxbyRPCsfug9O1NrKngm6qVkgN-fFWStRtuv_h_57Kf6PKh5Tz1vvx6l5045igDO5rlHAc6mV1DczX-WMBB9-hDPewgHOwNt3JZkDQELbf2r3ZJhArtVGAadciUfqfXdihrMpn4ZKUrZKgH04dS7U03N530DWhZaBnh8H2wRugU_YB73r2QCd6EKzQWtuZXKjBQaf8Fepqe-CmqcA4VbK1ABCIFQQJ1tR1lgk7bE0EDrkPE9XU6IPTo1h08An-puh6BsJ-pkrwlpddXeyaPY9d68J1lCUvyfutIsOjCCcPOgTXESGE0MlJBrRQodV9O9mZ6xsdlfwUZTa_v7Sle43PlK3FTDYn_JdyPKGRGOwXTlU7_RoQTlSW_kQvaPQ6HpJFQyVBmZWdcSKi49xwVopbL_wNRnBxSF6-0wyxbzuOC1xmhCWf7bE7nFVCMsPcNfABwxjUHQ8KeCbCytjw1RzuFTjNbQ_vw-oL1lHGioliyaLGz_ZMzBjT5mwNFUEWQuHKvN14jBZixl2Zpa7Fbqlbf5VgSWmRzBKZL8QaPaym6qIw08ccfQiy-a8ijKHUXlrYVbrXuMvZEQ5urOHaQVdyLXHFFbHJ2RwwxwePlT--qZaoe3uWFeMZWjHPUAGwfZyiOo9ab3kaCNWVeudgcD_MwsCV6Lh0VZ1iatgHfNnF_jZBQpJCOeu37U0CCZCS7PAzvAeUeEzYKr1pMWso9QvVCmjwdgFf2vzFRUm-P7UD4WMjLV1DgzA47kLyP0WHb95MCVP92I6MN7Zjgk2Gvq-QjpvcyrQSsZjZf0Oo70WYRKHFRDUVC4cj2Ah7qjjvxyxR5wXGbXTFI1oUfG-6l4TysRbRrxx4_hwF4lYjIVVMASPONJUVOg4Ojd6p5aNJVdbNuj6_W5ezxZRnKnK7Uay45BgvSAQLmxfVRWq0WOwMvkoZ26nuU5bReOtBNHsXfLe6mW545FLVznICmwxyYGcce01G_yWuU99U9GAR3Ehnr7iz09QZr79f2ANRkEI5arXlJMbXWNuah_coazzk0bEun63C7L2d06QjwXs8UBbfyc&cid=CAASJeRoWT8JGbsHYlxuo_mEZIRhHngCX6BQCknDOxgJdr_Xvz-v3g4&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11716
x-xss-protection
0
server
cafe
etag
11026421231030424798
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 18:24:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B46 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4wQCslKK5JT4fL3AKocZHfnIAGE-2h5MTO19CMqChN_BhPXgZzRK892ArGE5rJfvK-2KhS5dbWP2hb8WHuQ9VwBxz-4F8Wob-jfuTGB1cUv0-fM-YivCQwi7MUKEwNTRLgwyAKTASIx-EqiY8qgh6t3Nd0g&cry=1&dbm_d=AKAmf-BCDu_CssO5u4W-YAl-rJ8iE52K3iCLRnv241B1pgVGi2uaX82yCtNahBeMjwLDGG3XFIrYdb3EEmRstsfRnAzNqQTmqfTP61HzCKJdlhi3kLxs1fnZinysuJziBhOaHowZJq7pL-V5bga-rwsUcq-gMMpqxT5lHvJ7C5dWBIN5CJOluEbIzyV1VUoDcUYwN1B8RuMu5kP3mucJOiJ_aqzcEZMfcA1tTrBXHwlZbIrMAw-r45Xw6dcWDTbTspJIj42MXNbNGOpU7nMYWN0HQG0KcVSx5tYCe5_DNT4Q4G4eAQ6J_bSRxQCbMZVCjPkdb917eI84RNYEecZ8w37xu_UoCtknJ4w07tcG7TIiKNsq0qmUF3evl-IZLpbMI_DfARht5jFXlCLjpLffMQRCP1NGv4Sgjy1xmChnWEYwA6tbbAMWCAjdhVTiJnLGxCZaco9rzQIN0YNd9--dl_zmd0xpCGTklaXnEUmjTFWo-mXQ9cFsIPiWt43XP5lj5dpaWA5McNsaEpqLT8SFX28KSZvWSJ93SPWFJAEHRbfoliIpBc7YXwpvSBuTthcrT4einZFT6tlk9HO9psgtTMIG41H7eXG1NMgyAiKjtZc78ww5hOnBpkhUjqR1JRvU8ua-h7F-CQxHVKMh1gwgWaIkWaHcGVCC9XPcxxqdRmpbTgqQ1YqNxdBV3fsKA1F6yXe4fcF-vTiDdYEB0d2nETgcZydqTPT3rAoFtv1u6vxY3VOBplCi3g_wYMR4n5L6e3eRkX0wZbcnDX33Sz2s10i2KmMo8C4-2J7Lavy0iUl5u9jd5WybRS3NBMjZe26iFSz2gSJFkmSgEJ9qqiqqstlBfxsu7tuODIsiN-vN7HXDTOyUygC39Febab7hNGe3dN6pE7KDfzE6lGQCwKJ7WOVFyCGhbO6g8sDn589i5xhb36nfU2nu7esh6hRbSb2XwaPwfzgWxGCiSoYE_bzx0V0YT_hnIqX1dXpDbhGz64dFZXxkySCulgzGBUeImkkaQ-eC-kpJdzKV3X5VkNMR7PYRsX_k1xr_wuVGgm_Qg1ETrs3S50QNUQCn-CuLDSV8qGI7wtKSxGytU3aq39ICq6nSOcLOP3ZZRywENt8qS4zeQM4NZOZId9TRiOFSHUL_QLajD9u3cMVLWgh-_-FCYYbmihIo3cGplxXx6y26DmIBoMVNOOeRDhQ40Ncb8wX_O81o4Y5ATqiNv-0cVCw6HnvUXtlnnk-n3kIFA0Wm7ss74t4PXb4x9elweOkPol1eaIVe9SJqSLQIHdA-IRTg8PypKl4U3VUynqpdbiBNj2bDVAg9v0Pj7K-Ko0Tdlw-fHCnSPtog1xfzHJnlZLjYgafPTtix_YlRJppoXjwIfvneDbPEjcNoJ7l5Y3OssWVupGL8F9JKet2a-eanZa3cNQJ4sw2cZKwLy4hJmpwEpU3BynTrbokBmkS6a4b1R8IhFi6FFLyu-AbD7wvqEA2ftAgWmYMhAwBMbpAOkSs-cWi_lgp7ZvUAXS2C2lqAzyN1QSmFnC_7wkzS02B_gZ6p2fTl2b9-qfXtByEsjN0Bva9sXmSqGokOd-C9s6wZP3sDW18n5RTmzfRwcDgQ44rl3FZJMZ5OEsDPJmLXJRvFl4tsHixtsVAxYUIyjVnkMqjFM7OzIgrrxlBjUgQC2NOX0gcftpcyovXkxhjCw-SeD1PJPMIAicZAg-WbMC8pJte-FbwPn9zMqSlY5bAN7Z11tA5a21S6Vemj-jTNA-JaAgFg0K-2HrmAe7DeJiHRDnvz-LqgS2yIHA-JC4slxlrmqmQSw_YqjG54yB-zy68VzdY6XeXh8HNtRsSRRCMUvOy8-ukeqjNW1YCFkdgjlDBJo7Vh8jAM-qoDmUSOifwVRtL4mb8OIhAMFGaUDodzTctSs4vofnFm1i7MQx1ZUP_HzCLZKiaNSWa5-a5Ld6aRzW4vZw8Sq5an8rkJJW-WbWSwZ_gaYrnFaXL1oN5SzYnOsVCQDdsXA0i0uLMe2haza83hl87nLrJorl4OOtWwMWj2E16K2FILe6SDG0a_9ovOJqyW5Dh0CwRDbVaTc1ui00cBNf7N5Shwa_RcpFJMfdUmzx1h4Lg5x4TK9uVAiJdqEbdgVmt4iyXAEzi95DeymwiJRu1FzLvonlUt95m49n0jkPlZNpl_Cer0ofYoh7_sffAHsAYuuQXPfIIKLQaGtCnRAarFmKsfz3RETM1pdzgYaEigZ_7HKAoDMMa_SYcn3agqALHv1651Tsc2Snjiz1bEMOaS85fdpyn324UCrJn2p2bBBICZd5QRTRiiWpxc3ZRHaGR7ZDTH0xgCN3fJLn8mBK0RuQquErq30l-9ML44H_dRByf5u8gLo9FVDvVdHJRfCBWTS83G298e5VoMkPBoMaKjk4xJadkttKX1pZNSFCD_O4ILnqI7eKH1_9vqLLQFSRHCwfn0ShSx1jE4zvXm8VXkR9RrakSbtCMq5cevDoprVcLiutpht0b9rD9DM08ns8HPq8LCDR7JCYXcBCwB37Znn9KleG2GYPbPMmelePivbn96eOHq352t1W9hNGULR_2B41ZAIDswArecBxYV5wwbXYzqgbFkEOZQIGSkFoR68iLD4lpKGRTxuSLCHL1C3WgUEhjmeUxbe78yQylw08-zGMv3pl2iGer_FluTTfjnJz6R7R52D3Pn6Esj_VNAVlq4qtKnniFpYOC3D0NAYuHyR-jmy2WVzMQQVvhNW4v7_5VyEvURkOceGA7Pc6yktamzgSW5uSyo32dlSw8-EZAsiWbggzoLFQxkI9oUinVu_oG2KjtgnoQ2dacL4iDO_Simj_TTKwBgM1zfIif0wVYEjoB0q2YW6X7A8_P_HDr4YksMlIn0nRAwdfjk9nKh13LdmI7kG-QUOzxYUR-teIkLsPxDejxzsG-dpcgb_E805JozzELvW6VJy8RzKLBOkX9m2qrj6x7_INAP5SCFFCQlWMy0wbhs_qbezUpDPp21sDyHCuevZ6nbRwugeRoFbPnn6A3KkNMI3WLgp90NrPGBkbBAT9_dbhSk9Fvn1A4ZEu_FhNfarueWiax2TTQMbSnK26YXx5mQeolmL77cbHk-tBZCB8jmuDeMOuwlTKp47rJ-N9prJfg9EaEfw_CG-DZayLmkztC5i7h4HFzK-mO3ko1FuZ_4EvKpIxVsF_HR494tTDIqJyTZLbhQPsEifpN4EtuP6ZewrXT5C9NMUa2ata-LQSH7rS5PSTsVVQnQuIuz7bSBMdZ92F8DhWesNuGRFOaLx8Q-L0CYUZ2ILWG277MdQzgz37BuF3WdkJBpNFd0mNdGRg0oN8q5az1f-PNc-8HPGU2FxFNcUgLPZUr6CgYDmdjGJAhxmDhfY9usuktG-TYFUw9GCX-4lbShHcaMvtNYzPQsaWfFoJS6Y0_bq-WkguvG9WeeWUR06dXP8CHzxVLZt-EAeXXgubz8pIq0ctF26GPa2PghyloFPBRm-DCQVUw&cid=CAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:42:29 GMT
g72h7lz2c4az
hal9000.redintelligence.net/zone/ Frame 0B46 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b58d4e0fa5987705daf70dcfd28f76fb037b8d3faddc472adff5b8d69462bc21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4102
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F690 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
103633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 13:42:29 GMT
expires
Wed, 13 Sep 2023 13:42:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900018.redintelligence.net/ Frame 2B87
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
d92b4998f15318aaf68ed549a08809c0d9c34446b89c4cd5244810595c6d99cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
85125700116846704444554012082018
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
898
Expires
Wed, 14 Sep 2022 19:29:43 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 14 Sep 2022 19:29:43 +0200
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6C98 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:42:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F834 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10960
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 15:27:02 GMT
etag
48472445140208031
expires
Thu, 15 Sep 2022 15:27:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6C98 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fef0ad2fb0b86b61091a352960cdcc095a28bb3f30c50a81ad732ed5c07e63d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B820 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
103633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 13:42:29 GMT
expires
Wed, 13 Sep 2023 13:42:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900016.redintelligence.net/ Frame 0B46
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
df46a128db59e0f72e9b091802ca76e2003cd2f8d5ae6b1792097cd1d6557eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
38067400114327204444550012082016
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
896
Expires
Wed, 14 Sep 2022 19:29:43 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 14 Sep 2022 19:29:43 +0200
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame F690 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 12:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 12:57:31 GMT
300x250.html
s0.2mdn.net/sadbundle/7880356414873403392/ Frame 6B52 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55468abd6c7a0abe7622605b79ebe6258bf47a4ebf0a19077a0fff6f904e47cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 18:29:43 GMT
expires
Thu, 14 Sep 2023 18:29:43 GMT
last-modified
Wed, 14 Sep 2022 11:46:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6C98 		0
613 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrRZ0o-RVh2P1jinKH0ujBauerTHxmmt2d8LRGk44JjM8azRrZmRocieCbb1eQvkx-dDEw3pzB1_JA8P4ywjAiwxOlNmt6kuryTYASaraci2ls1BPWuT-PElXoYBdA8kbpy_kFX1hZSXmMF2p9JMtt-AqB6xogGOsjjb96_3IGydFt0Ec8DxBD2PVaJ0oP65KoBwlQLKEDmwSdvTuPIo4Z5pdRMPVq3z-5QfuId3D4-zOAk2XcnN0v7uTK_b7FUvDWZMRiN-QeqfETxxGJYX-h-B9g2XeKIAPE263w8o20Vdk8bxrSFE_bH3UbkgeqnGESeBcJlD14zNek_-ybzlBnVd0xZgMNDw5gmeJoOQbJJGvSQndW4sdkT67eBN_KB88s8EZu2EKrDq9QfVDgS-XEF7MdknXiYRsY4tdzPkYLsBwLOAOYFd40bOuzhEWfrERs4rMwsmeEX1eZZa4RRy6UWca4WMhfKu51xhw9kXZDEAx5Xjt92tP4_hlkMk3J4cLREGKsx4L7QMjWX9bYQW37N4F5w-vJD6XJKhpv5OBG57jo5a6u3n2ug3akVBluF95RE-lMTew6lNSfAMIwLeWoMHW1iBZeQ-mugFQzjbExOhLh64iWwEw7q8tI6emNzWgYzy7oZTmQmxBNnlwOhYWN-8bo5v4ZUEUlP-_44HNgMz-NioQqmYMy1K8-qu7uedxhw29rBSTbvWcgNB1akRCFBm9FS2V8wsZQTf-mTxJ3dTXXZu0zvX3hEgflYNrdI88gYWvFZXrt7zq8QDiWsWqKa0APAowCPuv6qu0IZa2NnXvMk310aT179jUSyt5k-CqvsKL5ryIajWBbraO7ENGcMpWwrXxk5WxXQcwGMTKGbvo28piGGE4BbPRXso7qDO2d35o8Svv2ZAz0piFsbWBxGaKpLV6um8VFo_zbC9YZ8B3AeZ1lZW2dnEAbz9-XwNXy_rtAa29Lud33fIoHalZmq4kgRqdjwAnnM2TyZ-AC8Lz2uMl-GkwweO-6cCvQkrD3KmoiUv_PqKvZRqXGT9GQMPNNrmGPA1FD1JSdodCcAubP4UZKOuMz2MaQ6CtdJuGme72m28BlU5_lAdzdVxNUKcfZ19DzKARcEsJvZ-9VK7HOVyqVQr_WY8qijnOKfqBwxk32BBwnqHKGNjDtMJjJUn66JbBcfU195DeFhNuuH9bD-eyRoc-XM9MK0nXSwUitEVNpF7D8fIL57LK38hnqzjTs2D6Dkb4L4nodkh_5GrBUiMP2zyeekpYx85p_aHzAKVSCAzMPyj9VMLUa3MqxHZ1EWdjJ3YshW0w&sai=AMfl-YSa1n_5NEanzVTd8vHRE9WvpmAiw1SJJhJlAasuatsDtcCb_JxXilSPHplggRMQYqwwDhcBOu0TkdkWq0LATPZViyaCl6U6MRv4Ta4cyQoX22Uv7eJNNDa8e_UUYWhCtQnABMQTPTYw-7jgfWcDSaKip1RraryFaP50hQmTreJJoHHiE14PqsHVv8oAogG0c6TMR8BEsOfE_lOJexa2vFLv&sig=Cg0ArKJSzLQxaaGozk2DEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=150&cbvp=1&cstd=144&cisv=r20220912.41975&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 14 Sep 2022 18:29:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7BEF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
