urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://leaxusfinancial.com/
Effective URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Submission: On November 26 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 12 countries across 84 domains to perform 368 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 196359.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2022. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.179.174 32244 (LIQUIDWEB)
9 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 108.138.17.31 16509 (AMAZON-02)
21 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 23.55.125.54 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 104.18.36.94 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
13 18.66.97.101 16509 (AMAZON-02)
7 52.205.40.19 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.162.152.214 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 35.71.131.137 16509 (AMAZON-02)
1 3 108.138.4.10 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 18.156.195.47 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 147.75.85.234 54825 (PACKET)
1 3.125.152.115 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 104.18.33.19 13335 (CLOUDFLAR...)
2 5 51.75.86.98 16276 (OVH)
1 54.76.134.229 16509 (AMAZON-02)
3 6 37.252.171.84 29990 (ASN-APPNEX)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 34.149.50.64 15169 (GOOGLE)
8 52.29.96.46 16509 (AMAZON-02)
1 2a0c:5c81:514... 55081 (24SHELLS)
4 34.233.109.239 14618 (AMAZON-AES)
1 18.66.147.24 16509 (AMAZON-02)
1 104.18.12.242 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 104.115.97.56 16625 (AKAMAI-AS)
1 13.32.106.197 16509 (AMAZON-02)
1 3.121.4.183 16509 (AMAZON-02)
1 52.29.25.216 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.94.180.124 35220 (SPOTX-AMS)
1 184.31.143.212 16625 (AKAMAI-AS)
16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.72 16509 (AMAZON-02)
1 2600:1901:0:8... 15169 (GOOGLE)
4 141.95.98.64 16276 (OVH)
1 54.156.207.182 14618 (AMAZON-AES)
2 52.19.187.82 16509 (AMAZON-02)
1 141.95.33.111 16276 (OVH)
1 35.167.189.6 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2406:2600:4::1 55569 (CRITEO-AS...)
1 18.66.97.8 16509 (AMAZON-02)
1 18.189.199.42 16509 (AMAZON-02)
3 108.128.117.113 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
7 30 142.250.74.194 15169 (GOOGLE)
3 6 185.80.39.216 27381 (CASALE-MEDIA)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 54.85.209.208 14618 (AMAZON-AES)
2 2 216.52.2.48 32475 (SINGLEHOP...)
2 2 13.248.245.213 16509 (AMAZON-02)
2 35.74.45.237 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 66.155.71.25 13768 (COGECO-PEER1)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
3 3 35.157.180.193 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
3 3 172.64.154.237 13335 (CLOUDFLAR...)
3 5 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 172.105.235.90 63949 (LINODE-AP...)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 52.45.175.185 14618 (AMAZON-AES)
20 108.138.7.20 16509 (AMAZON-02)
9 11 142.250.185.198 15169 (GOOGLE)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a02:2638::c 44788 (ASN-CRITE...)
1 2a02:2638:1::17 44788 (ASN-CRITE...)
1 2 18.203.7.223 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 52.55.14.74 14618 (AMAZON-AES)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 31.220.27.134 39572 (ADVANCEDH...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:223... 16509 (AMAZON-02)
8 8 84.200.5.215 44066 (DE-FIRSTC...)
4 46.4.41.145 24940 (HETZNER-AS)
2 2 104.66.62.204 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 184.50.46.23 16625 (AKAMAI-AS)
1 62.149.1.122 15497 (COLOCALL ...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 3 54.171.40.8 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
368 105
2    72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
leaxusfinancial.com
9    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
17    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:92ff:fe2d:3e71 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    108.138.17.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-31.fra56.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
21    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    23.55.125.54 (Irving, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-125-54.deploy.static.akamaitechnologies.com
a.teads.tv
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2490:7400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
13    18.66.97.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-101.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
7    52.205.40.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-40-19.compute-1.amazonaws.com
s2l.sendtonews.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    54.162.152.214 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-152-214.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:236e:d600:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
24    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    3.125.152.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-152-115.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
5    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    54.76.134.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-134-229.eu-west-1.compute.amazonaws.com
ad.360yield.com
6    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
8    52.29.96.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
4    34.233.109.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-109-239.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-24.fra60.r.cloudfront.net
player.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    104.115.97.56 (Irving, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-115-97-56.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
1    13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    3.121.4.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-4-183.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    52.29.25.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-25-216.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    184.31.143.212 (Irving, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-143-212.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
16    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
1    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    54.156.207.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-207-182.compute-1.amazonaws.com
idx.liadm.com
2    52.19.187.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
1    35.167.189.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-189-6.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
10    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    18.189.199.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-199-42.us-east-2.compute.amazonaws.com
prod.uidapi.com
3    108.128.117.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-117-113.eu-west-1.compute.amazonaws.com
trc.audiencemanager.de
anz.audiencemanager.de
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
30    142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
6    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    54.85.209.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-209-208.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    35.74.45.237 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-45-237.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    35.157.180.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1889-90.members.linode.com
a.c.appier.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
20    108.138.7.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-20.fra56.r.cloudfront.net
cdn.audiencemanager.de
11    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2600:9000:223c:be00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    18.203.7.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-7-223.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.55.14.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-74.compute-1.amazonaws.com
fksnk.com
1    2a05:d018:d29:3605:2256:d6d3:539d:24e0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
4    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    2600:9000:223f:e000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
4    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.o2online.de
partner.blau.de
2    104.66.62.204 (Irving, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-66-62-204.deploy.static.akamaitechnologies.com
www.awin1.com
2    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
9    2600:1f18:1aca:4280:b143:d45e:4e79:c71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    184.50.46.23 (Irving, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-46-23.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
3    54.171.40.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-40-8.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
ad.doubleclick.net — Cisco Umbrella Rank: 197
205 KB
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
317 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 16914
ad4m.at — Cisco Umbrella Rank: 5765
assets.ad4m.at — Cisco Umbrella Rank: 24714
766 KB
25 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1191
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
2 KB
23 audiencemanager.de
trc.audiencemanager.de — Cisco Umbrella Rank: 41643
cdn.audiencemanager.de — Cisco Umbrella Rank: 51146
anz.audiencemanager.de — Cisco Umbrella Rank: 40627
258 KB
21 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 361
180 KB
16 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 22315
embedcdn.sendtonews.com — Cisco Umbrella Rank: 25643
s2l.sendtonews.com — Cisco Umbrella Rank: 23754
timber.sendtonews.com — Cisco Umbrella Rank: 24683
player.sendtonews.com — Cisco Umbrella Rank: 26569
194 KB
15 cloudfront.net
d15kdpgjg3unno.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d3div1mtym39ic.cloudfront.net
1 MB
14 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 802
static.adsafeprotected.com — Cisco Umbrella Rank: 674
dt.adsafeprotected.com — Cisco Umbrella Rank: 601
98 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
pix.eu.criteo.net — Cisco Umbrella Rank: 4492
csm.eu.criteo.net — Cisco Umbrella Rank: 4579
97 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 689
as-sec.casalemedia.com — Cisco Umbrella Rank: 2313
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
dsum.casalemedia.com — Cisco Umbrella Rank: 2031
9 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 814
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 7412
ads.eu.criteo.com — Cisco Umbrella Rank: 4506
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 5718
gum.criteo.com — Cisco Umbrella Rank: 434
mug.criteo.com — Cisco Umbrella Rank: 1897
61 KB
9 simcast.com
simcast.com — Cisco Umbrella Rank: 196359
102 KB
8 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1461
1 KB
7 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 2495
ib.adnxs.com — Cisco Umbrella Rank: 276
6 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
2 KB
5 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3936
1 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 554
cdn.id5-sync.com — Cisco Umbrella Rank: 1318
20 KB
5 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1272
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
eus.rubiconproject.com — Cisco Umbrella Rank: 735
token.rubiconproject.com — Cisco Umbrella Rank: 732
12 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 983
1 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 300
cloudflare.com — Cisco Umbrella Rank: 144
30 KB
4 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 54048
1 KB
4 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 55343
881 B
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 63732
static-de.ad4mat.net — Cisco Umbrella Rank: 88290
8 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
190 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1363
x.bidswitch.net — Cisco Umbrella Rank: 381
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 410
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 704
4 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
imasdk.googleapis.com — Cisco Umbrella Rank: 492
347 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1468
at.teads.tv — Cisco Umbrella Rank: 5031
sync.teads.tv — Cisco Umbrella Rank: 1439
4 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 690
1 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1951
tags.crwdcntrl.net — Cisco Umbrella Rank: 1438
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1200
10 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 806
eb2.3lift.com — Cisco Umbrella Rank: 472
1 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
1 KB
2 conrad.de
www.conrad.de — Cisco Umbrella Rank: 46156
909 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 10033
1 KB
2 blau.de
partner.blau.de — Cisco Umbrella Rank: 68212
2 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 56705
3 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1886
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2702
184 B
2 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3863
87 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1021
1 KB
2 gstatic.com
fonts.gstatic.com
143 KB
2 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5714
sync.adtelligent.com — Cisco Umbrella Rank: 5072
2 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
56 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
2 leaxusfinancial.com
leaxusfinancial.com
3 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 585
304 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10972
287 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 7707
615 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 563
826 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2236
752 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 16400
519 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 20620
557 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7543
233 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 926
191 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1814
746 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 29887
644 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3379
3 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3158
904 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1370
398 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3573
309 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 3151
292 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 192
266 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1978
17 KB
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 606
1 KB
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 622
112 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 13150
96 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 5346
402 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1747
1 KB
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 642
165 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3343
145 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1193
166 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
386 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1086
356 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 6208
163 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
693 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 888
13 KB
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 20949
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
43 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 521567
278 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 32953
151 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 839
30 KB
0 smilewanted.com Failed
prebid.smilewanted.com Failed
368 84
Domain Requested by
30 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
24 c2shb.pubgw.yahoo.com cdn.adapex.io
21 img-s-msn-com.akamaized.net simcast.com
20 cdn.audiencemanager.de trc.audiencemanager.de
cdn.audiencemanager.de
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
17 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
www.googletagservices.com
16 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 d29xw9s9x32j3w.cloudfront.net simcast.com
embed.sendtonews.com
12 assets.ad4m.at as.ad4m.at
10 ad.doubleclick.net 9 redirects 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
10 static.criteo.net securepubads.g.doubleclick.net
cdn.adapex.io
ads.eu.criteo.com
static.criteo.net
9 dt.adsafeprotected.com
9 simcast.com leaxusfinancial.com
simcast.com
code.jquery.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 btlr.sharethrough.com cdn.adapex.io
7 s2l.sendtonews.com embed.sendtonews.com
7 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
leaxusfinancial.com
6 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
6 ib.adnxs.com 3 redirects cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
googleads.g.doubleclick.net
5 an.yandex.ru 3 redirects 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
5 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 onetag-sys.com 2 redirects cdn.adapex.io
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 www.googletagservices.com 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
4 id5-sync.com cdn.adapex.io
cdn.id5-sync.com
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
4 www.google.com tpc.googlesyndication.com
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
4 timber.sendtonews.com embed.sendtonews.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
leaxusfinancial.com
4 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
3 match.prod.bidr.io 2 redirects
3 static.adsafeprotected.com pixel.adsafeprotected.com
cdn.audiencemanager.de
3 x.bidswitch.net 3 redirects
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
3 embed.sendtonews.com 1 redirects leaxusfinancial.com
embed.sendtonews.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 mug.criteo.com
2 www.conrad.de as.ad4m.at
2 www.awin1.com 2 redirects
2 partner.blau.de as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 static-de.ad4mat.net as.ad4m.at
2 pixel.adsafeprotected.com 1 redirects cdn.audiencemanager.de
2 anz.audiencemanager.de 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
leaxusfinancial.com
2 sync.teads.tv 1 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 tr.blismedia.com 1 redirects 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
2 cc.adingo.jp 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 prod-rtb.ad4mat.net leaxusfinancial.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 s0.2mdn.net imasdk.googleapis.com
cdn.audiencemanager.de
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 fonts.googleapis.com embed.sendtonews.com
2 leaxusfinancial.com leaxusfinancial.com
1 token.rubiconproject.com eus.rubiconproject.com
1 dsum.casalemedia.com 1 redirects
1 us-u.openx.net
1 sync.adtelligent.com
1 s.uuidksinc.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 fksnk.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 csm.eu.criteo.net ads.eu.criteo.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 im.bluevoox.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 a.c.appier.net 1 redirects
1 dsp.adkernel.com 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
1 sync.inmobi.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ads.eu.criteo.com 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com leaxusfinancial.com
1 trc.audiencemanager.de 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 lb.eu-1-id5-sync.com cdn.adapex.io
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 lexicon.33across.com cdn.adapex.io
1 sb.scorecardresearch.com simcast.com
1 secure.cdn.fastclick.net leaxusfinancial.com
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 at.teads.tv a.teads.tv
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 ghb.adtelligent.com cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 prebid.media.net cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 bidder.criteo.com cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 d3div1mtym39ic.cloudfront.net simcast.com
1 match.adsrvr.org js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
cdn.adapex.io
1 id.sv.rkdms.com js-sec.indexww.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 d15kdpgjg3unno.cloudfront.net embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 embedcdn.sendtonews.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 prebid.smilewanted.com Failed cdn.adapex.io
368 131

This site contains no links.

Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-10-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2022-11-21 -
2023-12-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
securedvisit.com
Amazon		 2022-10-29 -
2023-11-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.audiencemanager.de
Go Daddy Secure Certificate Authority - G2		 2022-08-14 -
2023-09-15		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-10-15 -
2023-01-13		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh

This page contains 30 frames:

Primary Page: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Frame ID: 937127CA0B608161C145DC76B0192F9D
Requests: 158 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: B9A1D0DB2DE0B947A251EAEA762CE56E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1669461613&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669461613515&bpp=3&bdt=1530&idt=203&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4240417519255&frm=20&pv=2&ga_vid=1759178039.1669461614&ga_sid=1669461614&ga_hid=792846842&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44778844%2C42531705%2C44773613%2C21066432&oid=2&pvsid=2744135196372194&tmod=730899535&uas=0&nvt=1&ref=http%3A%2F%2Fleaxusfinancial.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226
Frame ID: EEC1AA401B6F3BF24A8819DC93852FCC
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: AD5919806639EF10CB1FFD0DA4A8C75B
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: 0F1DF61D553D3099EFC9E06A3841243F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5EB280AC8701516E69452C0C42FE0D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDF8A5758B6C8297FA705E7DA70C3BCD
Requests: 2 HTTP requests in this frame

Frame: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 967DCF8E55380F5CC2133A0B900027D7
Requests: 1 HTTP requests in this frame

Frame: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02283990A34DA2FEC28603CFA432A083
Requests: 13 HTTP requests in this frame

Frame: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F05F5201238D5C7C91524BEC9A207A2
Requests: 9 HTTP requests in this frame

Frame: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B7540363D1010CB6AED3584DD475444
Requests: 10 HTTP requests in this frame

Frame: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B35B931A925E946641071818F141E868
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBiLwY_YATAB&v=APEucNWYQBf-mar7zjaEqr-3plIzkxjnIeNnf4wMXVKymDVPl_VsM-rN4NivyGoWIOy_LlQeCjOMDBLk2FEPL9RIY12VjrkPkLDrb6QYhrjn8yc9IzvbOkeRSG-BkkTr0F2RP_GBN6o02wXGM8zePpz2hSSmUZtoppAFc6SPx5IkRaxfCLrFmZGfGJYLJHeCvDqp0lw0ey-PEt-nFTovbKwVlncjoWe-FA
Frame ID: 01112831B2FAAB3EDB1B06FBABCF3793
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 6C4823ADAAC255BB9460AF7CD6C6B8AA
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38744F1C95F5A1FF14E549B7FA45E5B9
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hyqdy79n7jyv12ks8hhjbw7cdj60ts5whqgg9p09dzqf5pn9hvxa740yct3thfrmscmbt6tb3s3t3f4jvddvn821tnte73xght4e91wqss113w7d8yrwqm7bm4s4r1f0hjsg33fr8g6snj7cb18kvkrjfe8tnm7ae5a33sd3z2vbben57ymqhpfhbjkj4jx55av8chnb654ejb4cx3mkdzn7j985nds45rrkheqrykd23jnfv26qra6zk4bnadkhfp8y4fzxpk4p2b4tcqmta6mrvf44e1at1d1xc77yqbxhan2a28yq1benjgksy3bm4hkae7k254pw1sr9pexj8ajh1zj8pxhv5fxh1mv4cy08hgvxfne150kqz7tpc1bs01rgcrvmsg95p6gepdnyk4p30hkf2jy2rwtpx6kxs2nycs0vqbft&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 5A7A0A733DE5651EE666E464DD00A48A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8294514E89B028E5A285290A16D2B1F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h8zf77bntq3y3w65g04bf6k347dm0t1hh2a4t4km72af2wf46afjcgt89qrf3sxtmebcwf0zjhngg8rrw3mv62rmadphpq8hkx4sdkz35mvmtd8yw5n4r71ehveedhgff5q2f0pswytszhkgkvhpcqza4mp5h4fcvtw7v316vyc75ta71d8chsa31hvh8a2shm7stc75vyf589z50enqxgt4hrm7x1yk7kd19mrx9k36c3zkj00ss5kmn3sdwk2vhxzg57en3j4getkegmwetq5h4rww7tmfbh3354tmavxdprcz6k758c59s23wn27g7re75q75vb9wv0j96ghbb427wr59pgaj64zxkywaw80w8g8802mypgk33w5tcypys94en5faahtksped66w85ryszfb0qf80ds87ff1d3tbwwzbtc7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: AE06E31BCEB8ACEEA86AF8508E793F01
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 709EFFB99B112BE224ED7F3FDE3235C9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D8DDD5DAC0E448E88A9F6EF924B888D8
Requests: 3 HTTP requests in this frame

Frame: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Frame ID: 0230945E8211EA267DFA827F84FBE3D6
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BF60A06A619A4CC2447902205A1EC6B9
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F214823697BF66BFE8F8368DB2F4DBF6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 259CA059BD30BCF1F1D026BFE32DB4CE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Frame ID: 75BE0C7DF4A592DCE9DE9C1306BF36EA
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Frame ID: DC2F42E1A1E9270F6B1CCCFEB92E8530
Requests: 11 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8DF1A9959267D3BC20E5A8DB3B1E5679
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com
Frame ID: 0E3317B143CED968645D4FCBE86E507C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simcast.com
Frame ID: 3323FC4A3866F22107E5FA0AC62F3901
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 55794003530CCAE1E159CA70C5E32F9F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://leaxusfinancial.com/ Page URL
  2. http://leaxusfinancial.com/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlrckEUjU8mCtwxbmGBINuxbN8T2Z8ZrELtP... Page URL
  3. https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

368
Requests

86 %
HTTPS

39 %
IPv6

84
Domains

131
Subdomains

105
IPs

12
Countries

4625 kB
Transfer

9828 kB
Size

69
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leaxusfinancial.com/ Page URL
  2. http://leaxusfinancial.com/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlrckEUjU8mCtwxbmGBINuxbN8T2Z8ZrELtPhIJOW30LHRdDVCDn2Kc3K%2F1AQjkWNJfcIFs3XelToNtx7lywInDaBaguEgcKGDWhc7eb7vK7PrGGay0T5rp2OETFqe9A%2FerOPBYcxXy63wyCgLo%2BXM1kEXH82SmSX9ThSJAwZU%2FV6xtJFxg78MDMm9ydj3iv9Sutrb%2BUMxw%2BMHxi3aSrvZcXPdH7OvulZpClAAfinUKOqXxvrpTaVtkNKtw9tJE3LvjFfNYoXbRjRxj7UlzXqyWU8%2BNF71SmEcYXHwrOlgGVozLinmEndenmArPQ%2BauTVgFjban3Fok1%2BzmYIlbJjrrqbKuXhwRp5oGMJf8kWo3Uxl1UJqvery3wQ5wegpGNdjiWTA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/20221123/embed.js
Request Chain 70
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1&C=1
Request Chain 227
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4H2cEsonu6kfQlj8XmERAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1GDSQHfZEikd1f4jk39XA&google_cver=1
Request Chain 229
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEyNzA4MDQzMTExMzI1MzQ5Ng%3D%3D
Request Chain 231
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHaJGWEuqlxXSbLIbIpFDZQ&google_cver=1&google_push=ASkJ3FbWyAJwzbOR9ywO4pbGEcP7JsJ6caho2fZbcVJbQA5I_x6cwaj16nuVKfo-CRbym-BD_Vl3jczinK-VIqx1SxpaXhN154RBMUr0OwJb88rHlStSHu5dPyFV0I6pMcNa23dgJxUoIaL5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbWyAJwzbOR9ywO4pbGEcP7JsJ6caho2fZbcVJbQA5I_x6cwaj16nuVKfo-CRbym-BD_Vl3jczinK-VIqx1SxpaXhN154RBMUr0OwJb88rHlStSHu5dPyFV0I6pMcNa23dgJxUoIaL5&google_hm=bg-xqFX6SDyWCH3RIqT5rIU
Request Chain 232
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJC67_130eSRF8YWT-FGYMA&google_cver=1&google_push=ASkJ3FZjnyzuKib3PNOXqOo26lM_m5FO_ZgXhEt5vbi7mNGHJP4C6wsMvdqAAg4_D6tmxu7aEguXV3Bul0-BUBFx3cKafQ4NcJUMDYPg1fu9TKdL0TSEpefhA2a6ozpDiHiRLAKvVOCX4cc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=n4uNxImNQPpquIOsmt_TnNly14U&google_push=ASkJ3FZjnyzuKib3PNOXqOo26lM_m5FO_ZgXhEt5vbi7mNGHJP4C6wsMvdqAAg4_D6tmxu7aEguXV3Bul0-BUBFx3cKafQ4NcJUMDYPg1fu9TKdL0TSEpefhA2a6ozpDiHiRLAKvVOCX4cc
Request Chain 233
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE9FMhLKq4KZtyrh8nQ3j2c&google_cver=1&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9uJCYF8pTnWTu1eF597X3SBf7oaOK9YFGlUvubDBXCecYSwk-gxLoJc HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE9FMhLKq4KZtyrh8nQ3j2c&google_cver=1&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9uJCYF8pTnWTu1eF597X3SBf7oaOK9YFGlUvubDBXCecYSwk-gxLoJc&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9uJCYF8pTnWTu1eF597X3SBf7oaOK9YFGlUvubDBXCecYSwk-gxLoJc&google_hm=FtyotGZHrItODIs2QKO1ecQV
Request Chain 234
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELrmBZQwHnhctQV8rNcQI3M&google_cver=1&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6gohAjO2is3ZxpUzYJTjVPaMtmvX6XbCpDpWj2-3dSHoC9dtbs HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6gohAjO2is3ZxpUzYJTjVPaMtmvX6XbCpDpWj2-3dSHoC9dtbs&google_gid=CAESELrmBZQwHnhctQV8rNcQI3M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExOTgyODQ2MDY3OTA1Nzc0NzA1Mg%3D%3D&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6gohAjO2is3ZxpUzYJTjVPaMtmvX6XbCpDpWj2-3dSHoC9dtbs
Request Chain 236
  • https://sync.inmobi.com/gob?google_gid=CAESEKnEO-kmW-251Zu3zmEtJv8&google_cver=1&google_push=ASkJ3FajIZb2VDuZ21xK1y6Op47mrJ6KKjkynNDSzkUyMJjbC70PC3sCe41fHwv3CoFbfwDQDKkTno-3JxN60vaLwVuE51ntrGlRCRSZA4j6UZSr045fTcW73Hki8EP45QNzeffiIlxsV5FlEQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FajIZb2VDuZ21xK1y6Op47mrJ6KKjkynNDSzkUyMJjbC70PC3sCe41fHwv3CoFbfwDQDKkTno-3JxN60vaLwVuE51ntrGlRCRSZA4j6UZSr045fTcW73Hki8EP45QNzeffiIlxsV5FlEQ
Request Chain 237
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIQe3caMU2oOKYx2KmTVSy4&google_cver=1&google_push=ASkJ3FYB9y8clq3o3etIgpDkdMFRgm0138Fza2Votxw5HwDsO49Jn4nAKVCbw2BbVbNU6oBoIcq1j3c71IXL_gScqaSCNVOLFm46yTEHxwm_VOpN1HCZD1yvgtscPwo3DgY2enFQgqCLCYxQ4Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYB9y8clq3o3etIgpDkdMFRgm0138Fza2Votxw5HwDsO49Jn4nAKVCbw2BbVbNU6oBoIcq1j3c71IXL_gScqaSCNVOLFm46yTEHxwm_VOpN1HCZD1yvgtscPwo3DgY2enFQgqCLCYxQ4Q HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 243
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELQABczIFdwTRSvhJNxSa8A&google_cver=1&google_push=ASkJ3FYo3tU66HAJqggrgF8ODrjRF7iAKewHyt_5sohe3ka0EnzTeMWUdFwptXtdPMOhtT27-d3fci0R3i0pmgfKrvVRf7w3aN4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY1MDA2MDk1MQ%3D%3D&google_push=ASkJ3FYo3tU66HAJqggrgF8ODrjRF7iAKewHyt_5sohe3ka0EnzTeMWUdFwptXtdPMOhtT27-d3fci0R3i0pmgfKrvVRf7w3aN4
Request Chain 244
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKBznJ2RLQ2tqTeAtPLqgEY&google_cver=1&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKBznJ2RLQ2tqTeAtPLqgEY&google_cver=1&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby&google_hm=NzSy6r7GQXqZqp-VjilzvQ==
Request Chain 246
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_cver=1&google_push=ASkJ3FYhvUjpJDGsuY48lFFzmpBToHsQBpxmgEh5A-ZSELcsGtS7KT5xAC6kZTfc7OkRQPTVLgf7fkiuoc4UHB4DpME26M1L6eZd HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_push=ASkJ3FYhvUjpJDGsuY48lFFzmpBToHsQBpxmgEh5A-ZSELcsGtS7KT5xAC6kZTfc7OkRQPTVLgf7fkiuoc4UHB4DpME26M1L6eZd&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_hm=Y4H2cEsonu6kfQlj8XmERAAAFBsAAAAB&google_nid=index&google_push=ASkJ3FYhvUjpJDGsuY48lFFzmpBToHsQBpxmgEh5A-ZSELcsGtS7KT5xAC6kZTfc7OkRQPTVLgf7fkiuoc4UHB4DpME26M1L6eZd
Request Chain 247
  • https://an.yandex.ru/mapuid/google/CAESEGKVtohcJr5GDQwOYQOB4e0?ext-param=ASkJ3FZ0axaEPOtj7tA-VFKc7HSUOopYtYMT0o6b-ydF93rjONdOt06hRv6403iuSjd16FQuzPgOrQn1ZlHt09IbI1ndeGTNyWwNHw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEGKVtohcJr5GDQwOYQOB4e0?redir-setuniq=1&ext-param=ASkJ3FZ0axaEPOtj7tA-VFKc7HSUOopYtYMT0o6b-ydF93rjONdOt06hRv6403iuSjd16FQuzPgOrQn1ZlHt09IbI1ndeGTNyWwNHw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGKVtohcJr5GDQwOYQOB4e0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 251
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELQABczIFdwTRSvhJNxSa8A&google_cver=1&google_push=ASkJ3Fa-C2Rmdn9E5s3ZaX2coj2VJLcCql7Oe4k8PX1A9qFzfO_xVoTE0IbRHE0i7w8chnPd8CtOBzxCiXCi6Jhef-nGJ0ftfb4o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY0OTE0MzQzNw%3D%3D&google_push=ASkJ3Fa-C2Rmdn9E5s3ZaX2coj2VJLcCql7Oe4k8PX1A9qFzfO_xVoTE0IbRHE0i7w8chnPd8CtOBzxCiXCi6Jhef-nGJ0ftfb4o
Request Chain 252
  • https://a.c.appier.net/gcm?google_gid=CAESEO30Fhs2Kyy6thERh2_Y_B8&google_cver=1&google_push=ASkJ3Fbn9Y-SBsLItXCVU8dhKsHy2dzckMMZhN9hwpYC3wOB1LmPg5Jveviw-tAt75PFNlpGLc06tWzY8FafidBBPU8y-ZQOe4Uw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VkUxOTcyWmVBWk9wSWJRbGNQYUJZdw%3D%3D&google_push=ASkJ3Fbn9Y-SBsLItXCVU8dhKsHy2dzckMMZhN9hwpYC3wOB1LmPg5Jveviw-tAt75PFNlpGLc06tWzY8FafidBBPU8y-ZQOe4Uw
Request Chain 253
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJC67_130eSRF8YWT-FGYMA&google_cver=1&google_push=ASkJ3FZBVozHkNul0tto4cR51_7pT0uufu0ol0h4ESULXV-_jIyrvcXQKF6qUstvXWx-Bsd2coDMJ9Kb2qNcWKpKO2996H_bcZ0a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yBIKwrvoRFFans6ZuBNU19ly14U&google_push=ASkJ3FZBVozHkNul0tto4cR51_7pT0uufu0ol0h4ESULXV-_jIyrvcXQKF6qUstvXWx-Bsd2coDMJ9Kb2qNcWKpKO2996H_bcZ0a
Request Chain 254
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEINFq38uMYciLM_EgiLdNgA&google_cver=1&google_push=ASkJ3FZcsGsZ8jcfyKQAi4a9LoD5hnKpaRQjjrqaPGtEjnmrqZ56kAFIXBPWxhwu8wGzOkNQ4pjhq9kvRWoX1eqFC3eSHtEemwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVUNCOTgtTy1FSDhZ&google_push=ASkJ3FZcsGsZ8jcfyKQAi4a9LoD5hnKpaRQjjrqaPGtEjnmrqZ56kAFIXBPWxhwu8wGzOkNQ4pjhq9kvRWoX1eqFC3eSHtEemwQ
Request Chain 256
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEApSWOdoQYxQJWGW20ENgZQ&google_cver=1&google_push=ASkJ3Fb3ymIMEsIq6f9T-tAIS3ZRp70Vj1p5FC8qjuT79HGm6NkdRS0hNGEKyTRUlD0KEWZFh54OaRNvy8LtZlprB-FeM4MUBUcxBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3Fb3ymIMEsIq6f9T-tAIS3ZRp70Vj1p5FC8qjuT79HGm6NkdRS0hNGEKyTRUlD0KEWZFh54OaRNvy8LtZlprB-FeM4MUBUcxBA&google_hm=QlMuNjExYy1hOTBhLTQ3NDktYWMwMQ==
Request Chain 257
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDLX5IC0oaZrwrMBAFpqwTo&google_cver=1&google_push=ASkJ3FZJDdZRJiD58mruFCVWkR0_19IKtZsoqVwqbSNgdcCHtl8bF6qvFiezBdFDWj5MgDfSxW8VYsOlOTCnS6nL43HMCi4IJGL_ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZJDdZRJiD58mruFCVWkR0_19IKtZsoqVwqbSNgdcCHtl8bF6qvFiezBdFDWj5MgDfSxW8VYsOlOTCnS6nL43HMCi4IJGL_ig HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 266
  • https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CMqO5ZTdy_sCFY-M3godyj0K1w;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 293
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJNhZXjNcuiOcfu9qgVm65k&google_cver=1&google_push=ASkJ3Fb_v7AL6dbmYuCjd8vvat8Uio-SGWWQ-zUJ_4EVVjsN818TSRNnqvn0-qcHW9ta6L0rMTLFXo59me_vCcc07AP3qcca2fU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fb_v7AL6dbmYuCjd8vvat8Uio-SGWWQ-zUJ_4EVVjsN818TSRNnqvn0-qcHW9ta6L0rMTLFXo59me_vCcc07AP3qcca2fU
Request Chain 294
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIBVr_XzyYd0BK9K2TZ4Mog&google_cver=1&google_push=ASkJ3FYCcAyGv3OtSA86K_zexxSDEs8piC0kOuiAveTmorTnQRAxVDGBx58YJFFpBycs0uFbuYG6VAQkwn1EGkB5YXLPTCqOJVU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYCcAyGv3OtSA86K_zexxSDEs8piC0kOuiAveTmorTnQRAxVDGBx58YJFFpBycs0uFbuYG6VAQkwn1EGkB5YXLPTCqOJVU&google_hm=hmOB9nBcDK-ln3XZGA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6381F6705C0CAFA59F75D918BLIS
Request Chain 295
  • https://fksnk.com/cs/google?google_gid=CAESECg_5REeCcV-hjLpSZNsErs&google_cver=1&google_push=ASkJ3FbztyNZlph9FXWXyTR-ksD_RgndLn87fcbvUFaX69dP_w-gLmN6g6TsNrQkiSiagcGDYigZ7tJo7PVgyrtJxijRAXmP3Wg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkY3OTY0OEU1RDc4RDZDNQ==
Request Chain 296
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBjzRpbyD8LzndPavp0s_i8&google_cver=1&google_push=ASkJ3FZ4LKgxvj-hHhenkhhKaM0W9d970NngqgJtP-9xebHVGJ2Q7dgixPXwvNBpGcazL96i1ORRV7eP4D_O54JfhTowd83fbgk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZ4LKgxvj-hHhenkhhKaM0W9d970NngqgJtP-9xebHVGJ2Q7dgixPXwvNBpGcazL96i1ORRV7eP4D_O54JfhTowd83fbgk&google_hm=MjAwMjUzMTE3NzY3NDMyMzA5
Request Chain 297
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJphYZvEXEGssEsfB2VJKLI&c_param1=ASkJ3FYysq_prt0y-3RD548Bk6zGL88PN_4BCrJ5YY_xaRzQMt3uIz0UBTIzkg0H7z04cUhG7R1EdEQ809aHn1DgCIeEi5qeFR4&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYysq_prt0y-3RD548Bk6zGL88PN_4BCrJ5YY_xaRzQMt3uIz0UBTIzkg0H7z04cUhG7R1EdEQ809aHn1DgCIeEi5qeFR4
Request Chain 298
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIQe3caMU2oOKYx2KmTVSy4&google_cver=1&google_push=ASkJ3FZTqR-noALppyTcIgNu4E5ByF5u-DTNaSr4170fF-sJhEXvp_pLg8JSBJ_1CUBs0YXO7jI1Kq1S3gjyRJSBEkhsYrZvkQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZTqR-noALppyTcIgNu4E5ByF5u-DTNaSr4170fF-sJhEXvp_pLg8JSBJ_1CUBs0YXO7jI1Kq1S3gjyRJSBEkhsYrZvkQ
Request Chain 299
  • https://an.yandex.ru/mapuid/google/CAESEGKVtohcJr5GDQwOYQOB4e0?ext-param=ASkJ3Fa-lcIfY9Y3ZSQR1sE5aGtk-aQOqQn6yoytZqYGOc3O_ZC9t2I3C6y8Qo4EvMgM_9uFYoaipEDV103mipqc049KdR7Vm18u&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGKVtohcJr5GDQwOYQOB4e0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 322
  • https://pixel.adsafeprotected.com/rfw/st/1180045/66149901/skeleton.js?adsafe_url=https%3A%2F%2Fsimcast.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fcdn.audiencemanager.de%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcdn.audiencemanager.de%2FhtmlBanners%2F635a82ec2d9d3b597d345cb6%2Findex.html%3FclickTag%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%253Fsa%253DL%2526ai%253DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%2526sig%253DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%2526client%253Dca-pub-1062972861553303%2526dbm_c%253DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%2526cry%253D1%2526dbm_d%253DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%2526adurl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D63468d106d216e35f43d8a69%252526adId%25253D1be0cc6381f66ff125c1328531937066667285%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D1be0cc6381f66ff125c1328531937066667285%252526curl%25253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%252526ntuId%25253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%252526cb%25253D1669469004%252526redirectUrl%25253D&adsafe_type=d&adsafe_jsinfo=,id:29555493-a829-bb30-93e7-0d3c645036c0,c:v4ubmL,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-hq8st,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:143,mot:0,app:0,maw:0,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:172,oid:4da3dbf7-6d7c-11ed-8de5-7e70587779ee,v:19.8.366,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 327
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJHshpXdy_sCFUWL_Qcd3PEFZA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Request Chain 330
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COLshpXdy_sCFWuF_Qcdh10OkA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692575X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 333
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e1bf229-6d7c-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 337
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLL8h5Xdy_sCFQzruwgdnXUJ-w;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Request Chain 340
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPb-h5Xdy_sCFRGK_QcdrOkCRQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692571X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 343
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e18e4e0-6d7c-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 350
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simcast.com&sn=ChromeSyncframe&so=0&topUrl=simcast.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ul2NnHxnUGNWbW5BbG4vNTZCVjJyOFZUYytYOUZuMk1yMW40VndMNWljai9rQ0ZsZlg5TnF0K0tCNzQxOTZnOUg0b1dmY0g5T2RSclprK2VxU3E5WCtHNGZYbTZvcWRRZGxSUWorakc2UE5wSkdzQzlVaDUwTitkUG1rRjc2M1lRODMyd2x6bXdBRFpWYWxrcnlHakxvNDhDQmFFTS8zWlc2RFAxT3d6ZkVPeVRPSXVyMExyS2JNbHZYdkdyZ0tjK01NbWd3UFNzc1R2Z0QyZGV5MkFON3hGbU1jK3pYUFl3ejRvRE9QNjZ4M3IyK1JJbWhwcTRvUkZ5dHdxenhqWlV4K0NQVW9IVnBjK0hSWTdycjFETUJXa2Jydz09fA&cppv=2
Request Chain 357
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simcast.com&sn=ChromeSyncframe&so=3&topUrl=simcast.com&bundle=ZEyJlF9KVm5DYVdoY2x3TGJZNzdHOUpuVE9uMjgxemR5VUtaNGhaZnV1NzY4YUUxem1nSFAwYkV5Zkl5UGklMkJpdUVYSmlPWTJMemhaWnVWNCUyQmVpODFSN0VqUUE0dkhoN091T0s1WGlNa0VRWjE0Y0xUQkhRdHFaVXlyTEtydjRmS0ZDUGlBaTY1OGVEaTFqaXRIeEp0cVNWMnVBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qtlL2XxGUG5GOGV4K1IycXl0QWg2Y1BvR1UvbjZJdEJZdG45KzFDbUNtaHNSZ3I5UEN3d281V01jYkhUTTNNdUNZYXdHa2dMZTVRQ3ZGMUJtbzhuR2VqdERpUkxOS1BYdGpuK1hSVktnQXA4SlpuMGcrS0JWd1hnbjBEeGcvaURQcFJQM2FGQUpyR1RFcGxPSGVwYjNRWmxNWVdyVEVOdC81Y1dYWnI1VG9sMG90RlgycWdSZm02emp1M3J4K2tTQ2NvMTJIUng2ZklGRHo3QUNhcHZFL0VPTW5VOThOdE0rSVg5UWkrV1JNcHRtMEJrSmhxTzBMdjBycVNydTB3YjkwYTNRMExLOWltSUVhWlhydnBzOXoyMHFodW0rZmwyNEFOZjFnV3hJRmI2ejNkUT18&cppv=2
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1127080431113253496
Request Chain 364
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=
Request Chain 365
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADzDk7HA-0AACGGanx30w&expiration=1670671218&gdpr=0