103634
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 13:42:29 GMT
expires
Wed, 13 Sep 2023 13:42:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F834
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEHfLrdTZOCfqsxtGlMOhCM&google_cver=1&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqW...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEHfLrdTZOCfqsxtGlMOhCM&google_cver=1&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JP...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=e8d2dbf7-5b8f-4781-9822-1a65a768295f&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqWeLvlmiATUw&google_hm=6thaVrDGRI2tp1WpCoKjUw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqWeLvlmiATUw&google_hm=6thaVrDGRI2tp1WpCoKjUw==
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4Bbj4PqF_sIl5OccyEdhtm60EQZsfFHxsyXdLymVQwLa9imleMSBcx9ASFwRvZ2ZRPFZ34yqtCDReG9JPLpudqWeLvlmiATUw&google_hm=6thaVrDGRI2tp1WpCoKjUw==
Date
Wed, 14 Sep 2022 18:29:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F834
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_w4qVqIeCGZm5rWG1oUoc&google_cver=1&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuhqZ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP_w4qVqIeCGZm5rWG1oUoc&google_cver=1&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuhqZRDdpGfEQDXn-_EERkfwF7A
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4CCgAZvGH9K3Sd48kVusXHK-H1ICob52DaEzYgQdz8JnnFAQDgivPWHT96dHQQxeZwwBUBTuhqZRDdpGfEQDXn-_EERkfwF7A
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame F834 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENwEa0VSUwm_RTt4IopOQE0&google_cver=1&google_push=AehlK4B6AOTFvuHSsHGfj2FfBREW6gVTOxUYxDlHVx9MQ-RcNUPrU2tHIdGkhQ8Lvy70_TnSGKUWg5aBOP-ZSN-EaUUZWHPo6ZXi
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
a4qi4cjn2jehri77fh8p4h9jvcji0795
pixel
cm.g.doubleclick.net/ Frame F834
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFyQIt7hZZz6yxioOJReig4&google_cver=1&google_push=AehlK4CIbyH69UgB-GdXj1Sb26WnpDTZsOEpMrNAgcF9Rm6xrD4QGHnMPpMBCvo4ERkut9hX4OF...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFSDMtMjgtRjZIRA==&google_push=AehlK4CIbyH69UgB-GdXj1Sb26WnpDTZsOEpMrNAgcF9Rm6xrD4QGHnMPpMBCvo4ERkut9hX4OF1jrQ0U1f9uK8B3WW2B5yeDsLjLg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFSDMtMjgtRjZIRA==&google_push=AehlK4CIbyH69UgB-GdXj1Sb26WnpDTZsOEpMrNAgcF9Rm6xrD4QGHnMPpMBCvo4ERkut9hX4OF1jrQ0U1f9uK8B3WW2B5yeDsLjLg
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgxWUpFSDMtMjgtRjZIRA==&google_push=AehlK4CIbyH69UgB-GdXj1Sb26WnpDTZsOEpMrNAgcF9Rm6xrD4QGHnMPpMBCvo4ERkut9hX4OF1jrQ0U1f9uK8B3WW2B5yeDsLjLg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame F834
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELHT_JeJLUdfx7WJFQMnSwE&google_cver=1&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnE...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnEZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzOTMxMTM0OTA0NjQwNjQzNTE2OQ%3D%3D&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzOTMxMTM0OTA0NjQwNjQzNTE2OQ%3D%3D&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnEZ6cA
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgzOTMxMTM0OTA0NjQwNjQzNTE2OQ%3D%3D&google_push=AehlK4BNnHn5AeWcAebEpW0aRqDqb0CBgRnqcEdpDJZbyr8BmCt4wKOIBoRlej2FNHcApru1XQlRojmf48IqyK6aXxIx2bjbnEZ6cA
date
Wed, 14 Sep 2022 18:29:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gob
sync.inmobi.com/ Frame F834 		0
0
/
onetag-sys.com/match/ Frame F834
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBDWfmHJAUcJPbryqkNaWkw&google_cver=1&google_push=AehlK4CfP93C10YLP86tdwGVYe8V1hIq_7WuFDFDlzVc7YZCwLiBlQbQDtpTsF9e-V3R0ACa5ma2AqBcbDC...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CfP93C10YLP86tdwGVYe8V1hIq_7WuFDFDlzVc7YZCwLiBlQbQDtpTsF9e-V3R0ACa5ma2AqBcbDCfgVrMFPqc96wX9XF4K5A
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F834 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KR9tWO3lTVtgoftw5L88HGw-3ModZ6jk26ogY-zCESJ6TXJxo580_27_LbJLFfSkX_YFxmr98
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame B820 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 12:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 12:57:31 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C123 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Sep 2023 18:29:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C123 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Sep 2023 18:29:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C123 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 09 Sep 2023 18:29:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C123 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 09 Sep 2023 18:29:43 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame C123 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HYMmlKakDsbZ4BraU9MWJoTlYqCrX-7fTx45j1YUoLNDrJ7OjjHOe8E-ugbd2ZBVMWhWocDXvIGXSV6i-5LzYNOZW1VIjo-aQSxRtOA78SfJI8rHmJt0XeeF6zcsQzNLyaqzBN1KgBnNvAwbefpON4yVwFtkjs6IcwK1FS8kduO0eBlvhN7cRgOGnoZSjUeyUX9jbMP5LHoTBSrgwvHYPDN2Nwa81Dc4RHYQGcMceRKC9xKtrO5XFhy7n0pGePs0CGQUBT34Xr44aOL71enK53V8lzP_zI_mPrUerDNJ9WPBSO0wNHwWamm6mA4MpseLsWfM5Vdcnud-DezoxkELppAqjAy9i_9P85mc7zH_pXV8f_-NaJeHgAugy8T_qobNEHsrwnuZR0pYitzGcpV-aJ6iLagcV1T--6b-WhBrzHGwLcT1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3053956
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame C123 		0
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1663180182
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
QmXHAY6nKEx3E4nUjL3rweuELrciH7Hpa6c6_B5ABC91FCX2cuDl9w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6B52 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 07:51:00 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6B52 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 18:29:43 GMT
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 7BEF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 12:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 12:57:31 GMT
animejs.js
static.criteo.net/animejs/ Frame C123 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Sep 2023 18:29:43 GMT
img
pix.eu.criteo.net/img/ Frame C123 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=RvgLKdjxsCa071ptabsHOAat
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29413662
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11301
expires
Mon, 21 Aug 2023 04:57:25 GMT
img
pix.eu.criteo.net/img/ Frame C123 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoVerbund-freier-Trainer-und-Coaches-UG-haftungsbeschraenkt-307324DE-2206131139.gif%3Feb%3D1&v=3&w=400&s=kQPVVx6qqWTaJPEz3j54x2he&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bf6ef9f2ec28cdef4f1e3b49e7c0b2a6f05c027fed9f2d685dc7815a2a76c355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=328987
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2732
expires
Sun, 18 Sep 2022 13:52:50 GMT
img
pix.eu.criteo.net/img/ Frame C123 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBascom-Cameras-B-V-180642DE.gif%3Feb%3D1&v=3&w=400&s=K5WLCwZQMQUPnP3fTSaX4qJ2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
df8a117309d30c94effb77c809817e39147f8b8563c3c86a0bf5f3852dd5ae64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=387050
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1652
expires
Mon, 19 Sep 2022 06:00:34 GMT
img
pix.eu.criteo.net/img/ Frame C123 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoRasenBallsport-Leipzig-GmbH-112203DE-2011231618.gif%3Feb%3D1&v=3&w=400&s=nf2adO-GqH0fTKK0GZ6m24ZY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
049197d27fc218a1fc7185322d281d1f12d8cb637cce49e815600869e12e463a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5240
expires
Sat, 09 Sep 2023 18:29:43 GMT
img
pix.eu.criteo.net/img/ Frame C123 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=451822
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Tue, 20 Sep 2022 00:00:06 GMT
img
pix.eu.criteo.net/img/ Frame C123 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoSchustermann-Borenstein-GmbH-43990DE-2107211511.gif%3Feb%3D1&v=3&w=400&s=YlSyIXLqV5_9Ri7HZUnQeluA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f953b632ed634537bf9a8c7235022a76cea7f42640c7722afbf8e0178fa25da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=909831
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1492
expires
Sun, 25 Sep 2022 07:13:34 GMT
img
pix.eu.criteo.net/img/ Frame C123 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2Flogoumlaut-22544DE-2011191708.gif%3Feb%3D1&v=3&w=400&s=h6MSrvCuLLNFEP2MLoODan37&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=760756
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1403
expires
Fri, 23 Sep 2022 13:48:59 GMT
img
pix.eu.criteo.net/img/ Frame C123 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVector-Informatik-GmbH-4681DE.gif%3Feb%3D1&v=3&w=400&s=0pa-DVj8rbf5t4b6QkPQ9s5j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b999a372dbca12d14f1b5e3eff1acfbc92480803c5007afea2084cfda4e5241d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1872
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1242
expires
Wed, 14 Sep 2022 19:00:55 GMT
img