368 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
leaxusfinancial.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://leaxusfinancial.com/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 11:20:11 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
leaxusfinancial.com/page/ 		715 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
http://leaxusfinancial.com/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlrckEUjU8mCtwxbmGBINuxbN8T2Z8ZrELtPhIJOW30LHRdDVCDn2Kc3K%2F1AQjkWNJfcIFs3XelToNtx7lywInDaBaguEgcKGDWhc7eb7vK7PrGGay0T5rp2OETFqe9A%2FerOPBYcxXy63wyCgLo%2BXM1kEXH82SmSX9ThSJAwZU%2FV6xtJFxg78MDMm9ydj3iv9Sutrb%2BUMxw%2BMHxi3aSrvZcXPdH7OvulZpClAAfinUKOqXxvrpTaVtkNKtw9tJE3LvjFfNYoXbRjRxj7UlzXqyWU8%2BNF71SmEcYXHwrOlgGVozLinmEndenmArPQ%2BauTVgFjban3Fok1%2BzmYIlbJjrrqbKuXhwRp5oGMJf8kWo3Uxl1UJqvery3wQ5wegpGNdjiWTA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://leaxusfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 11:20:11 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		38 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/page/bouncy.php?&bpae=GbhOdycGokx7j2%2FtWlrckEUjU8mCtwxbmGBINuxbN8T2Z8ZrELtPhIJOW30LHRdDVCDn2Kc3K%2F1AQjkWNJfcIFs3XelToNtx7lywInDaBaguEgcKGDWhc7eb7vK7PrGGay0T5rp2OETFqe9A%2FerOPBYcxXy63wyCgLo%2BXM1kEXH82SmSX9ThSJAwZU%2FV6xtJFxg78MDMm9ydj3iv9Sutrb%2BUMxw%2BMHxi3aSrvZcXPdH7OvulZpClAAfinUKOqXxvrpTaVtkNKtw9tJE3LvjFfNYoXbRjRxj7UlzXqyWU8%2BNF71SmEcYXHwrOlgGVozLinmEndenmArPQ%2BauTVgFjban3Fok1%2BzmYIlbJjrrqbKuXhwRp5oGMJf8kWo3Uxl1UJqvery3wQ5wegpGNdjiWTA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
3bb67bdb38a9feef291f50c3a1eda23bce2453b23a5d73e377360667c0dd739b

Request headers

Referer
http://leaxusfinancial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
7052
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 11:20:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1669461612.dop150.fr8.t,1669461612.cds053.fr8.hn,1669461612.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
application/javascript
connection
Upgrade
accept-ranges
bytes
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		534 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6775fde9592b00fbc72ce9a127f316d89684c73de916c45ed63261a835af2e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 25 Nov 2022 06:13:45 GMT
server
cloudflare
etag
W/"63805d19-857bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fECPu62Keghvre90OhM0fb%2BoCWUdFg4COfLRYTyi8BfjEVtRrPtq4hGKcXn15EbighwFeJJ6kjpYVtNrb7oIlvpds1II9P4i3XAWwdaFWzGcAxcTJpbM2gX3w39wpeFLfsJ86wyPiIQo8kvY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
77023bc35ab06967-FRA
expires
Sun, 27 Nov 2022 06:15:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b83bc177ce65349cbcef2d2615a39a12fb71d01e3572c1fc8ad1c76eada66a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54933
x-xss-protection
0
server
cafe
etag
14352830187215874605
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 26 Nov 2022 11:20:13 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		0
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=leaxusfinancial.com
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:92ff:fe2d:3e71 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:12 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3263574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igYyUC%2FwPz%2B1Wg4SM8JBZgmPXztVszrZxu0haxr0DgDOr6ynkKCbMosONtpOcKvt62ngo7bETRc6fwSDfNxYC9Na0o3F%2FW55waLNEm25wpTtTbYt3BW7DUtQf7JEmOsxQGgTEldVrhwSL1CuKaWjViGZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77023bc8ca2f92ba-FRA
expires
Thu, 16 Nov 2023 11:20:12 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6265608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teAQERwEIrC5A4ONHtaJzu97b7PxnV%2BdbvmUaZZMwF%2BH7gBXSdz8dH0oAKmAGDxH4fdDLBmZZGr%2FOQHYhypaxHvzwKwaEKU3S8K5grgqvkKwhzfcF%2FqSYdWfwiBAEbkiHz49dXDte%2FNqfkDvATU24tDD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77023bc90aaf92ba-FRA
expires
Thu, 16 Nov 2023 11:20:12 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
352
embed.js
embedcdn.sendtonews.com/easy-stn-player/20221123/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/20221123/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/20221123/embed.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08096af58544baf2b89acc2cf83a63c90870c001e0f189248dbab1f68ae100cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
le5011BUj72sPfQx6cl.EOVTgyPEzh5w
content-encoding
br
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
date
Sat, 26 Nov 2022 11:19:58 GMT
last-modified
Wed, 23 Nov 2022 23:53:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
15
etag
W/"e5abad4a8175579c4f7f1d5fe214dae6"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
BwEsGHEvAc2tI_wgXjuqZrsIIPYemXIXBYSDLN_1NgckclRY2PGnyw==

Redirect headers

date
Sat, 26 Nov 2022 11:20:13 GMT
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/20221123/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
wX0vEz9vVedI-8TD760Jrun6jyhxb3vyfaAZVG6K1cqMSgnYuSL4Kw==
AA14zDfn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zDfn.img?h=100&w=100&x=563&y=225&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c3802f9ca74273f77cf2f9a21a8e154173159b9ae13aa15c8d78f09eafa0b86b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 06:24:14 GMT
x-resizerversion
1.0
x-source-length
312618
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=414299
x-activityid
290558a4-518d-4d21-b20b-e54381e9dedf
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zDfn?h=100&w=100&x=563&y=225&m=5
timing-allow-origin
*
content-length
3265
expires
Thu, 01 Dec 2022 06:25:12 GMT
AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		417 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Wed, 16 Nov 2022 03:29:25 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
417
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=317405
x-activityid
b0707e36-ddf8-42f8-8034-da88007d43ea
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length
417
expires
Wed, 30 Nov 2022 03:30:18 GMT
AA14zwfP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zwfP.img?h=100&w=100&x=470&y=264.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
70d4bb0b3b03b8414f62b8e2b0736a48efdca9c32c720992c25ff7e504bbc816
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 08:36:08 GMT
x-resizerversion
1.0
x-source-length
84575
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=422178
x-activityid
c214c567-c822-4105-93ad-cbc30bfdadef
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zwfP?h=100&w=100&x=470&y=264.5&m=5
timing-allow-origin
*
content-length
2333
expires
Thu, 01 Dec 2022 08:36:31 GMT
AAZ0uHE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAZ0uHE.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f8dbc2d5612573014af1406039e69f1f5fb7762820efe4c0550d700dcbd7da6e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 03:05:05 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
4485
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=402321
x-activityid
ba6b9e77-7cba-4d78-9baf-550bb848f0f8
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAZ0uHE
content-length
4485
expires
Thu, 01 Dec 2022 03:05:34 GMT
AA14zVvz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zVvz.img?h=100&w=100&x=1024&y=610&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
291d5ea012bccaa4b4cd955fe8f8a6098ba2625a7fcacadac9d08f10d91eb8f2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 11:08:58 GMT
x-resizerversion
1.0
x-source-length
285133
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431336
x-activityid
17793371-8193-46e0-bba7-8c89ee9dc21c
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zVvz?h=100&w=100&x=1024&y=610&m=5
timing-allow-origin
*
content-length
2369
expires
Thu, 01 Dec 2022 11:09:09 GMT
AA13GFti.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13GFti.img?h=100&w=100&x=396&y=149&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
23f2a97a2607d0dc1b5e8518e81a3cc63e6572a2bb619c94ab4910ba83537505
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 09:50:31 GMT
x-resizerversion
1.0
x-source-length
64550
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426605
x-activityid
25ae8404-06fd-404d-96a4-1aa5faff7304
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13GFti?h=100&w=100&x=396&y=149&m=5
timing-allow-origin
*
content-length
3871
expires
Thu, 01 Dec 2022 09:50:18 GMT
BB10ea2p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10ea2p.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sun, 13 Nov 2022 21:10:48 GMT
x-resizerversion
1.0
x-source-length
1105
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=121844
x-activityid
46fe939e-4e1c-43d8-904e-83c31fdd3f14
content-location
https://img.s-msn.com/tenant/amp/entityid/BB10ea2p
timing-allow-origin
*
content-length
1105
expires
Sun, 27 Nov 2022 21:10:57 GMT
AA14zFnk.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zFnk.img?h=100&w=100&x=738.5&y=401.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5c83f9f6ea7213a4a8f7b17db7b6e768582cdd2fe36fd9989009d1a1d5cad593
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 10:20:05 GMT
x-resizerversion
1.0
x-source-length
58926
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428439
x-activityid
6e0c7f11-5cd2-4bae-917c-493cd74bac86
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zFnk?h=100&w=100&x=738.5&y=401.5&m=5
timing-allow-origin
*
content-length
2533
expires
Thu, 01 Dec 2022 10:20:52 GMT
BBs47TE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		745 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBs47TE.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
abaab2cba237aa106298f6fbba0f540da1e0f943171b14d50e74776696168ec0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Thu, 17 Nov 2022 06:42:19 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
745
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=415316
x-activityid
3cea64ff-54e8-42d1-86fe-db71cca6f5d1
content-location
https://img.s-msn.com/tenant/amp/entityid/BBs47TE
timing-allow-origin
*
content-length
745
expires
Thu, 01 Dec 2022 06:42:09 GMT
AA14zVvz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zVvz.img?h=500&w=1000&x=1024&y=610&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e2a9677f90a8abf643f17345788419de5b555a162bedb252a1b0a4d0d603cf4b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 11:06:00 GMT
x-resizerversion
1.0
x-source-length
285133
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431120
x-activityid
fd086861-e40f-444c-8308-323221007529
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zVvz?h=500&w=1000&x=1024&y=610&m=2
timing-allow-origin
*
content-length
50392
expires
Thu, 01 Dec 2022 11:05:33 GMT
AA14zFmS.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zFmS.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
79661c48ded6f8cc0c83bc4c8f700306037bd41dc3ba7c88275cc2d5b36e2690
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 10:20:00 GMT
x-resizerversion
1.0
x-source-length
303257
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428456
x-activityid
7194012f-91fd-4098-ac0a-56ce890ef3ab
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zFmS?h=70&w=95&x=1024&y=682.5&m=5
timing-allow-origin
*
content-length
1857
expires
Thu, 01 Dec 2022 10:21:09 GMT
AA14zFBk.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zFBk.img?h=70&w=95&x=470&y=264.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
809cf5f44f7182386e632364e92be0b6f8144ff333050d1045f1368a23ecfc83
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 10:15:24 GMT
x-resizerversion
1.0
x-source-length
54787
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428073
x-activityid
f8f640f6-9d0b-4146-ab2b-b714bb64b9d3
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zFBk?h=70&w=95&x=470&y=264.5&m=5
timing-allow-origin
*
content-length
2266
expires
Thu, 01 Dec 2022 10:14:46 GMT
AA13GFti.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13GFti.img?h=70&w=95&x=396&y=149&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21c5c9c2ad43e689327bd5e3ca7338775d4cba94ec517b971d1d585b4e999436
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Fri, 25 Nov 2022 04:11:17 GMT
x-resizerversion
1.0
x-source-length
64550
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=319887
x-activityid
8a3ab1f4-2e32-4bb3-9b31-a211d9bee975
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13GFti?h=70&w=95&x=396&y=149&m=5
timing-allow-origin
*
content-length
2908
expires
Wed, 30 Nov 2022 04:11:40 GMT
AA14wsvC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14wsvC.img?h=70&w=95&x=400&y=266.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9b9a5a34b4a2ac69f57ff81b82bd66843c5f19f70371ed53b290aa60c4ee1f08
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Thu, 24 Nov 2022 23:47:11 GMT
x-resizerversion
1.0
x-source-length
82651
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=303980
x-activityid
98f624b0-494b-4cc8-9c69-0295ca179cb2
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14wsvC?h=70&w=95&x=400&y=266.5&m=5
timing-allow-origin
*
content-length
2537
expires
Tue, 29 Nov 2022 23:46:33 GMT
AA14kvGo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14kvGo.img?h=70&w=95&x=352&y=256&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42d3726ee89c13a920fc85244f4c84c0bcc0a547f48df05b0de18fb8ed4cdb68
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Fri, 25 Nov 2022 06:50:37 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
628511
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=329437
x-activityid
89f27bbf-6bcc-48a0-8f30-bca9061d8363
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14kvGo?h=70&w=95&x=352&y=256&m=5
content-length
15881
expires
Wed, 30 Nov 2022 06:50:50 GMT
AA14zwfP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zwfP.img?h=70&w=95&x=470&y=264.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d0b0bd501bdeea8ff591ba2e0f57326f44a92506fb1ac2d01861e0d03811730
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 08:33:40 GMT
x-resizerversion
1.0
x-source-length
84575
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=422075
x-activityid
38ebf4fd-02f1-47cd-8ba7-25b4a2e99e6e
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zwfP?h=70&w=95&x=470&y=264.5&m=5
timing-allow-origin
*
content-length
1812
expires
Thu, 01 Dec 2022 08:34:48 GMT
AA14zAmJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zAmJ.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
350b9da6663f716be70ebdf2f1dfd1e89b4ae0be015f120229c257ef934b1814
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 10:51:56 GMT
x-resizerversion
1.0
x-source-length
231942
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430299
x-activityid
0db1bf76-5cc8-4639-a0e7-6d35d30059bd
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zAmJ?h=70&w=95&x=1024&y=682.5&m=5
timing-allow-origin
*
content-length
3033
expires
Thu, 01 Dec 2022 10:51:52 GMT
AA14zJFn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zJFn.img?h=70&w=95&x=471.5&y=385.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
61cbcfee8f57cb084bebdd0efc1c2f0a44d108d49d67f0f1a251e87a5df9be37
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 11:20:13 GMT
x-resizerversion
1.0
x-source-length
269637
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431928
x-activityid
649fc8cb-0f77-41a2-8a03-227654f9215c
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zJFn?h=70&w=95&x=471.5&y=385.5&m=5
timing-allow-origin
*
content-length
2221
expires
Thu, 01 Dec 2022 11:19:01 GMT
AA14zFnk.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14zFnk.img?h=70&w=95&x=738.5&y=401.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cb94758c021b64d9d64ce40b3039ba37774e37d9ff8ff65213472702e8a16a16
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 10:19:25 GMT
x-resizerversion
1.0
x-source-length
58926
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428413
x-activityid
8be25c7a-01c1-488d-be7f-bb0b54208cef
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14zFnk?h=70&w=95&x=738.5&y=401.5&m=5
timing-allow-origin
*
content-length
2033
expires
Thu, 01 Dec 2022 10:20:26 GMT
BB1aCuT4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aCuT4.img?h=300&w=400&x=400&y=300&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
545d960652f4adfcf1dcaf3ecca7dad350c0c9c5d7dc8a0eee7638aae08d79a4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Sat, 26 Nov 2022 07:36:39 GMT
x-resizerversion
1.0
x-source-length
96397
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418546
x-activityid
1ef0b0ca-5b2c-4950-960a-79ad5cd86ed8
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1aCuT4?h=300&w=400&x=400&y=300&m=2
timing-allow-origin
*
content-length
29230
expires
Thu, 01 Dec 2022 07:35:59 GMT
AA14dnGs.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14dnGs.img?h=300&w=400&x=400&y=266.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
974e48c7fc7289abf78ee433f055bb3317cfbffed8a5baa075a7e9aa614e67b2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Fri, 25 Nov 2022 13:04:24 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
94467
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=351851
x-activityid
618709a0-0922-4177-8ee7-e60f09ca72e8
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA14dnGs?h=300&w=400&x=400&y=266.5&m=2
content-length
41258
expires
Wed, 30 Nov 2022 13:04:24 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
351
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2e6d45cf4e09e3b90031fdfa2aedb1e064df5bd13021c0ddc1a8b074512f4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43646
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Nov 2022 11:20:13 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sat, 26 Nov 2022 11:20:13 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		323 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b7e40960cc682c9f685bc107fc7948fce56e054814c0b86214d283130a523d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
77023bcb9c96bb3b-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 914 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 11:20:13 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.125.54 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-125-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
PMGJKBNHV70WPPEQ
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
scxAVavpLcPmywJUq8XORx+l2fn0Lzo7Iqw5f4do2cqbdJUOHW4Kl6kPcdBFD5BUB8Dbbojr7eI=
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
content-type
font/woff2
connection
Upgrade
accept-ranges
bytes
content-length
75440
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20221123/ 		667 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fcebe7aa22a32eb3f255631508ad0891d1ba5a2df286ebef6050f016899b5a2

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
Tp1HtokQZG6RE3atbEzCvHblZLls9e6k
content-encoding
br
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Wed, 23 Nov 2022 23:53:32 GMT
server
AmazonS3
age
17
x-amz-cf-pop
FRA56-P7
etag
W/"97639fda3414d7d752bf829ced8fb3cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
THg_qZHWXph_KesU6FRGRXwr4lvUJz5qGK4F5b106ZfQRmtv5DW0Mw==
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 11:05:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Sat, 26 Nov 2022 11:20:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aead9e7fa3c7aafc40d641ddf77f2398689da4579ff2569ebb16d6e7ba43c4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119607
x-xss-protection
0
server
cafe
etag
14711636192095985952
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 26 Nov 2022 11:20:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame B9A1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:42:07 GMT
etag
10353107486223812946
expires
Sat, 10 Dec 2022 10:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 26 Nov 2022 11:01:51 GMT
server
cloudflare
age
881
etag
W/"da4b9b-9a4f-5ee5d90c2ffb5"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
77023bcd58e09a0c-FRA
expires
Sat, 26 Nov 2022 15:20:13 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 10:14:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 11:20:13 GMT
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 11:20:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 11:20:13 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5851239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsTGAr%2BlzRgh2RWNzKcbzTNU7R73D%2B1GrahA712%2FY8WDlISBbimRQuTzxxLBniWFLbxAeK6jeyHZ0idkUxQFgwKoc55P8agaxDNAeY88BqHpqWu%2FJDF9WVSyGXNlBWOdEaZQv5n6PioYiHtIKxwqMQHx"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77023bcd3e156934-FRA
expires
Thu, 16 Nov 2023 11:20:13 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		105 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e72d88ba4b2048a66a78cf13087eb257f8f2458c6be0a5bcb09a9756381c24c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
UU1SX_loBDCe0_Ms0CIS5U8Ji9LMjrWu
content-encoding
gzip
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
date
Fri, 25 Nov 2022 21:43:28 GMT
last-modified
Tue, 22 Nov 2022 23:13:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
49006
etag
W/"020d53edd2e9a15c684c0521b5a93982"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=84600
x-amz-cf-id
Uzlcx9OXqznfNu9HL5db-9dfyeu54jdXoOvgf6JdBhYiaqvcKOX1hg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Sat, 26 Nov 2022 11:20:13 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:31:22 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
13731
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
iF5XNrFtGNabV7KzOqUI6AyItBUxnT9U26C4uncbjBSt-FM9PfqCVw==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 03:10:54 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
29359
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
LDK2pC28M-pNnh-LbA_WpcJTsFELo0l9GMW7ZMIwTn_XwennqWbX6w==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:31:22 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
13731
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
Xh2BungR6n9WjCqS2Gps84HhHjXYnSQvDyBHsEjuKR7IgsXMjk7xAA==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:31:22 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
13731
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
XLxpgeq9_va6qFZ8KG042Bd9amm-rMnZouWtvPnq5Kh_XfOZ_Tw1nw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=921874&version=7.10.2&age=221126&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=2375.9&relativeTime=0.2&canonical=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		33 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=f_wVLeZKYGWH5LyV&instance=921874&version=7.10.2&age=221126&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
95e1bd7b559c76491d457ea8666cdf79104614c53772b7e9fce1b2b64d9c5974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gCwArJnoktTQS_9hrmKTALWUml2vkXnX_Kfw9YVg3yUWMJB1X2R9-w==
content-length
5987
expires
Sat, 26 Nov 2022 11:20:14 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e51529273fb1ff43ff6c305641a98fa9d20ad7d9a8bef0568c4751699c81b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EEC1 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1669461613&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669461613515&bpp=3&bdt=1530&idt=203&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4240417519255&frm=20&pv=2&ga_vid=1759178039.1669461614&ga_sid=1669461614&ga_hid=792846842&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44778844%2C42531705%2C44773613%2C21066432&oid=2&pvsid=2744135196372194&tmod=730899535&uas=0&nvt=1&ref=http%3A%2F%2Fleaxusfinancial.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:13 GMT
expires
Sat, 26 Nov 2022 11:20:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
id.sv.rkdms.com/identity/ 		2 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.152.214 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-152-214.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
fb3807dd72ddfddbc7e9e2547b9d737408559685853a02eff358422bb13fe4ed