pix.eu.criteo.net/img/ Frame C123 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2FlogoTopos_Personalberatung_GmbH_7187DE.gif%3Feb%3D1&v=3&w=400&s=OskU3FfSrclpW9HDAAQhKKno&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bdb0c5af494608d8de1b5aa94269b35043fe58d21257600c13a5e168707fb829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=443316
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1982
expires
Mon, 19 Sep 2022 21:38:20 GMT
img
pix.eu.criteo.net/img/ Frame C123 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoEMSCHERGENOSSENSCHAFT-und-LIPPEVERBAND-DE.gif%3Feb%3D1&v=3&w=400&s=Cw5hcNrUPNBIRVFzL3sqz3DH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a20eb00f564b6a0e768b0f11fe1a9d3ca684e04a98d81084d95bfd84b1bffa33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1902
expires
Sat, 09 Sep 2023 18:29:43 GMT
img
pix.eu.criteo.net/img/ Frame C123 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMBG_INTERNATIONAL_PREMIUM_BRANDS_50177DE.gif%3Feb%3D1&v=3&w=400&s=cnJz_yjEhDJCPH_jDJHTwsTY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c9e46e4d525aaaac2f0d8e1ad054ca27712e468d332c9cff9f3c9555836a3d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=651722
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1954
expires
Thu, 22 Sep 2022 07:31:45 GMT
img
pix.eu.criteo.net/img/ Frame C123 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoVodafone-Jobacademy-Vodafone-GmbH-215974DE.gif%3Feb%3D1&v=3&w=400&s=rNWL3WLGh_tV5n265UD9K-32&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ea2d6bff0f4e1f09cc0378657cf8020bf9ed62065a3e3026c5fd09061e2f16e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=177862
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1340
expires
Fri, 16 Sep 2022 19:54:06 GMT
img
pix.eu.criteo.net/img/ Frame C123 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FT%2Flogotop-itservices-AG-5395DE.gif%3Feb%3D1&v=3&w=400&s=3n95M-dcxmRWDp5Mcjh52CoT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
db6c8e8136cb77c1ad59f91138903eb80434e370e7fdd220cd4643c29ca4d1be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=216345
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1476
expires
Sat, 17 Sep 2022 06:35:28 GMT
all
csm.eu.criteo.net/ Frame C123 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KZC1JRYywNrK8DyrNSYJ5B4ixfopDj-0DI63rcznmKxq6bZ7zgJK2GUroSlAIqNImJgNjYd9LuxIxUxgx94dNGMFqAlZFTxgqTzgwmuGZBGhJgsPS8A1MuTEwKxDxszt8U6IKYN2MsZL4Ek-aA-dd-dzpEKnfvqdR_FKfGXg_Gz1JNVQTerAqzp3seWwTd9s9KOxvToQ_B2VHzfUW8NTWooxwYoRTszpx5apiYhxo2iXnsOUywBXn6Rwhx0C2TqUt17moQ&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 18:29:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C123 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Sep 2023 18:29:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C123 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Sep 2023 18:29:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6C98 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrRZ0o-RVh2P1jinKH0ujBauerTHxmmt2d8LRGk44JjM8azRrZmRocieCbb1eQvkx-dDEw3pzB1_JA8P4ywjAiwxOlNmt6kuryTYASaraci2ls1BPWuT-PElXoYBdA8kbpy_kFX1hZSXmMF2p9JMtt-AqB6xogGOsjjb96_3IGydFt0Ec8DxBD2PVaJ0oP65KoBwlQLKEDmwSdvTuPIo4Z5pdRMPVq3z-5QfuId3D4-zOAk2XcnN0v7uTK_b7FUvDWZMRiN-QeqfETxxGJYX-h-B9g2XeKIAPE263w8o20Vdk8bxrSFE_bH3UbkgeqnGESeBcJlD14zNek_-ybzlBnVd0xZgMNDw5gmeJoOQbJJGvSQndW4sdkT67eBN_KB88s8EZu2EKrDq9QfVDgS-XEF7MdknXiYRsY4tdzPkYLsBwLOAOYFd40bOuzhEWfrERs4rMwsmeEX1eZZa4RRy6UWca4WMhfKu51xhw9kXZDEAx5Xjt92tP4_hlkMk3J4cLREGKsx4L7QMjWX9bYQW37N4F5w-vJD6XJKhpv5OBG57jo5a6u3n2ug3akVBluF95RE-lMTew6lNSfAMIwLeWoMHW1iBZeQ-mugFQzjbExOhLh64iWwEw7q8tI6emNzWgYzy7oZTmQmxBNnlwOhYWN-8bo5v4ZUEUlP-_44HNgMz-NioQqmYMy1K8-qu7uedxhw29rBSTbvWcgNB1akRCFBm9FS2V8wsZQTf-mTxJ3dTXXZu0zvX3hEgflYNrdI88gYWvFZXrt7zq8QDiWsWqKa0APAowCPuv6qu0IZa2NnXvMk310aT179jUSyt5k-CqvsKL5ryIajWBbraO7ENGcMpWwrXxk5WxXQcwGMTKGbvo28piGGE4BbPRXso7qDO2d35o8Svv2ZAz0piFsbWBxGaKpLV6um8VFo_zbC9YZ8B3AeZ1lZW2dnEAbz9-XwNXy_rtAa29Lud33fIoHalZmq4kgRqdjwAnnM2TyZ-AC8Lz2uMl-GkwweO-6cCvQkrD3KmoiUv_PqKvZRqXGT9GQMPNNrmGPA1FD1JSdodCcAubP4UZKOuMz2MaQ6CtdJuGme72m28BlU5_lAdzdVxNUKcfZ19DzKARcEsJvZ-9VK7HOVyqVQr_WY8qijnOKfqBwxk32BBwnqHKGNjDtMJjJUn66JbBcfU195DeFhNuuH9bD-eyRoc-XM9MK0nXSwUitEVNpF7D8fIL57LK38hnqzjTs2D6Dkb4L4nodkh_5GrBUiMP2zyeekpYx85p_aHzAKVSCAzMPyj9VMLUa3MqxHZ1EWdjJ3YshW0w&sai=AMfl-YSa1n_5NEanzVTd8vHRE9WvpmAiw1SJJhJlAasuatsDtcCb_JxXilSPHplggRMQYqwwDhcBOu0TkdkWq0LATPZViyaCl6U6MRv4Ta4cyQoX22Uv7eJNNDa8e_UUYWhCtQnABMQTPTYw-7jgfWcDSaKip1RraryFaP50hQmTreJJoHHiE14PqsHVv8oAogG0c6TMR8BEsOfE_lOJexa2vFLv&sig=Cg0ArKJSzLQxaaGozk2DEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=398&vt=11&dtpt=248&dett=3&cstd=144&cisv=r20220912.41975&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: showtimeanytime.xyz
URL: http://showtimeanytime.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view.aspx
pb.media01.eu/ Frame BED9
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=85125700116846704444554012082018&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 14 Sep 2022 08:29:43 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Wed, 14 Sep 2022 18:29:43 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
D972DA1B:C120_91EFC182:01BB_63221D97_D4A23F4:1F22C
htlp
futalis.de/ Frame 9AAE
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=85125700116846704444554012082018&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042480
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042480
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 18:29:43 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042480
p3p
policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
request_content.php
hal900018.redintelligence.net/ Frame 12A2 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=1d530ab73e&subid=&uid=10991613275d9ace&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_24Jlh0iY-7RD86cx_AP4N6IyAGm5b2gaa2VnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSXAk_QmX2kZte2N_eg8Eqq60nfZQLhWhrof8RFW42NehN_ofGmj-qtt_zqMAqZmWtPpc-dTY9fw7UXX1oDeXsy2b3g71IubUTV9X_AKDcrq-zh8xoquf5bD_cQdKsMPSdAb3ZASwmI6_oY4VkDFWqs7AMZCuRz6fTR9MOOQZiERK5yRkjgzFLSH-wCkoWvMQ8N3xK3WJU7x3GN6VJbG3kQWhc65W1ZIaMYTAqjPPYma-CwC3195V3LQksUR6uCxnZM3B9WiUPZUIra0Ri0hwg3ORbuluNh74cdVdWItsxpJmnGpbHVseIA51YcPOzAvg1UiueKvvsqJsFMN0aWkje1ShOks9MGMKayNArn5hY0u1uaPZNnm-LhVsAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ%26sig%3DAOD64_3Vx_mSBwglMCDo7FDnrXVGtB2E4g%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CJspPMImzUAPAS5kyRX1GNKPrm_ExCvCu3w54dBGS0EW_Rl6VxQSnEmTwyoKFWqB6cOSg7pj5FRFs_XRvTbw_Jt3k6vDzGShmYLOyUkMq2jaTCtKRuJBjn2g-1H2XDcrHguqKIHbwSkCeRPbb1C8T6QkVmEQ%26cry%3D1%26dbm_d%3DAKAmf-B_UvRzxmgvyhTtw0IlUtEILOsv-VXty3d8OBpOx3bOH97_Jcid0Ejst3ZnVOlIpxZ5Z2gGuwENrhErD9qZ3-RvcE2KzBUGVm6N5s5oQ6rJY9yORafrl2bn8rMg0UCoL3jOPfnh9UjFTTxygW1zOHab_aOsV5-SXvjmq_WezNCmOgfqnFIgTl1cioNR0RFXjY_2OLSPrImn9TrUyPUYQWBmIyJGVdzfTyHjFcl7_dPzvvV5dRLpSDNfY1HtIyR9NU29RdYvcvyZeMB3zd7r79Nxj657ADnL9sAsVwXmON8GJzgmNGG-LcsP610va4QHeOLtMUxF9CANnuPvByfVnS1iVKo4IKEkyn983cXwkY8LsPYMcJlTXn8Px5pzm0lXllfrWJDEIdE3Hg69Pyp1pViSDjcPyWo7_m7ZYyueGvQlg2OP9L7DLkGBFSnmIAmx61FI2trPtLoN6sPzg7n_SEjFdxeHKJmC2mivc-tzt0pERCcCq_URhqfsUGQsNFASVOHWlT14gyNKHKV5nv6j-1lbABK2a8HbiQPS6g1Mj5w8hwAy8wdXDWiC7HSIgqVwZ-jg7it_3kyGvUNLs7PF8sRPMDxuig%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=3141544458363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
a90a2ceab646e68b17c46d39b7c701eb9159455c8d43b6db1c8d9aede8bad92e

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2048
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Sep 2022 18:29:43 GMT
Expires
Wed, 14 Sep 2022 19:29:43 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 2B87
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=85125700116846704444554012082018
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:33:46 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA1B:C12C_91EFC182:01BB_63221D97_D4A82B9:1F22B
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 2B87 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=85125700116846704444554012082018&pv=1
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-253-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7A24 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 15:27:02 GMT
etag
48472445140208031
expires
Thu, 15 Sep 2022 15:27:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2B87 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3558e3cc131aa7208dd2fc7053d9642ccd34ebdafc25259d00254837b41230a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
view.aspx
pb.media01.eu/ Frame 95B1
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=38067400114327204444550012082016&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 18:29:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 14 Sep 2022 08:29:43 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Wed, 14 Sep 2022 18:29:43 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
D972DA1B:C11E_91EFC182:01BB_63221D97_D4A23F5:1F22C
htlp
futalis.de/ Frame F383
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=38067400114327204444550012082016&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042481
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042481
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 18:29:43 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042481
p3p
policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
request_content.php