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 26 Dec 2022 11:20:13 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame AD59 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8098374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcrkRU9sa%2BZwBlJa3kA4av69pLBsUSp%2B2oCHnbEaLT5WurF%2BmhXnH9So%2F6P0MeQ%2BbIesASv5fxTk5uy0wUU%2BdmFI%2F4yJnZjSfaW7l%2Fa40pxKI03zlsc7teuJzQj0PgR%2B41cZ1S7soidC0pOL1UT5s6%2Bu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77023bce28326934-FRA
expires
Thu, 16 Nov 2023 11:20:13 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame AD59 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
Nq_stEq7uJWBzVFl0h4cIkh3dyS04Q_ES9BEehVqf46Yv0DdEAMK_g==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame AD59 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 16:36:40 GMT
content-encoding
gzip
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
67414
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
F1JxnQWhae456I4CDYwoU_XYTDcPaK9jB6eUfhIPp1zquO5bnK19FQ==
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/ Frame AD59
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Server
2600:9000:236e:d600:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 10:52:51 GMT
content-encoding
br
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
1643
x-amz-server-side-encryption
AES256
etag
W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
GKS1iZF-svL7v4HWPRfYJ6P2l0Egmj9Ju0qzBszzYwIPk_96NRJtiA==

Redirect headers

date
Fri, 25 Nov 2022 22:38:04 GMT
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
45729
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
G25FnrGRRJv5AaLyArkTAZNNAtkHNs6i7hK8SGuHdt5ZTEskcWfl6g==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Nov 2022 09:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6924
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 26 Nov 2022 11:24:49 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
bridge3.546.0_en.html
imasdk.googleapis.com/js/core/ Frame 0F1D 		690 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
77943
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226628
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 13:41:10 GMT
expires
Sat, 25 Nov 2023 13:41:10 GMT
last-modified
Wed, 16 Nov 2022 18:58:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 11:20:13 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		817 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f09c46fd81d3c8b0727dd05077f3fb61cfaaac1c81d661e29d59030b77e30eb7

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:14 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.232.0
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=71643592370&lsavail=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 11:20:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sat, 26 Nov 2022 11:20:13 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hbjson
grid.bidswitch.net/ 		24 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.152.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-152-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5334b6dc7d19548c961bbc5a6bfc61e21131b6b29afcd86e82eebc2259d1ce2c

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2283a6e69c4b94f64%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fleaxusfinancial.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Atrue%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%22991cd341-f068-4e45-8b91-277b6587a6bd%22%2C%22divId%22%3A%22991cd341-f068-4e45-8b91-277b6587a6bd%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228478991bff0ae29%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22tid%22%3A%22411b6bd6-2db1-443c-a50d-3734df4ace96%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22882e12822465383%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22tid%22%3A%22bcb6185c-d593-4335-8234-c14cdd80d175%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2292cb5a0912324b1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22tid%22%3A%22c7b37af5-5ff9-40a9-9c4c-b0b04413c644%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2294c6160a4b78193%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22tid%22%3A%227c6a2959-d199-40ac-8c18-e0e64a903834%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2213f43ffc-14eb-4dd7-a194-0683c26cb083%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c69c4713-08df-475b-900d-e8c3c25b9ac2%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a73bd63b39fa7acca98326360b507792f97f1ed0f8e9169f017d19e44ff876

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otiXz%2B52kgAQfyMkXsBN46MLYaVTIA9dQliK%2FO1QtaGMXK1U6c7epB71iTdz4jOu3OFQDDZTM3mjI29jGl4iu%2B5xYTrgGcvuaQniKOxcmOwQlOXmDJ7iniaKIcJ8izG%2BQJpc8LcH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77023bcf9ffe90e8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://simcast.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.134.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-134-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
13e58f0ccdb68bb246e496df7620ee42ce2848e10c4cea3ff050ba97ec14f6f8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:14 GMT
AN-X-Request-Uuid
765d502d-5b49-4d7f-8e12-5879d862b02f
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
476
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bb7390f330489b85c1899de036030f2e25d22c87617ebe3af395816881fe5de1

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 26 Nov 2022 11:20:14 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
81ec0d30b215db32828af356b4f9913e3a82be5534b5f2b319634b90667ba92e

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
689270673fe38b2ddbc0f63614bf4fff81a99ae6b5b8b1dfcfc51164fce68de9

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
26c355d1c57e454a38f5e311065808d4a26c177eb0d8ac613da7ce620a67aca8

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8a753652e785f2b7ff9eec9a24e362adb01c7d6846a935b2a41da422f9b9a4e7

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
27bd3e558c75229c619e5dec31543b7749bde126968adb14e8939e98017efc3f

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
71080da69830f8a2c33bdada9604d3289a87dc213a8f73c7e419e6a067c44d67

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7df4008c7578cd75b389da27f8805127f7ec6a7277faf90cf3757a9074d0a528

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
093f75472cb42490db7e9de339a48e79fda12a1d48089cf1b3753fb0c12c6d37

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
da45740954b06a70ca1fc0a1554f7d7135e1ac414157c52b361e90d6b5bc807a

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4db1db38f5794a7aec031263a293ecd25846902a4687fe139cbf8d2cf64e1103

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
88d63e53e04357121977a7a9754139b7f8e949228d90cc2b8398c7042632fb40

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1b9406d1dc11c962a928dbd0076ee0fd2c957035ca37eef9f6cd61da4e565e48

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
bid
s.seedtag.com/c/hb/ 		11 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
via
1.1 google
server
nginx
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.96.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-96-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
ghb.adtelligent.com/v2/auction/ 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cda10f1d3344c6231ba88640312c32a994728b205f77e0760fd57d66297dffe5

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 26 Nov 2022 11:20:14 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
972
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=214921874&version=7.10.2&age=221126&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=2761.3&relativeTime=385.6&canonical=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=mxKRwCZeX7&USR_ID=214921874&ST_usrKey=f_wVLeZKYGWH5LyV&SM_ID=2385087&C_ID=12018&C_companyName=Adapex&version=70100020&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.109.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 26 Nov 2022 11:20:15 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7717da18fff86552728b93961721cf5acb4fdd04c8e08535096af16bb206587f

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
guNhoUSnRyD11m6Y4UgMnFKcOcJcFIpE
content-encoding
gzip
via
1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront), 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Sat, 26 Nov 2022 00:37:32 GMT
last-modified
Sat, 19 Nov 2022 00:24:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7, FRA60-P4
age
67745
etag
W/"b8c57d0a3ca65c98f3d582d9add3f10f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
e7OopinUu0KVSDrwKRIIiStUh3pbj-uPcaEePDgSzUR0ZQYPX-H-Wg==
92gqi2mgiphur3hlkbxanlqsgtkaexg7.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/92gqi2mgiphur3hlkbxanlqsgtkaexg7.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b19851bae2c8d96ef409475ddc5bc94b0061b34c4b520d3f1638454ee00d01

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:07:49 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61946
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
65160
last-modified
Fri, 25 Nov 2022 18:00:09 GMT
server
AmazonS3
etag
"2241f8684910f58c426e0ae8eb566188"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
YPyhA_wPKEYD04p9PuCbrSOgy5qQS96vm9df5e1MU13oqA4aCXtVjg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=214921874&version=7.10.2&age=221126&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=2766.1&relativeTime=390.4&sC_ID=8783&sm_id=2385087&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=mxKRwCZeX7&USR_ID=214921874&ST_usrKey=f_wVLeZKYGWH5LyV&SM_ID=2385087&C_ID=12018&C_companyName=Adapex&version=70100020&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.109.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 26 Nov 2022 11:18:21 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame AD59 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
77023bd04d6e9153-FRA
vary
Accept-Encoding
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 18:47:03 GMT
x-content-type-options
nosniff
age
232391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:47:03 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:29:58 GMT
x-content-type-options
nosniff
age
294616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 01:29:58 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=792846842&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fleaxusfinancial.com%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1152758695&gjid=1458459365&cid=1759178039.1669461614&tid=UA-205158314-1&_gid=1803935905.1669461614&_r=1&gtm=2oub90&z=1303388889
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpc
at.teads.tv/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.115.97.56 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-115-97-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:14 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sat, 26 Nov 2022 11:20:14 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AD59 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
date
Sat, 26 Nov 2022 03:39:51 GMT
x-amz-cf-pop
FRA56-P6
age
27624
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZlHBOQjqCK80ePPM3lrzSPtFP1lXw0L5lWwljhNK8ITEe2Etb6Q7pA==
config
c.amazon-adsystem.com/cdn/prod/ Frame AD59 		248 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 07:28:00 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
13933
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
iwzQg05TX6wd56aKZKfv21y9VlBfFxnDrUlhybyIapFUvENm6rb-FQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame AD59 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Fleaxusfinancial.com%2F&pid=9pNIP9Zws4Twp&cb=0&ws=300x150&v=22.1107.1609&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.106.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-106-197.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
FGTSRNAGFRBVKPK8CSTR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
QVGUb9-Fr9nfBabX-XnxnIZhV83NtcYnpJ1oEBrwsRrYULXyRrTNUg==
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55c11dee22420ec7558166c16b2090c4af865d618878fe3ef413c3956589b651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11067
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MyhRyLa7%2B%2FNfblCuFjdrVHoKJXx7Jm6Ob24EY2L0A1UffpdF103otncKltnb2vIKpwFq%2Fizz609MVfhK636motJ9CvyONcB2U1bZECulhzlmF%2FLy17LYCjK75%2FArrCHFTAbfmI2274%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77023bd229fb9170-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
auction
tlx.3lift.com/header/ Frame AD59 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.4.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-4-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame AD59 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.25.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-25-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4d3c158e5f5740eb1ba78651f11ae1b57132b208424b4c49f3dc690a557a685c

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
translator
hbopenbid.pubmatic.com/ Frame AD59 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame AD59 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sat, 26 Nov 2022 11:20:14 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.015985
X-SpotX-Timing-Transform
0.000928
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.015985
X-SpotX-Timing-Page-Require
0.000522
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001893
X-fe
142
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.020940
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000431
Last-Modified
Sat, 26 Nov 2022 11:20:14 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
X-SpotX-Timing-Page-Exception
0.000015
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000013
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.001151
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame AD59 		139 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8812493d520cbc5235a0eebfb50ea2fe67f913102988f3b8413b72bb6ef690dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:14 GMT
AN-X-Request-Uuid
799a4f15-8c85-4acd-a5e8-b3d870e67a07
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame AD59 		36 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2211364d19105ad1%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212e2273bebc875b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54dea0e54c8ff7ded10ed34346406782cd4b11c1e34aedad6f1289b48c6339cb

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6NmJPG34UmiSnEo5hby4FvEwbWfhrqvY%2FOXFh8KPKB1bWw7dsiM96dL%2Bt82XQT6KS%2BipMVN7Z2p6nO6xWPMojJxTxpmRZx5%2BDjUFV47iIqS3eIkInHtxhvIy%2BOXD0BDJ5hPGWZZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77023bd289d09be6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame AD59 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.143.212 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-143-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Sat, 26 Nov 2022 11:35:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 11:20:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5EB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:55:04 GMT
expires
Sun, 26 Nov 2023 10:55:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FDF8 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b8f36f7c8d02ea63660f4dbfdaeb18097dae690ad6b60d987bf45f0f84ee3c1b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HBKLjUrHmVVoulwT42L-bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-HBKLjUrHmVVoulwT42L-bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:14 GMT
expires
Sat, 26 Nov 2022 11:20:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
397s7r68o390srp5130q8o9n411n6733playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/397s7r68o390srp5130q8o9n411n6733playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c769d986deded0936c5c2216166e832f2263062065848f572310700f02e7bff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:13:24 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61611
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Fri, 25 Nov 2022 18:02:15 GMT
server
AmazonS3
etag
"ad5ed1a783b2613d3810238079444e29"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ie8Uw54-pUGLbhqc34F8ckGxfKm893YLKXqKRHHaxsGfEbH8qYamjQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=214921874&version=7.10.2&age=221126&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=3422.4&relativeTime=1046.7&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.546.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=214921874&version=7.10.2&age=221126&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=3423.1&relativeTime=1047.4&sm_id=2385087&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.triplelift.time=263.6&prebid.bidders.rubicon.time=218.8&prebid.bidders.pubmatic.time=215.6&prebid.bidders.spotx.time=263.4&prebid.bidders.appnexus.time=38&prebid.bidders.ix.time=127&prebid.start=3137.1&prebid.time=271.2&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
5o2rpr3r10s1oo48po09o80023op6530base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		7 KB
7 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/5o2rpr3r10s1oo48po09o80023op6530base.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72d381802417f441d82a25214689414b14ecdf32941461a88ab0b3c86f2b5612