hal900016.redintelligence.net/ Frame 9DDE 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=8e95243a26&subid=&uid=cba2e890ff70ca21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChR_Xlh0iY-_RD86cx_AP4N6IyAGm5b2gaYWVnKfJD_AuEAEghveGJmCVuviBlAfIAQmpArH47-52xbA-qAMBqgSTAk_Q1SJECe77rT30s88hMg8GKGpJhftCDUbn1usU0tG3gEzmuW9BqTVHhVjr60XXuSCsQZP8Ojei2QKWI43IqM7XDeR1-yhtnYGLNwa-ROzwTXJ-A5rJTkuknETKvSHliZqsy8JrcO4CcyYo1U8MC6Zh5VAzrnooMkiAY5OTP93EZmBwkcU9KZu0BwIylIzsXeljTxH4_5o3r5NaEnR6ECRoFq41nktzi6kgbCp_ePJIOFYMq6exrtzAWHgkyybmVYDkSK_OvkYKd8m7NTqTVwrJ0KsXAUBh4i0wu3Is3V6r5Xf7Bg33Ry3XE3p1oSj3Us_tl235q_tjpRtfbCSLATL-p3JMJo47av9fBtKqXkEUXLvuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08%26sig%3DAOD64_3lfCrOwND1aBNh3_lB4HGGKSnnMg%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-BuyTkxh_9LFIIkXd5obFBiORxWg6Lx15ANugfALPv8-_GLziTKaKIl9hA4-3sJ0gczcP_SkRREm1jINHxp9OfEFOZBQq4BD9qv6La3j9iqmL7QPxJsgkAUUrgtot28aI3lCeK7ZyO9N8vQ3evWnGaZ3j-SDQ%26cry%3D1%26dbm_d%3DAKAmf-C1Tq8mMJbtzqG9zydk4OA75FcqYZZQI3qCucva96AM8ASIvVTzobXvWU4aNsCJ431a0dMo3LcyQj9_o6Ct4NmAgu-63vPZMQWyVw8rAYC7nmN0F1ruFTmi7ugujNvtNrDp5xoovUhcN_fqiwuvRr8YRfDs2xAuQqkuZhkxHjOiaf4vywCDY6eH8rZcnX3M6_QiRVxBlxZCAWk2qY9PAiuGscqKshgeOQV6rWzMMz8qcYH-CEV_0Zg4pV7DuTEZuLBOumeBvox5spwqbrDmRFpp3zma0q9qyXisqdZiiY7jRel9wGMSN7SfssqUaGmWuQxw7danWb-a4owhzfmgo2RIDsZykDWQWLyK9w3_f-8fl5e6aqIqduA7lVmlKibwTomZxrKVmFZAU9YgIUg3kS5FgtdCJHFGLVZM2Fr-vK6Py3VjZmEy_jET7QzoAANcs9Uh9sJtdSUB0In58FN3wVC_7fGZnEHvzhewKmgrSSJhKkLXKuH4GHAysav9snzA90rmuO1gNlT-y-DW2bD5-FZ_xitbWSYcFO2brD-oyAoFF20a7Do4cT7x7FtZD-6ea3rykD-Atu5kyEjmUNOpfvwk0-JFNw%26adurl%3D&documentReferer=https%3A%2F%2Fsimcast.com%2F&ancestorOrigins=https%3A%2F%2Fsimcast.com&random=9358045844805&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ff7a0c80c6fdc66b275985d0d19039db3b8150e2276591d6030477a3dc29df32

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2069
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Sep 2022 18:29:43 GMT
Expires
Wed, 14 Sep 2022 19:29:43 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 0B46
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=38067400114327204444550012082016
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:33:46 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA1B:C128_91EFC182:01BB_63221D97_D44F853:2A46B
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 0B46 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=38067400114327204444550012082016&pv=1
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-253-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 6B52 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:15:06 GMT
x-content-type-options
nosniff
age
877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 18:30:06 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 6B52 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:24:33 GMT
x-content-type-options
nosniff
age
310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 18:39:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B52 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba40686b290ed1bffe6b58eaf41654766949a6ffecd06c530d692d3497d9a893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5631
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6B52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 19:54:59 GMT
x-content-type-options
nosniff
age
81284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 19:54:59 GMT
60005582_20220908245045701_Siegel.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6B52 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220908245045701_Siegel.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c41fa2cdafe9c7021105c32feb68705ba4e7fa1f7f86465a154e958d8330cdd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 16:36:31 GMT
x-content-type-options
nosniff
age
6792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17716
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 07:50:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 16:36:31 GMT
60005582_20220908244709534_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6B52 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220908244709534_300x250_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69aeb5d2ad469592eaaaa3378816e4269fd9f94e6ee73cef2487bbafdc573f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 16:52:10 GMT
x-content-type-options
nosniff
age
5853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40341
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 07:47:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 16:52:10 GMT
60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6B52 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:17:16 GMT
x-content-type-options
nosniff
age
33147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28198
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 09:17:16 GMT
60005582_20220908244706131_300x250_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6B52 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220908244706131_300x250_INTRO.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c1972edd197114c7f9580a4299deb5ca08e7bbdd1c9d0b20c294ab1e3f2e405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 16:52:10 GMT
x-content-type-options
nosniff
age
5853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42691
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 07:47:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 16:52:10 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 6B52 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=28467061_4307561_345597451_170181290_SOHO0301A20220909&ref=28467061_4307561_345597451_170181290_SOHO0301A20220909
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Last-Modified
Wed, 11 May 2022 05:12:26 GMT
Server
Apache
ETag
"2b-5deb57cb16280"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 67E0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 15:27:02 GMT
etag
48472445140208031
expires
Thu, 15 Sep 2022 15:27:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0B46 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb338ff0e29fecec29a0917a3eb963c3d96ffacc7aaef63d031a0bd9962c5677

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 12A2 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 18:25:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 18:29:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 18:29:43 GMT
/
hal9000.redintelligence.net/scale/ Frame 12A2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
ffedbe37a50f57795b7c54ad86db173ef232838e9e222e894a74281fa5327e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16465
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 12A2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b4d24054f67792c0220cbad83cd724a710be9634c6ac682041f0eef05071fae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12988
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 12A2 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
4deac0b719cf1566038749d807a98b1bb07719b8a68411adef0ca04a5f5a10fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 7A24
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK9aV1olupFqWNCopuLpl58&google_cver=1&google_push=AehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK9aV1olupFqWNCopuLpl58&google_cver=1&google_push=AehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGA...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK9aV1olupFqWNCopuLpl58&google_cver=1&google_push=AehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74ab30948ad6918f-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1223
cf-ray
74ab30934fa4918f-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK9aV1olupFqWNCopuLpl58&google_cver=1&google_push=AehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DfCi8bKq_okBI4J3nGJzl2pek2YpBUuzn7igYCK-4t_q3PSh53HjQk4yIOyQp_PT3Ecm6H4UlEGjf0XypqTKL4uZZqoGAA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A24
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJG2cqcfNMiEaSdOi9iiLvo&google_cver=1&google_push=AehlK4AxYXikcOBiC8vyn4IWduj7AK53uLwf3O3PZge1VmBxPgIuRDRO6I6FLBsso1X4Ng2a-9qaCbxjEpBx_O1iZHH8k6ZQFP34
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=81591491B9C3487487EF3BD29543232F&google_push=AehlK4AxYXikcOBiC8vyn4IWduj7AK53uLwf3O3PZge1VmBxPgIuRDRO6I6FLBsso1X4Ng2a-9qaCbxjEpBx_O1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=81591491B9C3487487EF3BD29543232F&google_push=AehlK4AxYXikcOBiC8vyn4IWduj7AK53uLwf3O3PZge1VmBxPgIuRDRO6I6FLBsso1X4Ng2a-9qaCbxjEpBx_O1iZHH8k6ZQFP34
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 18:29:43 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=81591491B9C3487487EF3BD29543232F&google_push=AehlK4AxYXikcOBiC8vyn4IWduj7AK53uLwf3O3PZge1VmBxPgIuRDRO6I6FLBsso1X4Ng2a-9qaCbxjEpBx_O1iZHH8k6ZQFP34
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 13 Sep 2022 18:29:43 GMT
pixel
cm.g.doubleclick.net/ Frame 7A24
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECTySgv6QoHBHiymq1SENN8&google_cver=1&google_push=AehlK4Df5tlGvG8cLvXMtQzP2HatbR0KH0CXpe02DOLos4o1yXOdsGA8yULzaYgzvuUcs3cQF5j6UdT51hsIR8hr...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHof9mHVQpaCk6I1KJV-jg2&google_push=AehlK4Df5tlGvG8cLvXMtQzP2HatbR0KH0CXpe02DOLos4o1yXOdsGA8yULzaYgzvuUcs3cQF5j6UdT51hsIR8hrEPtAVFZ6oBC5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHof9mHVQpaCk6I1KJV-jg2&google_push=AehlK4Df5tlGvG8cLvXMtQzP2HatbR0KH0CXpe02DOLos4o1yXOdsGA8yULzaYgzvuUcs3cQF5j6UdT51hsIR8hrEPtAVFZ6oBC5
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 18:29:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHof9mHVQpaCk6I1KJV-jg2&google_push=AehlK4Df5tlGvG8cLvXMtQzP2HatbR0KH0CXpe02DOLos4o1yXOdsGA8yULzaYgzvuUcs3cQF5j6UdT51hsIR8hrEPtAVFZ6oBC5