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:13:25 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61609
x-cache
Hit from cloudfront
content-length
6736
last-modified
Fri, 25 Nov 2022 18:04:03 GMT
server
AmazonS3
etag
"6c35fd49ea361558ab435773bb202dff"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
wqyuwnf3pMB6jztsFrj-FTnTu4blwINrOrIJ_1t4EXwdiZEarPKZQA==
397s7r68o390srp5130q8o9n411n6733.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		1 KB
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/397s7r68o390srp5130q8o9n411n6733.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e090c27e54e7f5b60c469aa8c68003f74785670ab196af2f004021a739c9fa32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:13:25 GMT
content-encoding
gzip
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61610
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Fri, 25 Nov 2022 18:03:03 GMT
server
AmazonS3
etag
W/"5f85e006bb516151d661a8cec19d3657"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
flQwhCJZzXLL5WUdXx43NzsrMQg0o5bkoltR3i-IX54zGrqfDU1Lfg==
397s7r68o390srp5130q8o9n411n6733-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		355 KB
355 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/397s7r68o390srp5130q8o9n411n6733-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c946cbe31a4e61fd21aa1fa8c939fabd9b8f21c36aa68396150f46509307483c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:13:26 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61609
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
363028
last-modified
Fri, 25 Nov 2022 18:02:59 GMT
server
AmazonS3
etag
"6ed2a5c0646a0c4eb8b8bb457823abad"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
qx1N2yUvE1ikPdQKX0IVZn9U3O-n22snvrB-A1Xq4vd8-17mjkkFYQ==
ads
pubads.g.doubleclick.net/gampad/ Frame 0F1D 		23 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2385087&us_privacy=false&cust_params=sessionKey%3D214921874-f_wVLeZKYGWH5LyV%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.10.2%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D2%26us_privacy%3Dfalse&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=A856DE13-71F5-4E49-BD92-3BFAFD4654D2&nel=0&eid=44748969%2C44754608%2C44765701&ref=http%3A%2F%2Fleaxusfinancial.com%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1669461611985&idt=2329&dt=1669461614781&cookie=ID%3D3393c437463bf46e-22827e2793d700b1%3AT%3D1669461613%3ART%3D1669461613%3AS%3DALNI_MbNFj7Cc0Jif7f0SqaasNd84MOVSQ&gpic=UID%3D00000b879d8aea98%3AT%3D1669461613%3ART%3D1669461613%3AS%3DALNI_MY9yNf9iIm8t46zyY6ziE7HKrJ2vQ&correlator=3037039215641314&scor=4172687931998021&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e85de0dee826ab9f4eaf558fa40d5c116742b26574814b5bcf7e31fd76028ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1429
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame A5EB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 14:14:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FDF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2744135196372194&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
dbd9bae7-284a-4bc6-a19b-18f9e75c9b76
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/dbd9bae7-284a-4bc6-a19b-18f9e75c9b76
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ea1b16a2ac695c0b0c7dc62485cd8b3115c16250d15966416b95ce589068f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
generate_204
tpc.googlesyndication.com/ Frame A5EB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bTrUUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
397s7r68o390srp5130q8o9n411n6733.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 KB
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/397s7r68o390srp5130q8o9n411n6733.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf9bad18e1f73d678275f79a6c1b05c8e1d49eb406b02b4f3f3cadbdd90d0d76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:13:27 GMT
content-encoding
gzip
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61608
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Fri, 25 Nov 2022 18:03:17 GMT
server
AmazonS3
etag
W/"07fe2b5fd7c95cb602bb19246603da23"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
4aVNGjLaSdu6B3zf7zQf6i0sbXS1KZMSCGDR7IYj2lpz6Hr5ETxJzg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=214921874&version=7.10.2&age=221126&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=3690.4&relativeTime=1314.7&alt=0&sC_ID=8783&sm_id=2385087&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=mxKRwCZeX7&USR_ID=214921874&ST_usrKey=f_wVLeZKYGWH5LyV&SM_ID=2385087&C_ID=12018&C_companyName=Adapex&version=70100020&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.109.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:15 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 26 Nov 2022 11:20:16 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0F1D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214921874-f_wVLeZKYGWH5LyV%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.10.2%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D2%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.121%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=A856DE13-71F5-4E49-BD92-3BFAFD4654D2&adk=2458199627&correlator=3037039215641314&ctv=0&dlt=1669461611985&dt=1669461614978&ged=ve4_td3_tt1_pd3_la3000_er270.20.425.320_vi0.0.1200.1600_vp100_ts0_eb24171&idt=2329&is_amp=0&omid_p=Google1%2Fh.3.546.0&osd=2&ptt=20&ref=http%3A%2F%2Fleaxusfinancial.com%2F&scor=4172687931998021&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44754608%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.546.0&sdr=1&vconp=2&video_doc_id=2385087&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&loc=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&cookie=ID%3D3393c437463bf46e-22827e2793d700b1%3AT%3D1669461613%3ART%3D1669461613%3AS%3DALNI_MbNFj7Cc0Jif7f0SqaasNd84MOVSQ&gpic=UID%3D00000b879d8aea98%3AT%3D1669461613%3ART%3D1669461613%3AS%3DALNI_MY9yNf9iIm8t46zyY6ziE7HKrJ2vQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2744135196372194&correlator=2806602305356698&eid=31069596%2C31068366&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=3073657333%2C1482148115%2C2429697290%2C2429799460&sfv=1-0-40&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D400%26wrap_l%3D2000%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D500%26padpr%3D20%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D600%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D3393c437463bf46e-22827e2793d700b1%3AT%3D1669461613%3ART%3D1669461613%3AS%3DALNI_MbNFj7Cc0Jif7f0SqaasNd84MOVSQ&gpic=UID%3D00000b879d8aea98%3AT%3D1669461613%3ART%3D1669461613%3AS%3DALNI_MY9yNf9iIm8t46zyY6ziE7HKrJ2vQ&abxe=1&dt=1669461615128&lmt=1669461615&dlt=1669461611985&idt=1697&adxs=315%2C791%2C1230%2C0&adys=150%2C1012%2C245%2C1894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fleaxusfinancial.com%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1824&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=1759178039.1669461614&ga_sid=1669461614&ga_hid=792846842&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1cdbc3a0cdd596970f248964173c62f9b54b93a9913f06a28240d5e5c2d507f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24921
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 967D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
expires
Sun, 26 Nov 2023 11:20:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p
sb.scorecardresearch.com/ Frame AD59 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1669461614044&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=239638&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2385087&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1669461615331&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1286&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dleaxusfinancial.com%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
OI6wTE6hR9t-RCujD-VQQUMxKFFqpqA9JkCuf0CY4vEG68pUX9Y9UA==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=f_wVLeZKYGWH5LyV&instance=214921874&version=7.10.2&age=221126&cmd=PLAY&key=eKVKXbhX&c_id=12018&seq=1&order=7&absoluteTime=4061.2&relativeTime=1685.5&alt=0&sC_ID=8783&sm_id=2385087&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.40.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-40-19.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=mxKRwCZeX7&USR_ID=214921874&ST_usrKey=f_wVLeZKYGWH5LyV&SM_ID=2385087&C_ID=12018&C_companyName=Adapex&version=70100020&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=leaxusfinancial.com%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.109.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-109-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:15 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sat, 26 Nov 2022 11:20:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2744135196372194&bg=!XV6lXhrNAAbvMpMzzzI7ACkAdvg8Wsv4qbYOE48AHEV2nToW9-uk0XVcd3A4zB3MjgeTCFdg7hyv5QIAAACFUgAAAANoAQcKAMTeS-Uu9YvlRzeK6r5TxcgseLCTy29s2ysaXhSBREhHK3BwafQF5pVwfLQUD8W1zLiHJQyzeN9Mirb-FpFGasnGf18z558TX8KFJADji2ODhYpsNXoF7nY7M0D0sX9LXyUr6Mk2OQgnUSpXeQbrVkFFLQT2jvd5Q8cXD3dbgsRDjGF_xVqyYeDq1wIuxC9gK4yphnlonR-AoFylbUUKt3qpSpqqQ2p7HIqfEBUhJSfW_uH96Rp4_WxllIBqvaifZw6lqtDZmQKddN907WU_Smqw53jDt9Y6QgcM6-2dfDNtMEoqWvYD57axEruMv4gnhrv6l9BdnMvg1vF4nF3qFBNf7oe7Al7ZycYuoLhYiedCNpFtyuK_crkWj3zDUh0HHkx3nTiIyUqV8i7uS5aWUdRtwB-tqR6IiXnAXAXgXyt3hDQ6QxehCbEi0pnjdWAX_0mk2LSHnZ33MSQIU2qXF47rLqAFvWojnfgnwsxCdiXxkf076uW969jF1opOQQNQNqoYdTGuOhbG12GJY184ivxMwNRB8RlloqKT9gIe0VAdcfzEQD6pPPPc4aFl24zzhijOuHLVEv1KaD9sHib81BZY__dnkKaRlk6oHPMUN1elukzvBQFj-lU-__0Hvb69NmyS2B0BoQDMQ-RoqNW3ZnCUGz9QfcTFwVnJcMtooDH4aAIjUe06oeMvIi-uAbpIOS124zsYoggoxJAbVi5qRKO6RhGe82VtKE9d9GzZxPfe1FxNhQru4EIBN7nAXBbZ8V84hVQLeKwIiH8dV5lb9EE_JMBfTewfHgGofjCABuyzjmcwN-nMczA2zaEpnYz7HdTCwA7yUWf79dxrEHRyjS9aqiVl6mheP83lM6aYQ6s6sPTiHNa_qYMgG33abGeaUrP2DVBrH4A36rhXER2Tb7KwfwcfIlyLyRogscFC3eKGKcm06JwzyWsZa5yhb6Y3HghCpjxXYKs2kquxvfchMxNh-Zuw3yCRBjViEgpNdQCa55cSKCrvtuj0dFTvlp7siYFkLIvvXpOfSNvSe7sNyan7R_09E-gxFh4IRgcNy8WWNS4ipHNcegI-3jnjb1T0ozydv3A0w1WfRqirfiINp5q4S1fVHW4HE0i3ul6Z3As7CG-6VKoxwgiI15EFEptrQZPnpCKh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
envelope
lexicon.33across.com/v1/ 		49 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?resolve=nonId
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.207.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-207-182.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
9bdea3b3235e5c80
vary
Origin
request-time
2
id
id.crwdcntrl.net/ 		43 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.26.231
access-control-allow-credentials
true
content-length
43
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.189.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-189-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cache-control
public, max-age=86400
last-modified
Tue, 22 Nov 2022 14:36:26 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS623DQBY0CG4WQ2
age
3290
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77023bdacdb590f2-FRA
x-amz-id-2
opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 11:20:16 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 19:00:23 GMT
content-encoding
gzip
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
58793
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
OELiKRqktTnjWi3x2LAsl74AEzWrKDuUlcHtc7st-KHJumzB5vPPtw==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.199.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-199-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cache-control
public, max-age=86400
last-modified
Mon, 31 Oct 2022 06:06:26 GMT
accept-ranges
bytes
content-length
3211
vary
accept-encoding
content-type
application/javascript
container.html
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0228 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
expires
Sun, 26 Nov 2023 11:20:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F05 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
expires
Sun, 26 Nov 2023 11:20:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B75 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
expires
Sun, 26 Nov 2023 11:20:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B35B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
expires
Sun, 26 Nov 2023 11:20:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
579.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d6c9cece55c158bd58a6b9c1b6e6c7c71bf1f3f0a0b14f3088629c59bc0f4544
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0111 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBiLwY_YATAB&v=APEucNWYQBf-mar7zjaEqr-3plIzkxjnIeNnf4wMXVKymDVPl_VsM-rN4NivyGoWIOy_LlQeCjOMDBLk2FEPL9RIY12VjrkPkLDrb6QYhrjn8yc9IzvbOkeRSG-BkkTr0F2RP_GBN6o02wXGM8zePpz2hSSmUZtoppAFc6SPx5IkRaxfCLrFmZGfGJYLJHeCvDqp0lw0ey-PEt-nFTovbKwVlncjoWe-FA
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0228 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYFAXN6rP-Aurc-wVIBqu6iAlvCEkLZRlyN-AerOPQJGhO4vAJQIypupqKdQvKGEIl6goWAciyg69oBFNXjNCwzGFaAhEcAUiwZIiVIrgW27-KtjE3l22InTgThKL8jT9HZdJC8QjN9ewEF1GYlN41kbWtUpbtOiGuv7HvLgzrXuJeB7o&cry=1&dbm_d=AKAmf-D8qy0rq_jLI_ALgYiNJD5er6Bf22awgcnnovq89nB7pqalpSThmCcWqN1ice1q30AKHy3qTBEfoqf-kwidVPcEJn4imJTaWRHZ66svgxh8izoVPmXxxUhof6_Di_dpiLQ4NiNS9UKF0mPKSn971VTNmPT6XYlUGa7ajM8hQ9ayHd3OmWG4WvjaSyE2c99Y5-yngLW6Xp9TQBUmLLSWCh_pa4IU-MYqFLRwL9GpIeTF08yNjOsDrQjQk49uNKPUvv0XVTDpnhSq6x72Zoze9AyGkdg67mjPZtJtmMbFctQKqY9Z3NcAEseuX9lT0q9yxPmBU3iWW9wcPvVpXvmx01_C-d_fZ2mSYksed0Cp3mWOkjAAJgjp74PHw0ZZa-Sx2RIO4DkP8r0C9cM-BKch1CjgSAlfJ27lteawZ7Y4qb4IHU-N36ZD2ig0vatUiTX5zhs6QH3hWqRBk7tVYd0MMgm62G1q0ocV_AyAzqlj-c9PQIi_5wpQWLHqhlBS19EeI9B2B1OxgYrHAbamSPjnwUEN6AWFPYLEkKcdC7KLP9a3G4W4xUhcrIRss1DHHImEKFQyDay2LUPW4IFweeLGsNbfD5JYrq08AO4k_XNzlxkrLE7G50BHXiuv2YRmWI0Y52bGhtWW6_0KuyFC84T4wrawZt0rVqdGM8Ui31eshXB3JvGG1Owgfpt-4n2paae-HJGK29FGnsAx4Px7L6esuMO6XKhwpOzDiS0ex4w52SB66Z6ClpXmPH5S4woyRPdmCUVMOODbYYp6mW2pdNKgLyc2Pn6c8zzij4XMPPalaCJrlhrZ3lHvpyErerzpvp2eisTw2EOEeq3Ub5vXV2DcGSGSGjx1lponJ7dmLTXHocqeVVlM7RORvbRKvCVoAmOPnXsi-IBxRuAV17vThC3yzKGC0gw72F2B3v99vQ1uBqB9jhz2ZD7eerNJgQt03GkFBpE6R9U0AZjKnmriAtbA_ABMw8viBMHvsBNP7XyTVWJr-b9lCmOfrlAxtr3Z_gSMrh2PpQd-kKynPCVkZviTCw0s3rw54w6HdyJTkRmg30KSBkgudUD__jEm8_TFmWrauEbeYBhEDNIAQpfEA9Tm1-2rrQDYhMJhlZywa_y8ggKVoy_bElrYQIB7NCfzut8GUblyHKTHS3__poc3H39MVAHpeFSIJOBF_yGn645v9RDKXOi1zv2nZ9Gvkrw5tvh7AyBgdOsZJWCsKSjCyTZQUwUAOKi_aOqLx99h-DWASpcGC1z1hzgHRunE7al1PXkjnFQWA_b-GMpGNU-bcg2PWV3I6vAGypWsOUKLz3c1dugzjkatodW7cSCYhq2X5YNmB5zcsWVNtDK0_xyr5T43IWLgeSQAbZMePRc7_S6Ic9Ztpj5JLEckswrs6WbXV8v5eKkQgr5ipj6gI6CEDdRJyxtVxqsUAIacgjEiWGGaArXWMBNQl2oAEuIzXWtpU9GNT-JLq-EB8h5a0jjm1vKdIpo6eHb1tn_qFDxfjJHPiqVmeMc1O4fBaN73Uoeq3gecXZkZckaeaYgDyz1MhU-AVGrRztYgCpHb2YzhDlr1y7G0kWf7y5xvBfTSiqV31Gjasxqpod_n5gSU7xkEb_LV2t41QS27r5dsHw9o9qIh8ky_AqtdOkwWqazWInx6LlWJ_FPOBb8484sqZMODzYpe3QtxnUt699060DtjyrnQqzVBXMpwRZO59zWMRXbe12B4IZSThH13Qais80m-bgIRLMUgzk0n-bE0XZEt9ZgOnuRapFQAXa3pK5RpEcDlYAEz4tljpwHh6akL51MsD451PiZDm3aqD4H19ECiUcUCCxb79AGuBOb_Wfse6XlkG9FMXL3hev-2TcHPO-o3tpYYFj8u7zEEpzea4eCEzdOHWAnRYrdsYyOQQ28ygH7AHoskx5xEquWoasKr--_eUalKMT5Ih7aMN7E6eAvTz0Nk1KoBxb5buYSQQsam1UjinwUwttuyje5vao551-cXCVbUX-z32iqnrnaUdiGS_FlMq9rRX0EgHyj0R9p2Iq-zBDsp65ebdxbEq6872xX6Q8BU-3ZUSlrGGDcWt2qrffUGxZ4q_sHOGSvE0SgZIuO1ecbpJ9SfmFWbT15jcZdoEzAAcYuPrdd3B9MwpvPdcCmj5KwVvuauHsmDKhDzZj90SjnFdppL-eyyYy-i7tNbMlxxKyVBRoTsMQQVWpm_6OdEkLEqy269iubRVqxy39lHP_7I5Lxh4dkLa6r1-1AwMv8yea5QGOgg6CzdEkFjjs1VY_dUNusyciMFLH5uCFKi3Ll-Hdb2JXw0g5MwkPbcJxiGKqBlbc-sQ57MDWEw4B6a1oUrqXorjVq-gxUzuUEsKNZ8ZfofcZUWaXkIkIiv6oo6C4-Dw1-ttM6jSeGAEC-K1Ck61_iKWuAa2tZ2ThGsBB4wEMdGlIVCn8g20ny7O8tNw93m8JOBEkzVhaLZoGvN955mSlCKAPjPH-4lK0P6UNEKABKdJ91tnKa44806fSAD0KIqA-qU6Kc1BQkEvd3CEJGAEdCPoD0lA3yrwLu_3GR1a6p1lVJrv_QxpZk62b-ktwpbedAXC752lMm6NLNrJdkBYcx8p4QZJQrZ7Mmsz4ZFqs6JikDAVQCNX24wsGkrCxcDJ3nOGuC2KGiSxvj2lUwzZzrE42fUd7yLMWu9rndcJAfzCl3QktQ28sEn1pw-bgJLbL068Daje_1wAS_FQAw3ttk9aJoWtBbjWYo53VDXGqKlOAuJeIsH0miOTG9LzAnaz8c-jjbR7tKAFmiiz2vcig2OWKyOKajObIo_oYUZP7emGEIgOVSNrPzx_0YWo5zknaDTH0n5LbYIkHNMcvv84WsfPhL2nGVWa0dEN6bxRW8PklU-O8uibgo8JevKDRys1zUqjK_whnkGzFOeBsA4gfSLPd30LhZGsIjjGj2dYyKdZyXnVrby4t-FcJmk_QfcrCgy0LuSVsFbj7gb8PsZASnfEFNbSzc1taJbnh7YlWY146VXQilI6st-CTSo71coiukUhSR7JE6hMV9ihencUcPlKx9-kBqMHlD47rJTuGgrks3Fz_OdHqj_qOjp9DYz_3ceOIrzpHuTXzhdJhDE_vcEkiMEGJJ4ktdRi1gCXrY_BK-Sc53hFx60AnmV5DFg89undKf8_b8pFnONBxbUUVcYa5Ma9St_XM0yP80O3G49OE_EIT_BaGKWLRBmKDC_swFNVkt4bYlwp-HBEpqRby-sSjEa7zgqiTFkq4EbicaVnTwWWQh8g6mTQYE0LOnCd2iBOfVoI-Yp5bEU_rpH9iI3Lx4&cid=CAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
025031785e86abaa3e43592a6f53f18e1dd435ceab8988dbb6b4837ba070027e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0228 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn3gCmzerG1yln4y6s7o5V12taoUBg576nOELdMc9eHHtRUY-_0B0QkPDTSDQRjk6SQj6Mm01EXf69yr1e3Pm7PSP1A2wnoWw-eJ2WezuO-Ft1bog
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.audiencemanager.de/ad/ Frame 0228 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.audiencemanager.de/ad/?pl=63468d106d216e35f43d8a53&cb=1669461615196105&tc=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3D
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.117.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-117-113.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
92990c1cb6fbc2f88d317d44c369c1a2f8b419a495cf199ba869ae585837d23c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by
PHP/7.2.9
requestid
1be0cc6381f66ff125c1328531937066667285
vary
Accept-Encoding
content-type
application/x-javascript
status
200 OK
hostname
10-0-13-249
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
responsetime
9
content-length
3090
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0228 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 08:31:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0228 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
82587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 12:23:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0228 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 11:20:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5F05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvYGrb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE-wFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxhwn91vzu0iJRRtUnBPRpvCj5TKDIIAbX5ms2sbvvZlHMhqfs1hCeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=x6nyXao2GTI&uach_m=[UACH]&cid=CAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5F05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLikCdACmAKdg2ICAgAAANzcIsRkPmti9TWInwk5jtsQbvaBY36SCLo2ZTiLAyRbABIAAA&wp=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
277038
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6C48 		135 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2a5cf60a53f1354b4dae619892c42618b287bc13e7ebc97fbbf3ec3658bffdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KNuzptXDmeafmHmVCPca9_rC3rixEAO8tcaFcudpYV7USM_FeZVoCVAfH6uPzq9f_tNrMp8BSrUe2aMzNcUzD-BN7zEoPO-yI1A5HtdIlDB7sl_WFNztZjehUGdPnu83uy-DmCzU5eYO7uLpLL9-9YzbtXJIbQ0jRG0Yq40fb2L8OJKFkCgzJqMvCeGEk358wCpgdkBaSeK3jZSDozyxR6wffo9H_5zpPzAZhJfz-JVBj-oAks7QNb7hwkyHT8TUne1ukw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
76516572
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5F05 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 08:31:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3874 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5F05 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
82587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 12:23:48 GMT
l
www.google.com/ads/measurement/ Frame 5F05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0VRqZXeNpMunZzEHjxG_891ZucZQ9NhnCjKKjt0KTMnDQTrUv8uTZwwUlDk2eNnX2nD2f78CF9mZu_2ZERhbN1DX0wg
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5F05 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:28:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
258696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 11:28:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F05 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 11:20:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8B75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWhCjb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPgBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7ZaeG6Dq7zG0EGwPa89c1qiLjj94iohmVsCh2Hrco5wJEjEHEVzDgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=3VNvTwDcyaE&uach_m=[UACH]&cid=CAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 8B75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k9pn42qfjg4xmrjrtxrtm3qwbg9sg8dqrazh6gf8x3n9rtz9bg0b67c8pfj42a0zdts7wrz166j9rcn63g4qv8et9zngfqxmrq12f7p8z439hkznazqcgp6qnp7dxnggpnqxxxc8qdpesdp324xq7j3z94p4frsx43hq26fdsjej8nqpk6py63fd65bw8n4nr3252q64vjhya2jjmvv75334xapn15qfgfd59s8hpry6yrfmx86sad52cx29982ymghpt3rhc2fr90197yzjy4r0a446dt83j72k11f6q1ps0tmj43peqay6j54wpszk8sa3ayv6s3yemqevkx0dxfcepabze3drcyy3fvfd74p9241fh2e3ya0kwzxzxndaapazwnad8&b=Y4H2bwAC_gsK01PHAAapd-_0VeE2oZg2VRM4AA
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5A7A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hyqdy79n7jyv12ks8hhjbw7cdj60ts5whqgg9p09dzqf5pn9hvxa740yct3thfrmscmbt6tb3s3t3f4jvddvn821tnte73xght4e91wqss113w7d8yrwqm7bm4s4r1f0hjsg33fr8g6snj7cb18kvkrjfe8tnm7ae5a33sd3z2vbben57ymqhpfhbjkj4jx55av8chnb654ejb4cx3mkdzn7j985nds45rrkheqrykd23jnfv26qra6zk4bnadkhfp8y4fzxpk4p2b4tcqmta6mrvf44e1at1d1xc77yqbxhan2a28yq1benjgksy3bm4hkae7k254pw1sr9pexj8ajh1zj8pxhv5fxh1mv4cy08hgvxfne150kqz7tpc1bs01rgcrvmsg95p6gepdnyk4p30hkf2jy2rwtpx6kxs2nycs0vqbft&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c4fc998a6769dec5bac34ec6e250f9d5cc66b5b2ba8956fadf14a2602204a9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77023bdb9e7e8ffe-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:16 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8B75 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 08:31:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E829 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8B75 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
82587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 12:23:48 GMT
l
www.google.com/ads/measurement/ Frame 8B75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1rJ-bidAGfXPX65hDFEHsD_EGj-NXOcMZzlziQfk_H7hOf9MEDqAnkmLgvw8YrUNw0CsrPkdg5hmDZanxxulqPODDGQ
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8B75 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:28:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
258696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 11:28:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B75 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 11:20:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B35B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYi0bb_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIECT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONztucmc131F9U0SDdex6CkxOOjsdX_GAiv6W7djef7h227MMu8YDgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=Boy6N_FE0sE&uach_m=[UACH]&cid=CAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B35B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g052xddvc6tehhbbvycgj6dr8yrhxm87a4jd38ky8t8gvf1kfzv7dm82d7z4qdfwjf204m3jjtjdbypj04pjapkahvmffhmh82aanxjh89km9v5yh3zwtcs00j5t9a7x0qch93j8xbk3mnz863va31j8p64ampc0azx275fs17jd40e0kbx6e3vasw42jvyddsxcvzh737g8c7bmr999bnqxaprmvnjvtnbq6p3t5p6hjhqa5jyfnbpvdsncpx19z2v93hbxg26nztkm2eev4kw8m79nj45eynxmq03evzmqnk4yrtn9v9tpmf6pkefhccgp7mnhn5z5brazqqk9zqdayf1ybjv6bsz7z5jev50dcx3m83dpqh1yjest93z9h563j1rb0&b=Y4H2bwAC_gwK01PHAAapd5y1jAt7jCcAJQZ_XQ
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame AE06 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h8zf77bntq3y3w65g04bf6k347dm0t1hh2a4t4km72af2wf46afjcgt89qrf3sxtmebcwf0zjhngg8rrw3mv62rmadphpq8hkx4sdkz35mvmtd8yw5n4r71ehveedhgff5q2f0pswytszhkgkvhpcqza4mp5h4fcvtw7v316vyc75ta71d8chsa31hvh8a2shm7stc75vyf589z50enqxgt4hrm7x1yk7kd19mrx9k36c3zkj00ss5kmn3sdwk2vhxzg57en3j4getkegmwetq5h4rww7tmfbh3354tmavxdprcz6k758c59s23wn27g7re75q75vb9wv0j96ghbb427wr59pgaj64zxkywaw80w8g8802mypgk33w5tcypys94en5faahtksped66w85ryszfb0qf80ds87ff1d3tbwwzbtc7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab78187780f571d6784940f65d561a440932f8e67706ecd546d6b7cf617f1f79
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77023bdb9e818ffe-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:16 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B35B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:31:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
10136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 08:31:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 709E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B35B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
82587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 12:23:48 GMT
l
www.google.com/ads/measurement/ Frame B35B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJwDZgY_032xYnDCRVerwM0AD0i_vbXzXZELGTVviYamPuOnC6Q7CKl4TX07FD4EyMZuMv2cIeTVJQRo81TRHfc4H-wQ
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B35B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 11:28:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
258696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 11:28:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B35B 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 11:20:15 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c495ffc646089069063ff59dc5caee54e12ccc699164226a8ac2ec71bf5b7114