x-host
tde-deliveryengine-production-67bbc99c9b-99cnk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7A24
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP_w4qVqIeCGZm5rWG1oUoc&google_cver=1&google_push=AehlK4DoJsTiTB6b7JTxfi03CsoP945ULMX7L08nm3XNBZziWAAEK0DV8pFAKC3SORN3VveGjDHUq-KY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4DoJsTiTB6b7JTxfi03CsoP945ULMX7L08nm3XNBZziWAAEK0DV8pFAKC3SORN3VveGjDHUq-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4DoJsTiTB6b7JTxfi03CsoP945ULMX7L08nm3XNBZziWAAEK0DV8pFAKC3SORN3VveGjDHUq-KY4ZFpXSWB_vRPiSXUjKi9
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTAxNDk4MDA2MTA0OTUxNTQxMw&google_push=AehlK4DoJsTiTB6b7JTxfi03CsoP945ULMX7L08nm3XNBZziWAAEK0DV8pFAKC3SORN3VveGjDHUq-KY4ZFpXSWB_vRPiSXUjKi9
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
us
sync.go.sonobi.com/ Frame 7A24 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4BBQJ-5IU6VEtmIXI6ZoaacpImx7tVIFuFKdEHiILy8uqx5wElzIv6_TnWqqMJdYhlyrFMFiqovj3tD6bvbEJpHCB9W7QoJ%26google_hm%3D%5BUID%5D&google_gid=CAESENiuBZxvfbhug7zmItjp8B4&google_cver=1
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-134
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A24
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBDWfmHJAUcJPbryqkNaWkw&google_cver=1&google_push=AehlK4D5ttFy8GXBzGzRvF7P9-N0yUBj1b-WeBp1Mhgr1Oi3Pd5XeyCPPnOJ0znl8Zl-U8TKe6Yv5KsKS7S6...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4D5ttFy8GXBzGzRvF7P9-N0yUBj1b-WeBp1Mhgr1Oi3Pd5XeyCPPnOJ0znl8Zl-U8TKe6Yv5KsKS7S65XnQQgqus0mite6o
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4D5ttFy8GXBzGzRvF7P9-N0yUBj1b-WeBp1Mhgr1Oi3Pd5XeyCPPnOJ0znl8Zl-U8TKe6Yv5KsKS7S65XnQQgqus0mite6o
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4D5ttFy8GXBzGzRvF7P9-N0yUBj1b-WeBp1Mhgr1Oi3Pd5XeyCPPnOJ0znl8Zl-U8TKe6Yv5KsKS7S65XnQQgqus0mite6o
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 7A24
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHPiWMZtdFFW5YaC32gWbq8&google_cver=1&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9vQiMDO0SskcJe4sIIZRp3ga&google_hm=WXlJZG1NQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9vQiMDO0SskcJe4sIIZRp3ga&google_hm=WXlJZG1NQ284WGNBQU81VEhid0FBQUFB
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
39
Date
Wed, 14 Sep 2022 18:29:44 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEHPiWMZtdFFW5YaC32gWbq8&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9vQiMDO0SskcJe4sIIZRp3ga&proto=google_ebda","cluster_id":39,"gdpr":true,"ipv4":"0.0.0.0","key":"YyIdmMCo8XcAAO5THbwAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40057"}
X-SO-Ads-Time
2
X-SO-Key
YyIdmMCo8XcAAO5THbwAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40057
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4Aj8QYul2F6siwbDWyDtFPxEX_aw2gAltl3wXMg_mpAhOFvKKx3vXTJ4khUYQ0LTMt4wLYB9vQiMDO0SskcJe4sIIZRp3ga&google_hm=WXlJZG1NQ284WGNBQU81VEhid0FBQUFB
Cache-Control
private
X-SO-HostName
a-ad40057.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng19.dc4p.scaleout.jp
X-SO-IP
217.114.218.27
attr
cm.g.doubleclick.net/pixel/ Frame 7A24 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcEO5JLrSNA5JcANJUzGKWW1Gan7ImrVokJpx47mSRe6Fb44mGFHg6QCgPNTBnSnZ0R5op
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B52 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 18:29:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F690 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoIi2lh0iY-aWL9eGjuwPsbe44AcAAAAAOAHgBAI&bg=!hYalhsLNAAbG3AOo5tw7ACkAdvg8Wv_y2WhOh-IvYwxpL8IWtdEl5j8TOPLFtxgS8dkF9ZaLZ4b6KQIAAAFeUgAAAAFoAQeZAyR1l0bDmueevxCLd3v1re3LB1qGse8vQwHV__Tfbk1RGoChGKtLugj96neRuNXp2AfJXQZERUraVSgwHiWzErYJf_z58iemsFygZ4FGkeuXU0zbQLTOQO3DaOJyfrxIvy4WoBuXARTbXkYzBvHNwGF1ZSExwA59JJ4UaVTWFxf_V-4Q-2BR037gBztJv8KwmkyB8YweJcV76WWKgoYD48L_q-upA8s9GwRNAhklp1YCCGbbLHXmy3vNljtRLCwUZ2GvjmQMunIqQIMpIAWGVr-EjjOHytnzLGv7GF_2V1VjkeUy9XdtWHtj49VYxzG9J5QRhxnuWnM68uSYNJO8A6V65dyBYl1EcwV48UoAKAP6iYFj6wnljD7RT3ClO5j6z7sQh414ynss_rcRt8mAJLDFmAE0NGOfYRheZSF4iiDKZxp-Tw1wlS0Bt4N2f3_7lGWGoBjgfzUjO2bkWxoV5bnwEbE8qm__esmV1TVNpeTkrPqIzwr7uj78_gExBvKqv3dVikrejXY4jyue4fknwide4Ud3Wfw3VpJXOBoQl3BzZ_thZqvpMvQszDS8XWDv59q6fX6rQbDvHtmADZ1DO9qLc_e7hV_FFHgz6Sr_wOCex23RrnOoEITNaO-oKUILzuQj1flX3xmlNVQKGvwQM8GOReaH_ABCQwcCMUX4Tfqo3eTg5MOqg8SHX9u_VyCxHxlbjKsyO1FCnOuCxantCUiVxxAh5Zt-fUGc_HK-onx7Ab8c0Zd2LwjPc1eABxDZEUJmkrC6nnh1kDDrWceoW2_tHd0quuOgGrbUn5xt3UCdZfo6bOVx0WLyWePHvgEupvvreZ8kNg8_k8JflRQkqAXqEiZuut4ZflizwfEM5sIwTW5sRMVZVu8spDmZBEXnNxPW8b3MKDrO2ktP_JUjLOi0WPAF4wCWt5GsFLm_F-j2jF4_Nak7hA5o078nbABNejBEOYYArGj9wkTDFyaMk4KTsyy53kTdthB9eKwZLvM8cJkAMb-yCigjAL9cVPsr2nwpdB8T5GiGZPHuS8PRWWZTLhUqPruAd4-WXhfSbrBT-mUAkMY
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 6B52 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=BAOzPgsotB&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:23:06 GMT
x-content-type-options
nosniff
age
397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 18:38:06 GMT
css
fonts.googleapis.com/ Frame 9DDE 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 18:29:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 18:29:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 18:29:43 GMT
/
hal9000.redintelligence.net/scale/ Frame 9DDE 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
ffedbe37a50f57795b7c54ad86db173ef232838e9e222e894a74281fa5327e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16465
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9DDE 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b4d24054f67792c0220cbad83cd724a710be9634c6ac682041f0eef05071fae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12988
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9DDE 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
4deac0b719cf1566038749d807a98b1bb07719b8a68411adef0ca04a5f5a10fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900018.redintelligence.net/ Frame 12A2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=85125700116846704444554012082018&a=682c9066&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 67E0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEECVXLgAb2HytiHrau6tzX8&google_cver=1&google_push=AehlK4DTP37HBRxLlhd0L3EF7m23dvxi8jWRttVIPBWnFMW6fDVNJvIWDLtcpu6rtEWjrHPc5dqhZX-hSpA_0Ebo...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DTP37HBRxLlhd0L3EF7m23dvxi8jWRttVIPBWnFMW6fDVNJvIWDLtcpu6rtEWjrHPc5dqhZX-hSpA_0EbobXUCCim0W33g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DTP37HBRxLlhd0L3EF7m23dvxi8jWRttVIPBWnFMW6fDVNJvIWDLtcpu6rtEWjrHPc5dqhZX-hSpA_0EbobXUCCim0W33g
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DTP37HBRxLlhd0L3EF7m23dvxi8jWRttVIPBWnFMW6fDVNJvIWDLtcpu6rtEWjrHPc5dqhZX-hSpA_0EbobXUCCim0W33g
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Sep 2022 18:29:42 GMT
pixel
cm.g.doubleclick.net/ Frame 67E0
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEO98C3l2LlwiZZb1V4_SSZU&google_cver=1&google_push=AehlK4D-NBwCVMiirgGRrSVaRVtr9Lc7fKz-3RtECzUElxduRUvlB_B1lpG_EfK1KcRfHbLmkoM11...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4D-NBwCVMiirgGRrSVaRVtr9Lc7fKz-3RtECzUElxduRUvlB_B1lpG_EfK1KcRfHbLmkoM11VqJ-APyawax9A3cWiAky5Idaw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4D-NBwCVMiirgGRrSVaRVtr9Lc7fKz-3RtECzUElxduRUvlB_B1lpG_EfK1KcRfHbLmkoM11VqJ-APyawax9A3cWiAky5Idaw
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 18:29:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 86C324EFC8204730939BB2027C40CCBB Ref B: FRAEDGE1309 Ref C: 2022-09-14T18:29:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4D-NBwCVMiirgGRrSVaRVtr9Lc7fKz-3RtECzUElxduRUvlB_B1lpG_EfK1KcRfHbLmkoM11VqJ-APyawax9A3cWiAky5Idaw
x-li-proto
http/2
content-length
0
x-li-uuid
AAXop1ALUUrQ8futf0bAfw==
pixel
cm.g.doubleclick.net/ Frame 67E0
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEIDVhzb8T3VwjaaEjy9T2ls&google_cver=1&google_push=AehlK4DK489cJAVZT8xaae4PbwrhG76Wgm4GBjd5iLq0cfA_p0_tBdbZtEikJDZn8dIt3KztIXytFyUP_5rgbsHcZhO3mvMm1nfUvA
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=czlWRVdVV3VDbGVzTUROamx4MGlZdw%3D%3D&google_push=AehlK4DK489cJAVZT8xaae4PbwrhG76Wgm4GBjd5iLq0cfA_p0_tBdbZtEikJDZn8dIt3KztIXytFyUP_5rgb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=czlWRVdVV3VDbGVzTUROamx4MGlZdw%3D%3D&google_push=AehlK4DK489cJAVZT8xaae4PbwrhG76Wgm4GBjd5iLq0cfA_p0_tBdbZtEikJDZn8dIt3KztIXytFyUP_5rgbsHcZhO3mvMm1nfUvA
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=czlWRVdVV3VDbGVzTUROamx4MGlZdw%3D%3D&google_push=AehlK4DK489cJAVZT8xaae4PbwrhG76Wgm4GBjd5iLq0cfA_p0_tBdbZtEikJDZn8dIt3KztIXytFyUP_5rgbsHcZhO3mvMm1nfUvA
date
Wed, 14 Sep 2022 18:29:43 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 67E0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgZskuNCRIC4V4GxrydOeE&google_cver=1&google_push=AehlK4Bf8EQdKc-PeiGFBdjnCDHXEM2PcjccqHs8C6PE_7GTB4B1f4EShhQQM20U1v-zUUrjkdI8C4HMHnAGjTuJbC3Mpwa...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bf8EQdKc-PeiGFBdjnCDHXEM2PcjccqHs8C6PE_7GTB4B1f4EShhQQM20U1v-zUUrjkdI8C4HMHnAGjTuJbC3MpwaRWdcrBw&google_hm=NTc2ODU5NDgxNzM3Mzgx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bf8EQdKc-PeiGFBdjnCDHXEM2PcjccqHs8C6PE_7GTB4B1f4EShhQQM20U1v-zUUrjkdI8C4HMHnAGjTuJbC3MpwaRWdcrBw&google_hm=NTc2ODU5NDgxNzM3MzgxMTkzMw%3D%3D
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 18:29:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4Bf8EQdKc-PeiGFBdjnCDHXEM2PcjccqHs8C6PE_7GTB4B1f4EShhQQM20U1v-zUUrjkdI8C4HMHnAGjTuJbC3MpwaRWdcrBw&google_hm=NTc2ODU5NDgxNzM3MzgxMTkzMw%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 67E0
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEN8a5dtbLChLIxbQk1deRk0&c_param1=AehlK4D-pQFWF-GFR_c-kk-SdHRNfNISi6SVwBsO34b199ynayOPTlP8JhNv_hqIYm7FNxEiHZrYzfopil4BXQVD99LtrEFTDIaesQ&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4D-pQFWF-GFR_c-kk-SdHRNfNISi6SVwBsO34b199ynayOPTlP8JhNv_hqIYm7FNxEiHZrYzfopil4BXQVD99LtrEFTDIaesQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4D-pQFWF-GFR_c-kk-SdHRNfNISi6SVwBsO34b199ynayOPTlP8JhNv_hqIYm7FNxEiHZrYzfopil4BXQVD99LtrEFTDIaesQ
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4D-pQFWF-GFR_c-kk-SdHRNfNISi6SVwBsO34b199ynayOPTlP8JhNv_hqIYm7FNxEiHZrYzfopil4BXQVD99LtrEFTDIaesQ
date
Wed, 14 Sep 2022 18:29:43 GMT
server
nginx/1.19.0
content-length
0
us
sync.go.sonobi.com/ Frame 67E0 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4C7j_NsXCo6ZNsAYdCtR1ZuTB0tDKm1jMsgXr_cMTeNKPaOYdZcFri5YM87JYcmk_t4pIsWhFBDmeGbNiLGT880gOP_mD2Ozw%26google_hm%3D%5BUID%5D&google_gid=CAESENiuBZxvfbhug7zmItjp8B4&google_cver=1
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-97
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 67E0
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELjO376-tK4aPu1WGj85Udw&google_cver=1&google_push=AehlK4BGVG9xxv2bxcgbLT01-YOvhrn5N5P2ZeYMeJ4C9hsu3qoQmUQin...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BGVG9xxv2bxcgbLT01-YOvhrn5N5P2ZeYMeJ4C9hsu3qoQmUQinyvucgqdZCqz8ucsgXW8PTrI9GwD_yBgA5Dh6D_h8l1zoA&google_hm=QlMuOTkzNS04NDQw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BGVG9xxv2bxcgbLT01-YOvhrn5N5P2ZeYMeJ4C9hsu3qoQmUQinyvucgqdZCqz8ucsgXW8PTrI9GwD_yBgA5Dh6D_h8l1zoA&google_hm=QlMuOTkzNS04NDQwLTQ1MDQtOTI3Yg==
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BGVG9xxv2bxcgbLT01-YOvhrn5N5P2ZeYMeJ4C9hsu3qoQmUQinyvucgqdZCqz8ucsgXW8PTrI9GwD_yBgA5Dh6D_h8l1zoA&google_hm=QlMuOTkzNS04NDQwLTQ1MDQtOTI3Yg==
Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 67E0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpCoNXZx1UePSS0-wsjdNSuOJtGw9qsX-7NtJ74D9PHBil5qQ9io4xBDRrqpvo8h2isEX2Zw
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame B820 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUC0elh0iY8D1L8mugAep4K2YBgAAAAA4AeAEAg&bg=!6eql6q7NAAbG3AOo5tw7ACkAdvg8WmFiEuD_SAdrWA_Dduip88UfUDwR8MayTDSSUjsxdbmoPGHKdgIAAAGlUgAAAAFoAQeZAzkhWw6X6kG-rk-qUhvMIeOQLrb3R2gp1thCiP-NAgQJsdK6dFc-Dse0smtm9BrQ5-Wa9FXcqdzqToodVMJeEwtOCoSWUv3EiBrhiwNu70fUbRhXGvDl39jV2ZzQ7xeb6FvDMMffV8kOBSpbkvGxkZ_rTEC1AAdF8EV4ofuRjWHyDtHMy_5elN1K6fVeyem6hcK88li0R3m_BJM1rXqRHekomvxHFsJ01ZboqSSYsf7Jll65i2c9CiKB79lBLx0WUN_CNljbD8zFpQ18GVxW4Ia9FRYLDW8HZ6WaDnCZkCCGcVMGTV2AJZ-PHJpv9BRTlxoETPezfxZzgQAlTi1UmXYXVKuFUgg4JEUtRLVQTBnUI3AXqUBs5WzLh6zCdW0XXJYc989OHjmmmYpgWLCL4TjYul5-6C6eGp6Czz9zvGOnjSpyR4qBhPHXs-z0B5Y1bFKsPzzDil-xuVUfZnzqZePArf8lt8AQyBtS6Hm53-fqj7UeXpY8bWC_9cPWaMUwSV2XZHATewXVz6BStZYxryaBmGGadDdTg2OJpYgZxhBydJpjGlg67CV-dAnyXPkYiKcXHfCz3L-FtRCMomp8e-wCDPxgqNEq2I2ZBrpx--pI1EafY6IpjwZf8VBEfN0tJta-2ZKUBqJMX2krMeGt9kZi4ShV2IhkbfMzpkKcRfvo_ewX9X78bAfQWSwr0XZRXg52jcZ8_hNlpQhy93tF17i6xyp64eik-2_8r04v5-n4oWt6RcUf_GwwD6ZFDyxe-sXEyjJcYBvAr_DuTEvyVVA8dtHpV-E1VJX6H3o9_TXF2jpPLddMxOza5-8_Rg4Tjh5PpeRWy7k9ulQnmLfG6za4ZYTh5kS1TGUu_xSx8VJHAIEhWHQmQNbk87B_vCh_FefOS65kDsFG5O03Vw0oGPqKpitNd79cF8dFunNYD2KFQgYPXnk4_0Uufcj9bypE9NZO0IHZMFVSB2XDFSn-lb-3FvF0O-5hcI0_raoUHpq4AbPk2AjNYFA87xzuJ_RY0CW9f2Nxr_jw293ixKGZj52fFTZXIJJIFhS39b8LSeCSbr_AVasbF4bmhQ2fDUeldL74jh5dXI73wS0
Requested by
Host: fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame FAD0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 12:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 12:57:31 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 12A2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 08:45:42 GMT
x-content-type-options
nosniff
age
121441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:45:42 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 12A2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 19:26:22 GMT
x-content-type-options
nosniff
age
601401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 19:26:22 GMT
ts.js
cdn.retailads.net/ Frame 9AAE 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042480
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
accept-ranges
bytes
etag
"14aa-5d6188919baaa"
content-length
5290
content-type
application/javascript
ts.js
cdn.retailads.net/ Frame F383 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1597042481
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:29:43 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
accept-ranges
bytes
etag
"14aa-5d6188919baaa"
content-length
5290
content-type
application/javascript
viewability
hal900016.redintelligence.net/ Frame 9DDE 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=38067400114327204444550012082016&a=567de06e&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BEF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSmBxlh0iY5qRLtm6x_AP8P6CaAAAAAA4AeAEAg&bg=!v7ylvPjNAAbG3AOo5tw7ACkAdvg8WoEqA-9EFG68y6yph7y0z7GSC-z-qUZpNdGAigZuHoS_Xhy-dwIAAAFXUgAAAANoAQeZAyA9uvQc-llsr8LfqZuoaPvL5CXqNo5h1F90EwUy_y1hTI1bOBRFkBDzF85D-uUJQ1ZVkT5tzpZ-OdMs13GQ3Uar_0YJUs7UWf1igMKo95L4Gs7IfArgjSqDvgYFTkWaUO93cWij5_ALDI9KON0Ccsx8_sj4T_wPZOCe0fqBP_cZmSZkUl6EBryOH8h5VVt2C_Afy4x5f9OonjhIboVhdxRwYgNyCPUAoenbqYY-ESaSR4CzWOtxklyrb1A26S8g84Tw-pSJiqXRRkZ-dlp-eq0y5xacBXitBs6-WxflJWHwUju4KkzXZpFZSJIAP6MtlK7i-phQpHOAzWzr2NnGyZosz4_UPMCrPIYN-Lxl4xgQ33x158BXxQuzgo-Ko056OYH1bCMsd46kCrHWE5Qs5jzD5ET57LeF1huOXhU44V2kkKtSzyiUL2SZZDj97lgx4NnfY_w2-d6JVrO33JIg12fIz8Phkn_rFiFkNS-6v9jJAiUTJwztdLRl3wxGER8Sw3jV2vTPei8De1ZrI5G5EYFF0n2Y5FPHGkFHWzY6sz_ePgLP1fX8pkfvcFijgRP0GfWfwkXEgtm-DjRHOR6-9oWCUxbGkcY07dBEACMQ_XlARBF22h0h3FhkumqolPxiQlejUkg3oZQgyorA5aaAeclo3N0Gunq1ilBAEZ1zCn1BPJ3HAJZRlK7ZjtUxheS0ilPxjllt_qGY6ID0NRwauYbCezbbbgcRAJkzXy6k2N-VxMCmMl3uk12J5pcBeYVgzNde90ild_k8PkTNWAgv3Zj4-JugHGVwk8aPMfTnoKLwxdezNBHlG6OR_4bXetfV0256NxBTBKWrEprRQWRyD7LLbKTakbmuUpNrziNu68JpnftHge5hLrJ8q8ClGealXhk6wVUrQtF6_IX6p5UpfY2OTqu83Wu94Ncj3pzWcY3QyRuVa_t7cZLUOs4tfcwYi9KvxdcZaZZRTGeRTbYRfX80pinXyWoTadIKnDJjEq8N-Z5i-oKVoDJ1_jFLMklIynVA0a13j9inxTFMoPlQ2EEM0b6MEnV3PxfyB04oVm3NpA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DqZpw3wzS0JHWkgzRnBQR3dQTjlzY2I3OTd5aVdFTFB6M0NNUTdMNVNuUEx1bHF0NlFyQ09DajR0MnN5eTQzeHZoc3lSRk05N0lzSlFCTU5nUGNrNzhLaVhsMzJScE12WU04SkpCUkRraWpkR21rVEdxcTE2bFVIcFkxRGFNRlVZM3Q3bU9QbFcyY29GZWpQNkMzVkp6bDJHSE9uVG5yd1pVakoxZE9LcXF6dDhjWnY3T2hlZXZ3Q29DQWhaMVgxd2c2bmxHY0h5Qzg2K3p2dmJESzg1UWgvUzUybVhPWld5dlZQVHAzUTN0MjVmSVFrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 18:29:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
520419
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 1298 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL4tVcciElUH-shi06dTJU9iP3udTHc9Q7c_C0Cr1BJpzfi9rHUz_cwAXt89tOqhX8soZOOpw-rGnScKZLsCC9MZg&sig=Cg0ArKJSzMoHSBtW4CC7EAE&cid=CAASF-RoovDhv5MTZtB3AHDQUFTeyDSUvUzS&id=lidar2&mcvt=1008&p=150,315,400,1285&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1114210395&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663180182634&rpt=273&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame C123 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KZC1JRYywNrK8DyrNSYJ5B4ixfopDj-0DI63rcznmKxq6bZ7zgJK2GUroSlAIqNImJgNjYd9LuxIxUxgx94dNGMFqAlZFTxgqTzgwmuGZBGhJgsPS8A1MuTEwKxDxszt8U6IKYN2MsZL4Ek-aA-dd-dzpEKnfvqdR_FKfGXg_Gz1JNVQTerAqzp3seWwTd9s9KOxvToQ_B2VHzfUW8NTWooxwYoRTszpx5apiYhxo2iXnsOUywBXn6Rwhx0C2TqUt17moQ&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyIdlgAD6OwIEc5OAAIvYLRoM7JOAamHNZbgPA&u=%7CynfYTvPjq0YyoH%2BudgcExLx09BbXDF%2BoNBJzUswgVCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gaVExPHJg0q4eY64ONmg1faNEJQ9hJDyRKoPCCDmXtM0As2O2D-UnlOExKDK4fHRZbE103BtFtD8gBUYwj-Pk6sdzh-xt2PorDnfgS_nhG-8Ou1nG5c_KHb7DHDeuN0mpbWf00a_llTVi47c9QO63_9M4sUTGrReDzZuMwID69NEqwjKb_CGAEfe1nE1-_L_qLWjxSI2L-jgdFb6chEA6_HGoSLWTLAWZgG83roT6dJb3zuJ9BIYH-bz4lSICs8PEaaMGVuLOdMeS0S67aQXL5CFTYvznNGX7I-0Y_q2wtiroI0-uPUWmy-NtTveo405LS3ZIhvjg1FjOYQYnGbz8vNO9O_Yc8OdmLkRYnIZ2VktM5Ka_O0nxZfwkzp1yZB6AIYHMaLbCat22cG7qKj_iXRO9O7X1i4y3toiT1V04IZiFkgdCHXgj0RxOq8I9knoBA34dUPD6HeZogqeyvqfDuCYXrWUiLmOYAdNWjb41yuXV4pGT1AD9IVlnjC6GMUZPZ9Ppkh498pf6SHj2qHbLCf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdjhjlh0iY-zRD86cx_AP4N6IyAHJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAdW20uoDyAEJqQKx-O_udsWwPuACAKgDAaoEpQJP0E7qrN0F4oFk0nBSIvyZYU2rEJHu-TOToc4arujh_zWt74RsejWGt6onCYyJhlPihOO9o_83R9o5eiIXDtyav470a-KMWjh2MCFUT1RrBIIXnvGdANFdMgZSl48I9RXSHAyWlkLJWIempNWlydoHgpTKuXrkLjKHn7FjDlb2NLj09ye2DZkf3C02MFqGkScoB6G4hRHe2EqVCfF84hHe0TIR1Jfkme8veJ4dScuEFge9W0Hmj5jfW0IcP3XcEeusn2QoLTPyZgMMxxFKFJSlJRCwik-NWoh2FEyB93Bz74uy3rVFtsvv_7CzSraX-V0C6cjVEtYdKa1j7dXo6rSngR_H8baVwR1jr4h1DBI6SjlSd62Dif5u-JTDwkCu46dF6OLw1uAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hHuSouiHXcaC3PXyICBl_MVh5bw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 18:29:43 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B87 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8FU8U-GmIHEXjT9mWI60U3PX5HuisAWIhtBx73aicztFrj_0vleNKGUrzx1SxoT-qgiBjgK8kdK1XODvvsHiJSBkFtSfPF4-oqfBab8XWwi4SHOUW7vwN_HOu&sai=AMfl-YSgUXfGlBOc1dLxh8s-7o-hlBNxns22uh3Agr8lb6fiV0t2VkrO5EcjSm96_wSzkbo3ns17KGSjV7JWdUlsBBWBfEHjlGKj83QXMpveCWlixmJWFwDfeS_Wd2vz&sig=Cg0ArKJSzNg6FDSVW0XqEAE&cid=CAASJeRok-zTqePZtNZ32ODLlJm6pGmfl0-2Y5_q1B1PbLQrGmkBEZQ&id=lidar2&mcvt=1001&p=495,1250,745,1550&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1139577408&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663180182648&rpt=666&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B46 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd1tN4Ko-onOAeKcfM1Tbu4H5xbNPuyG9w9JC1Ythwz8SyX1qmEiQ626Zz7ACd2tn3v5UDVrEEfHpZMzgKJ24-ZwaZ3Mn_fyNeM1d775VS0qZQbyBj3Glw51XX&sai=AMfl-YTz7nb6dUzD5vm6r7-4FAnhmb6T9UJyazPYC2s11d10chosWvZGWfp1lN7ipLQ6eetp1EFC_oPXz2obk-dEPROqXadjTyQ2I3HGJ12OmmXzCIGmRG3fElK6PKzq&sig=Cg0ArKJSzOSkwW7W91P7EAE&cid=CAASJeRozfm_M5jtgjQAFEHc7A3J-PWL906Pw1a-Uyc38BB_8XpNq08&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2454005370&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663180182652&rpt=780&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 18:29:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900018.redintelligence.net/ Frame 12A2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=85125700116846704444554012082018&a=682c9066&vb=v