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.19.127
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
rum
dsum-sec.casalemedia.com/ Frame 0111
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBiLwY_YATAB&v=APEucNWYQBf-mar7zjaEqr-3plIzkxjnIeNnf4wMXVKymDVPl_VsM-rN4NivyGoWIOy_LlQeCjOMDBLk2FEPL9RIY12VjrkPkLDrb6QYhrjn8yc9IzvbOkeRSG-BkkTr0F2RP_GBN6o02wXGM8zePpz2hSSmUZtoppAFc6SPx5IkRaxfCLrFmZGfGJYLJHeCvDqp0lw0ey-PEt-nFTovbKwVlncjoWe-FA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 0111
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4H2cEsonu6kfQlj8XmERAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBiLwY_YATAB&v=APEucNWYQBf-mar7zjaEqr-3plIzkxjnIeNnf4wMXVKymDVPl_VsM-rN4NivyGoWIOy_LlQeCjOMDBLk2FEPL9RIY12VjrkPkLDrb6QYhrjn8yc9IzvbOkeRSG-BkkTr0F2RP_GBN6o02wXGM8zePpz2hSSmUZtoppAFc6SPx5IkRaxfCLrFmZGfGJYLJHeCvDqp0lw0ey-PEt-nFTovbKwVlncjoWe-FA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJW10HpZ3ym2IOD8cfAbG_I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0111
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1GDSQHfZEikd1f4jk39XA&google_cver=1
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1GDSQHfZEikd1f4jk39XA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBiLwY_YATAB&v=APEucNWYQBf-mar7zjaEqr-3plIzkxjnIeNnf4wMXVKymDVPl_VsM-rN4NivyGoWIOy_LlQeCjOMDBLk2FEPL9RIY12VjrkPkLDrb6QYhrjn8yc9IzvbOkeRSG-BkkTr0F2RP_GBN6o02wXGM8zePpz2hSSmUZtoppAFc6SPx5IkRaxfCLrFmZGfGJYLJHeCvDqp0lw0ey-PEt-nFTovbKwVlncjoWe-FA
Protocol
HTTP/1.1
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:16 GMT
AN-X-Request-Uuid
19ad9fb2-b3ef-4889-bec5-5be67d243c4e
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1GDSQHfZEikd1f4jk39XA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0111
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEyNzA4MDQzMTExMzI1MzQ5Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEyNzA4MDQzMTExMzI1MzQ5Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBiLwY_YATAB&v=APEucNWYQBf-mar7zjaEqr-3plIzkxjnIeNnf4wMXVKymDVPl_VsM-rN4NivyGoWIOy_LlQeCjOMDBLk2FEPL9RIY12VjrkPkLDrb6QYhrjn8yc9IzvbOkeRSG-BkkTr0F2RP_GBN6o02wXGM8zePpz2hSSmUZtoppAFc6SPx5IkRaxfCLrFmZGfGJYLJHeCvDqp0lw0ey-PEt-nFTovbKwVlncjoWe-FA
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:15 GMT
AN-X-Request-Uuid
68b18aa5-523f-4cbd-af4c-0f2d022e4349
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTEyNzA4MDQzMTExMzI1MzQ5Ng%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 5F05 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dc3e11d42c6a5197f04dbf3f61a66d3cbf52dcbf970ae1213b9dbd2f7b5685b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3874
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHaJGWEuqlxXSbLIbIpFDZQ&google_cver=1&google_push=ASkJ3FbWyAJwzbOR9ywO4pbGEcP7JsJ6caho2fZbcVJbQA5I_x6cwaj16nuVKfo-CRbym-BD_Vl3jczinK-...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbWyAJwzbOR9ywO4pbGEcP7JsJ6caho2fZbcVJbQA5I_x6cwaj16nuVKfo-CRbym-BD_Vl3jczinK-VIqx1SxpaXhN154RBMUr0OwJb88rHlStSHu5dPyFV0I6pMcN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbWyAJwzbOR9ywO4pbGEcP7JsJ6caho2fZbcVJbQA5I_x6cwaj16nuVKfo-CRbym-BD_Vl3jczinK-VIqx1SxpaXhN154RBMUr0OwJb88rHlStSHu5dPyFV0I6pMcNa23dgJxUoIaL5&google_hm=bg-xqFX6SDyWCH3RIqT5rIU
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FbWyAJwzbOR9ywO4pbGEcP7JsJ6caho2fZbcVJbQA5I_x6cwaj16nuVKfo-CRbym-BD_Vl3jczinK-VIqx1SxpaXhN154RBMUr0OwJb88rHlStSHu5dPyFV0I6pMcNa23dgJxUoIaL5&google_hm=bg-xqFX6SDyWCH3RIqT5rIU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3874
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJC67_130eSRF8YWT-FGYMA&google_cver=1&google_push=ASkJ3FZjnyzuKib3PNOXqOo26lM_m5FO_ZgXhEt5vbi7mNGHJP4C6wsMvdqAAg4_D6tmxu7aEguXV3Bul0-BUBF...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=n4uNxImNQPpquIOsmt_TnNly14U&google_push=ASkJ3FZjnyzuKib3PNOXqOo26lM_m5FO_ZgXhEt5vbi7mNGHJP4C6wsMvdqAAg4_D6tmxu7aEguXV3Bul0-BUB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=n4uNxImNQPpquIOsmt_TnNly14U&google_push=ASkJ3FZjnyzuKib3PNOXqOo26lM_m5FO_ZgXhEt5vbi7mNGHJP4C6wsMvdqAAg4_D6tmxu7aEguXV3Bul0-BUBFx3cKafQ4NcJUMDYPg1fu9TKdL0TSEpefhA2a6ozpDiHiRLAKvVOCX4cc
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=n4uNxImNQPpquIOsmt_TnNly14U&google_push=ASkJ3FZjnyzuKib3PNOXqOo26lM_m5FO_ZgXhEt5vbi7mNGHJP4C6wsMvdqAAg4_D6tmxu7aEguXV3Bul0-BUBFx3cKafQ4NcJUMDYPg1fu9TKdL0TSEpefhA2a6ozpDiHiRLAKvVOCX4cc
Date
Sat, 26 Nov 2022 11:20:16 GMT
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 3874
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE9FMhLKq4KZtyrh8nQ3j2c&google_cver=1&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEE9FMhLKq4KZtyrh8nQ3j2c&google_cver=1&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9uJCYF8pTnWTu1eF597X3SBf7oaOK9YFGlUvubDBXCecY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9uJCYF8pTnWTu1eF597X3SBf7oaOK9YFGlUvubDBXCecYSwk-gxLoJc&google_hm=FtyotGZHrItODIs2QKO1ecQV
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 26 Nov 2022 11:20:16 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FaWYzcpzuSGu4_0TBjuEjPVzV-oub8Muj97KOMsUslO6LA6M29dXC2Rkdpv7FKBWw6uFJaF_rwypnL-wFyf9uJCYF8pTnWTu1eF597X3SBf7oaOK9YFGlUvubDBXCecYSwk-gxLoJc&google_hm=FtyotGZHrItODIs2QKO1ecQV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3874
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELrmBZQwHnhctQV8rNcQI3M&google_cver=1&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6goh...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6gohA...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExOTgyODQ2MDY3OTA1Nzc0NzA1Mg%3D%3D&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExOTgyODQ2MDY3OTA1Nzc0NzA1Mg%3D%3D&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6gohAjO2is3ZxpUzYJTjVPaMtmvX6XbCpDpWj2-3dSHoC9dtbs
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExOTgyODQ2MDY3OTA1Nzc0NzA1Mg%3D%3D&google_push=ASkJ3FYENYDjHtYN3x9m44QfPj_bmWy6wtxcPYdjsO4aVcCW_8yw_AKsleh9aV9OjkhRbcD-3D76Bza8OTijtEzu5V6Qfl6gohAjO2is3ZxpUzYJTjVPaMtmvX6XbCpDpWj2-3dSHoC9dtbs
date
Sat, 26 Nov 2022 11:20:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame 3874 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEBLECa29jo_sPOZxfpYyT9E&google_cver=1&google_push=ASkJ3FaYU1F0FHj5s8fePN_h4pddEC5tdyhA83M3IYjv9kTlSs3PaI6xdskJz_L-Ohwdfc35kPPRyuW7iXUBN1GxKPM0ZxP2xieaCsVk0eUMjdoDNiDkl8iUGpbKczDs3z-FNKQEaDH5mX8
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.45.237 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-45-237.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
awselb/2.0
0.gif
id5-sync.com/i/495/ Frame 3874
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEKnEO-kmW-251Zu3zmEtJv8&google_cver=1&google_push=ASkJ3FajIZb2VDuZ21xK1y6Op47mrJ6KKjkynNDSzkUyMJjbC70PC3sCe41fHwv3CoFbfwDQDKkTno-3JxN60vaLwVuE51ntrGlRCRSZ...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FajIZb2VDuZ21xK1y6Op47mrJ6KKjkynNDSzkUyMJjb...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FajIZb2VDuZ21xK1y6Op47mrJ6KKjkynNDSzkUyMJjbC70PC3sCe41fHwv3CoFbfwDQDKkTno-3JxN60vaLwVuE51ntrGlRCRSZA4j6UZSr045fTcW73Hki8EP45QNzeffiIlxsV5FlEQ
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FajIZb2VDuZ21xK1y6Op47mrJ6KKjkynNDSzkUyMJjbC70PC3sCe41fHwv3CoFbfwDQDKkTno-3JxN60vaLwVuE51ntrGlRCRSZA4j6UZSr045fTcW73Hki8EP45QNzeffiIlxsV5FlEQ
x-download-options
noopen
vary
Accept
content-length
317
x-xss-protection
0
/
onetag-sys.com/match/ Frame 3874
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIQe3caMU2oOKYx2KmTVSy4&google_cver=1&google_push=ASkJ3FYB9y8clq3o3etIgpDkdMFRgm0138Fza2Votxw5HwDsO49Jn4nAKVCbw2BbVbNU6oBoIcq1j3c71IX...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYB9y8clq3o3etIgpDkdMFRgm0138Fza2Votxw5HwDsO49Jn4nAKVCbw2BbVbNU6oBoIcq1j3c71IXL_gScqaSCNVOLFm46yTEHxwm_VOpN1HCZD1yv...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3874 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzLlzilofNisvjZ2dZ355ehBcREiPS8ldvB-3McUGjXBVlSgILMeuyndbrEHuRjSWozkvfvgI
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 11:20:16 GMT
truncated
/ Frame 8B75 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7027942234d07bc86d93352737d028aec6e820d0818f48c54019e35a7f89a053