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=85125700116846704444554012082018&a=e95abf68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900016.redintelligence.net/ Frame 9DDE 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=38067400114327204444550012082016&a=567de06e&vb=v
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=38067400114327204444550012082016&a=96ff676e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 0CC3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 18:29:44 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 0CC3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
462ccc2cb6658eca56790ae89a0d7b3da16edc420d786566a32618bb72aca371

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 18:29:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61517
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Thu, 15 Sep 2022 11:35:01 GMT
khaos.jpg
token.rubiconproject.com/ Frame 0CC3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
6s11qn96528po383sqr3n8s9qnn963ro-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		422 KB
423 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/6s11qn96528po383sqr3n8s9qnn963ro-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220901/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf63b42baa22ad3192f631fb940174a876c3460d75e28f9dfaecc56527e9e368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:15:21 GMT
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
age
4467
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
431836
last-modified
Wed, 14 Sep 2022 17:08:30 GMT
server
AmazonS3
etag
"6619ecab49a2a8069a0374c7ab495012"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
SMzaEsb89rDlbr_QGI4DbPNFmnMRrwy36TwOIbcsQNGIlXmIhE3i4w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gob?google_gid=CAESEBfLpU1OedvpTtseoZfDFsY&google_cver=1&google_push=AehlK4ADViSPnOMbq_3iHEhynB6naC9oW7vqQHhPlvnPq4vCZQ0ZViEzcF3lDCl6F_J9cOYaHmvaqO2r195eQmkw75nFsE1KDRomIw

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet function| myConfirm function| myFunction object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData number| __mobxInstanceCount undefined| __mobxGlobals object| headertag object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_926728 object| closure_lm_519494 object| GoogleGcLKhOms

50 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: 7gikjnhbo0dkjnjj6phlnregul
simcast.com/ Name: uidinfer
Value: 28491651
simcast.com/ Name: _uc_referrer
Value: http://showtimeanytime.xyz/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
embed.sendtonews.com/ Name: AWSALBCORS
Value: FBhHYTGP4qf2U/QJGfVciWLjV/KvL84TB13lfjDUrAPBwIP+xGriX87b07HxRcVbZZjqmFPc03xgQqyZzChYHWVQfueqiKsxYT5nA/vt+cOf5imTl3axHUYhdeqg
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: _ga
Value: GA1.2.1369281649.1663180180
.simcast.com/ Name: _gid
Value: GA1.2.956581886.1663180180
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1663180180_1663180180
.doubleclick.net/ Name: IDE
Value: AHWqTUmLudx_rDM01Z3nAnfS3UA1CtxgyHBrYsJYvEyPHEbyOyOSyO9Gv_h1kgiGsMI
.simcast.com/ Name: __gads
Value: ID=d0236eb9898f85af:T=1663180180:S=ALNI_MbJqOq492-G1U-blyOBiihqsWlUMw
.casalemedia.com/ Name: CMPS
Value: 1114
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVMlSw=e!]tbPl1M>e)ZlrFUfJ+tGXxp.KIh`+_c]GeFuT3i`uf9S^FxK@X^Vvo-EhDt*bpRz*qF1`*b^R%)awem
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-92a08bbf-b016-4c22-90b6-b1c60c7b2f1a-003%22%7D
.adnxs.com/ Name: uuid2
Value: 5226032387355260446
.casalemedia.com/ Name: CMID
Value: YyIdltQ1NKQf-E9LqTTmsgAA
.casalemedia.com/ Name: CMPRO
Value: 5150
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&57e7036d-3a09-4da3-8be8-3dfb75e3e828"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjMxODAxODI7MjswMjE9XgDX74lKHT62o8wEwfo2SKc3JNSfHbX2z8jAEFNMRg==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2385:u=1:x=1:i=1663180182:t=1663266582:v=2:sig=AQG08guOnIjwPqbkG6YlrjyijtM2wSpy"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-92a08bbf-b016-4c22-90b6-b1c60c7b2f1a-003%22%7D
.3lift.com/ Name: tluid
Value: 3839311349046406435169
.casalemedia.com/ Name: CMTS
Value: 1192
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: ead85a56-b0c6-448d-ada7-55a90a82a353
.bidswitch.net/ Name: c
Value: 1663180183
.bidswitch.net/ Name: tuuid_lu
Value: 1663180183
.adform.net/ Name: uid
Value: 1014980061049515413
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 7b9f039bc842ab25
.retailads.net/ Name: ppb2172
Value: 1597042481
ads.avct.cloud/ Name: uuid
Value: e8d2dbf7-5b8f-4781-9822-1a65a768295f
.awin1.com/ Name: AWSESS
Value: 429086:2519595
.awin1.com/ Name: awpv14098
Value: 296283|1663180183|33d52b70-345b-11ed-a5a1-2235383f8385
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=28467061_4307561_345597451_170181290_SOHO0301A20220909&ref=28467061_4307561_345597451_170181290_SOHO0301A20220909
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A87A1FF6-61D5-4296-8293-A23528957E8E%22%7D
.simpli.fi/ Name: suid
Value: 81591491B9C3487487EF3BD29543232F
pb.media01.eu/ Name: DTU
Value: 4101E7F2EAA3014DC4454584A3DFA5C2
.uuidksinc.net/ Name: jcsuuid
Value: sburxYgQEl6zzXSl5eht
.futalis.de/ Name: raSIDb
Value: 1597042481
.yahoo.com/ Name: A3
Value: d=AQABBJcdImMCEIl_VU8ZWzUQ9OnQIHG421sFEgEBAQFvI2MsYwAAAAAA_eMAAA&S=AQAAAmZmv-M-C8cnpjPAy8zGBdU
.mathtag.com/ Name: uuid
Value: 7e426322-1d97-4400-966f-64a7d806daae
.mathtag.com/ Name: mt_mop
Value: 4:1663180183
.c.appier.net/ Name: _gu
Value: CAESEIDVhzb8T3VwjaaEjy9T2ls
.c.appier.net/ Name: _auid
Value: s9VEWUWuClesMDNjlx0iYw
.tribalfusion.com/ Name: ANON_ID
Value: aPnseFwZcF1eoXarpfrg3DZc2IPLweZb8tYaxTGJZcNWLTQfZbw1r34IEsZbbi1p0yopYxIPLZb3XRPLPN9jpeuTqTG
.go.sonobi.com/ Name: HAPLB8S
Value: s85134|YyIdi
.simcast.com/ Name: cto_bundle
Value: OM8WAV9SRk03ZlRNajdTbDljREZhYmpwWXJHZiUyRmJGQVp3N1lCa1U0d0ZwRXhDV0hhMWZlWWdFbUNlbDJPaEZNQ255RGRCSXBsbSUyRjN6U29GcDlPUiUyQmU5UFZ3TWQ2anpVS3JhQUhwSnRIcGJmVCUyRm5ERyUyQkloOHVCRU9QSCUyQlYxQjE1RGV0UQ
.simcast.com/ Name: cto_bidid
Value: Djyj518zRzlwcHVlRjVEVnJySWhIaWM5QU1UM2dsOFFtWEp1UzlwOHd4UmFud0RrSHBxMjVBdWtQVEZ3SkNtUHVEVXF2bVNVbGt4MEU5Q3VUZUwlMkYzYmtPUHZnJTNEJTNE

12 Console Messages

Source Level URL
Text
javascript error URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript error URL: https://simcast.com/?d=showtimeanytime.xyz&pcid=48&rid=112&a=0
Message:
Access to XMLHttpRequest at 'https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.teads.tv
a.tribalfusion.com
ad-server.eu
ad.360yield.com
ads.avct.cloud
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cat.nl.eu.criteo.com
cc.adingo.jp
cdn.adapex.io
cdn.resonate.com
cdn.retailads.net
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
code.jquery.com
csm.eu.criteo.net
d29xw9s9x32j3w.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
fe65f2d29891d6855439a81b8ab80e16.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900016.redintelligence.net
hal900018.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sv.rkdms.com
im.bluevoox.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel.rubiconproject.com
player.sendtonews.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
pv.medialead.de
px.ads.linkedin.com
rtb.fr.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.seedtag.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure-gl.imrworldwide.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
showtimeanytime.xyz
simcast.com
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tg.socdm.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
btlr.sharethrough.com
prebid.smilewanted.com
sync.inmobi.com
104.18.12.242
104.18.18.126
104.18.19.126
108.157.4.15
124.146.215.52
13.224.195.78
13.225.78.37
138.201.220.30
142.250.181.226
142.250.185.66
142.250.186.162
144.76.91.199
145.239.193.130
147.75.85.234
169.50.137.190
169.63.109.126
172.104.105.5
178.250.2.135
178.250.2.146
178.250.2.148
178.250.2.150
18.159.242.39
18.195.160.66
18.208.240.0
18.66.248.119
184.51.9.184
185.29.132.241
185.89.208.11
185.94.180.123
192.241.157.60
198.47.127.22
2001:4de0:ac18::1:a:3b
213.19.147.44
23.205.253.64
23.35.236.247
23.35.237.56
2406:2600:4::b
2600:3c02::f03c:92ff:fe2d:3e71
2600:9000:219c:e400:1b:5138:8a40:93a1
2600:9000:21f3:b400:1e:a43d:b640:93a1
2606:4700:4400::6812:230b
2606:4700::6810:84e5
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a01:4f8:d0a:2321::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:26f0:11a::6867:483b
2a02:fa8:8806:13::1460
2a05:d018:d29:3602:330c:6850:f997:69b7
2a06:8640:764::2
2a06:98c1:3120::3
3.121.59.219
3.209.43.118
3.220.58.99
3.65.16.214
31.220.27.134
34.107.148.139
34.120.133.55
35.156.194.7
35.158.222.62
35.170.30.54
35.190.0.66
35.227.252.103
35.244.182.124
35.71.131.137
37.157.3.28
37.252.173.38
45.79.244.12
49.12.16.151
51.89.9.253
52.198.226.249
52.28.203.152
52.45.175.185
54.229.65.185
54.76.176.197
69.166.1.10
69.173.144.138
69.173.144.139
72.52.178.23
76.223.111.18
82.113.101.132
88.198.250.30
92.123.21.200
92.123.9.160
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
049197d27fc218a1fc7185322d281d1f12d8cb637cce49e815600869e12e463a
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aedac10cb6f36176a2974f3b29a0bd8fbc032d213beea4c9052a129dd0685f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d1d6a1e3336ca7761a570a9c2c707d73a7b91b23bb9a700b7bcda35905b054d
0d2b1dccf9ea05744a27af69bafa3bef2369eb128d3474f19673a48cb25aaa72
0e9be8f5fd84522ce8d24cb4b639c9c2b76aead9a62d2445a0b9c5f1cc48ef82
0f57e47549eb768df261fedac1232a684bb8de72cfa1a6c5c72a1df6d1adadc1
0fef0ad2fb0b86b61091a352960cdcc095a28bb3f30c50a81ad732ed5c07e63d
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
11a4b7dd6aa3534c1dc9517e87d10874580c121a55b6534b2f2aa75892db69d4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1e04cc8c7f4f0ea9326b4de881d5734b2a1f8a96e9b11c11f6a24ff5997d9b18
1f965711fb55448124edce4414e7034f6341376235ca3a086e675265b045047b
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
27a011e8d01e751751a22b7448ebb7d388f0a17da676d80e28cb7080404a4024
2be635b0732bc0561a39548cbce3b7653498926eb2098918544e5eec58e5191c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
2feeb2d6402c80025a59f50d6d52d672c8420897f98cd6285a51020e8200ace2
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
352d949608375f1c60e6a20a3cc56c3a9d54ac7bf62b47a111ff4d8c3f29434f
3558e3cc131aa7208dd2fc7053d9642ccd34ebdafc25259d00254837b41230a6
36af9a460dee61278d9036913a7dbdeb3ac88b12eec58557484f5079eface2fe
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
39a4fdaa01d9b4d4d11148e1815e6d782af86fa0db3293f7acbca297fdcf9f32
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3dd21c2835f2244f8a46826f92cb40532cfffdb635521ef0d477977ce01915ef
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
427f8dac0a822f895050838b1f2c4b3d76f41267ec9874241ee16ad1e3330725
42ac6f8f9f0befc1ec30d2ae684e51fb2066f2ae78a1ea9a567e00677663beb5
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462ccc2cb6658eca56790ae89a0d7b3da16edc420d786566a32618bb72aca371
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4cd41e12c07e431794e5922d4875363fd9b87b8800f6f8549933741cf47cbc79
4d3f9e5a6d44c141d03ecae6ab071a918587e220a4d7158e0f2aedb97e85a847
4deac0b719cf1566038749d807a98b1bb07719b8a68411adef0ca04a5f5a10fc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55468abd6c7a0abe7622605b79ebe6258bf47a4ebf0a19077a0fff6f904e47cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56af1f4a12360b58bbe7747ac0d9f6b4114d875434fd2970d744b09f3cdc2084
573e9123ff29812331a29fbe4f233ef0466a2dc53fbe3e4232c2a1a73381fa35
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
585051b0131f8ffd63ef1f9bb09c548d5af38bb7188eb29b2f7c5aac4b271972
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
593bcdb75cb3422d7dd1c79e63f0873dd811bd1d32674f5f48761f49ecfef517
601355040d9e7825c1c8318a75936be30c28a284e4052d4130009a30c470b41e
61ade81bfb09c4c2b2f227c2f4ef8b79cef17753b827ac521a79eb711df2e1bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625e16893b9fa85b2cb666eb1ec4d07d22a5d1fdffcbcddbcde69b5e65013f65
6402f5d61afb2894b206c00c0b38edfa9004a28198085b2120e48d3809e8e541
64625cc5086b2a853d308fe6d35bafb3880ab94444999796186738c1af08a70d
6542fecd3eeb8b5bee1788b22bb4080c6467e29885c79c5089ffe6a649723ef7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
69aeb5d2ad469592eaaaa3378816e4269fd9f94e6ee73cef2487bbafdc573f3b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c05cca26bfda7ff320575fd698145fe73b18170ea4f1add0cd3d0c90648564e
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
71c45236858e7d8a0a34f5f23087ea21463fe2cb9335ceca85b940924a688343
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75dab9fc4ca543c015b90760248f541c81edf1c7088e925255e9ceb1b88e0dde
78aea9fc5937c002b77ec3f4d853241dd528a7275b0efca724d2f24ef79c1073
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7f1d279703b902aee3682bf47afc04d7d9a4417e08a137638cd8dcce1141c450
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
8009dd31e8be0aa66ae6f6d35f6e43d2264c9b744c7e663531d045f0329446bd
80cedb5e5fa85548eaf3a95451e57186182aa440e5e8aa2f38c204d8b38f663c
811c37bd6c2a528afd481463479de8aa9127382a17c35baf9bf3c373eeae18c7
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
839c23220a304e823b1f70b1150ad479982e9d3ca99d2a32b1375b4bbd506965
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8827dc6e85e78d6e711fe152b384c9631edfe8a9a9237a74a885790114c47ec4
89ab4d21e450c120a1bb6ce5ae1f5fff56e343f9eca4416dc55a2571dbf32429
89afd70b0877fa1840b47f11d078075929be719148e0d951ca3935897d913c40
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c1972edd197114c7f9580a4299deb5ca08e7bbdd1c9d0b20c294ab1e3f2e405
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94513ad72124cecf25256240a8cfc2a26b6012b25f85f8b0ae0200e890872370
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
998d48f18a77ff3dbe552d9adf388e8550ffa09144f7a0223b17cf500adcf891
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9e167218392be2c6bcda77f886486537ff3f18e4310320f1898ba80aebad68a4
9f2cc3ff20e2648c6c37c5415b26523088b570fe657b6d94c709e38016e68d8b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20eb00f564b6a0e768b0f11fe1a9d3ca684e04a98d81084d95bfd84b1bffa33
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a90a2ceab646e68b17c46d39b7c701eb9159455c8d43b6db1c8d9aede8bad92e
aa3fecd03a37a2de22e60482c695bdbb64764672e00fa60ff671e15818dcc6d0
aa75e5d3e2910fda312ceee7887ae7cf68917ba190ed1492900c842e7a33a9f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3364373fbce1a7ec71aef282974dcdcaf47410406b55c51fabd22b520c757e4
b4d24054f67792c0220cbad83cd724a710be9634c6ac682041f0eef05071fae1
b58d4e0fa5987705daf70dcfd28f76fb037b8d3faddc472adff5b8d69462bc21
b77a18563230d12a83ff7001225223ebda943111ceab0b077b92cc95f2aa280d
b8ec62489d020c68582784b7b8f9ab4e55ea0b6f00231532043901b667bfb06f
b999a372dbca12d14f1b5e3eff1acfbc92480803c5007afea2084cfda4e5241d
ba40686b290ed1bffe6b58eaf41654766949a6ffecd06c530d692d3497d9a893
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bdb0c5af494608d8de1b5aa94269b35043fe58d21257600c13a5e168707fb829
bf63b42baa22ad3192f631fb940174a876c3460d75e28f9dfaecc56527e9e368
bf6ef9f2ec28cdef4f1e3b49e7c0b2a6f05c027fed9f2d685dc7815a2a76c355
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c41fa2cdafe9c7021105c32feb68705ba4e7fa1f7f86465a154e958d8330cdd9
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c71c82f743bff8c4828f3c33441cfcf562de9ff0990eb4a6d88dd3f197f48b7b
c9e46e4d525aaaac2f0d8e1ad054ca27712e468d332c9cff9f3c9555836a3d16
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cd825f01e9ffd40877426518900f75d413e7a7437818057740db2655786ce060
cd96820f43b482b6bfd5183a906932bb491fcf0b6f6001f21c8676079f1acfbb
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
ceb21974501bf860c296f85479a07d2bdddc64898224009aaf6cca2777caa29e
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1531e00dd4be7c74bf3dab550df7e4b4e609a3dc3874504d440aecab88f1826
d208159fe6aa901098f3be0a3d9b7ec935668db65e428a98bf4ec1ea8acf5b33
d24f88dfeb7302b208ca259be0300179a72b653cf311dea473aec17e7275528f
d33a8782a0ffd197f8fe1c40875463abb90c32c1332ee2a5e212f8d3964c6ad7
d44f0cd209f99548e010bf5f3367d1891f7bc470ba37c00fc20b374fc5be20d3
d4e6b339dca6de9e6fe7acd7002cce86108a86991025beb91074c239fd760e46
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423
d8c9ad8ce2ed3e36ccea9df334c0cc101b41ead25643618bc5eeb55162b74d4c
d92b4998f15318aaf68ed549a08809c0d9c34446b89c4cd5244810595c6d99cd
d97ef5e328d375d59ef39891ef9e38ff4970dd6208327379d78b29e908f7442c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db6c8e8136cb77c1ad59f91138903eb80434e370e7fdd220cd4643c29ca4d1be
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
dcbf0209deec6e1f0d3a78fcd42477fb572d9e871056b9284158f484022d80e6
dd82355ae973a198efe0786bf270cff40efb910f13c56a59f0d0d09fe510fa72
ddaeff2b388c7c77474661b3ddd73cc8f565999ed7efa4d59d048b6710c376bc
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df46a128db59e0f72e9b091802ca76e2003cd2f8d5ae6b1792097cd1d6557eae
df8a117309d30c94effb77c809817e39147f8b8563c3c86a0bf5f3852dd5ae64
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e0d2c313fe636e649c16ff0141b6d93cdc6a5a4910f5b69ee3a6573464170ce7
e1db083eddf085c8479631c8066495a5c3509438ec5c52c976617d5326c109a4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e717e004aa333566f59c9089d1047a981519a2e3075ff5f4e1da29744f4eaf1b
ea2d6bff0f4e1f09cc0378657cf8020bf9ed62065a3e3026c5fd09061e2f16e2
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39ac4b29138f639c9597720d98da097eff57c120701204214289ed701ab4abf
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f79b9ad88f43b6ea275a24355de1142c946887c4fa122e284f44c36263a3e1b4
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f953b632ed634537bf9a8c7235022a76cea7f42640c7722afbf8e0178fa25da1
fb338ff0e29fecec29a0917a3eb963c3d96ffacc7aaef63d031a0bd9962c5677
fcb9221a7839e3f60933c82a85d522bb1958797a5b055d3d2c3891679aedc3ce
fdfe744f2ecd950b8c0f60a17475a4f8ec42a84ec16102ea7d450e07fe1dc62a
ff7a0c80c6fdc66b275985d0d19039db3b8150e2276591d6030477a3dc29df32
ffedbe37a50f57795b7c54ad86db173ef232838e9e222e894a74281fa5327e79