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E829 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGA3S0DEEY-ffdMizZIuhqs&google_cver=1&google_push=ASkJ3FY3E7BLdzHlJR3swO0jnPu4ZW9So5QfBfIiFXyMZ0i6HuTgb94EEy5q9AeE6IYDk4qC5wGxyqhUBCYEfuQnL03Hc-i5m22p
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E829 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIBVr_XzyYd0BK9K2TZ4Mog&google_cver=1&google_push=ASkJ3FZrPySMG691sv07y2gCYK3dSPuyLYHINhP3LGSJ3fVThzLgQAR6zVAn1gRSiIQ--rDo4pZDseTqpx9Jkw6LwpZbXrUut6x4
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame E829
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELQABczIFdwTRSvhJNxSa8A&google_cver=1&google_push=ASkJ3FYo3tU66HAJqggrgF8ODrjRF7iAKewHyt_5sohe3ka0EnzTeMWUdFwptXtdPMOhtT27-d3fci0R3i0pmg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY1MDA2MDk1MQ%3D%3D&google_push=ASkJ3FYo3tU66HAJqggrgF8ODrjRF7iAKewHyt_5sohe3ka0EnzTeMWUdFwptXtdPMOhtT27-d3fci0R3i0pmgfKrv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY1MDA2MDk1MQ%3D%3D&google_push=ASkJ3FYo3tU66HAJqggrgF8ODrjRF7iAKewHyt_5sohe3ka0EnzTeMWUdFwptXtdPMOhtT27-d3fci0R3i0pmgfKrvVRf7w3aN4
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY1MDA2MDk1MQ%3D%3D&google_push=ASkJ3FYo3tU66HAJqggrgF8ODrjRF7iAKewHyt_5sohe3ka0EnzTeMWUdFwptXtdPMOhtT27-d3fci0R3i0pmgfKrvVRf7w3aN4
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame E829
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKBznJ2RLQ2tqTeAtPLqgEY&google_cver=1&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd0...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKBznJ2RLQ2tqTeAtPLqgEY&google_cver=1&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFm...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby&google_hm=NzSy6r7GQXqZqp-VjilzvQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby&google_hm=NzSy6r7GQXqZqp-VjilzvQ==
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby&google_hm=NzSy6r7GQXqZqp-VjilzvQ==
date
Sat, 26 Nov 2022 11:20:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
dsp.adkernel.com/ Frame E829 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHnXcYjYklVC6vLxf6nArYU&google_cver=1&google_push=ASkJ3FbPKnuZEdHKjRgJ_OAY_ZC3ENJ8vTU_OmFnb0nguKWjHOQaBERpPmJ2Qo3t4sAzqdfXzsZGH9lG_-wE3rokR2N7nuobrb5P
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame E829
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_hm=Y4H2cEsonu6kfQlj8XmERAAAFBsAAAAB&google_nid=index&google_push=ASkJ3FYhvUjpJDGsuY48lFFzmpBToHsQBpxmg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_hm=Y4H2cEsonu6kfQlj8XmERAAAFBsAAAAB&google_nid=index&google_push=ASkJ3FYhvUjpJDGsuY48lFFzmpBToHsQBpxmgEh5A-ZSELcsGtS7KT5xAC6kZTfc7OkRQPTVLgf7fkiuoc4UHB4DpME26M1L6eZd
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7IeQ%2FL%2FXjFnK2z5IwG5WNuxumJEMZi8B4Y5gr00TvFYXo6E%2BvDY0IaUcHFotBixN7WSnZoXhg38iwba6I2qu%2Fl33gWWGVixEGGk3mJuIKFCBUY%2FHU9l1cWy9awRPaGhlsl7V9Zc9lxjRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYrNfS3xMgbpbuf1oHXSLs&google_hm=Y4H2cEsonu6kfQlj8XmERAAAFBsAAAAB&google_nid=index&google_push=ASkJ3FYhvUjpJDGsuY48lFFzmpBToHsQBpxmgEh5A-ZSELcsGtS7KT5xAC6kZTfc7OkRQPTVLgf7fkiuoc4UHB4DpME26M1L6eZd
cache-control
no-cache
cf-ray
77023bdd8ddb6922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
spacer.gif
an.yandex.ru/resource/ Frame E829
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEGKVtohcJr5GDQwOYQOB4e0?ext-param=ASkJ3FZ0axaEPOtj7tA-VFKc7HSUOopYtYMT0o6b-ydF93rjONdOt06hRv6403iuSjd16FQuzPgOrQn1ZlHt09IbI1ndeGTNyWwNHw&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEGKVtohcJr5GDQwOYQOB4e0?redir-setuniq=1&ext-param=ASkJ3FZ0axaEPOtj7tA-VFKc7HSUOopYtYMT0o6b-ydF93rjONdOt06hRv6403iuSjd16FQuzPgOrQn1ZlHt09IbI1ndeGTNyWwNHw&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGKVtohcJr5GDQwOYQOB4e0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 11 Nov 2023 11:20:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E829 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-rLjbbh95HUvAKe66fTP9D9PR70BUkQGzJEYU7FbVkA8mKaYju_0jPokt5r0lOJbypMiRNQ
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0228 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYFAXN6rP-Aurc-wVIBqu6iAlvCEkLZRlyN-AerOPQJGhO4vAJQIypupqKdQvKGEIl6goWAciyg69oBFNXjNCwzGFaAhEcAUiwZIiVIrgW27-KtjE3l22InTgThKL8jT9HZdJC8QjN9ewEF1GYlN41kbWtUpbtOiGuv7HvLgzrXuJeB7o&cry=1&dbm_d=AKAmf-D8qy0rq_jLI_ALgYiNJD5er6Bf22awgcnnovq89nB7pqalpSThmCcWqN1ice1q30AKHy3qTBEfoqf-kwidVPcEJn4imJTaWRHZ66svgxh8izoVPmXxxUhof6_Di_dpiLQ4NiNS9UKF0mPKSn971VTNmPT6XYlUGa7ajM8hQ9ayHd3OmWG4WvjaSyE2c99Y5-yngLW6Xp9TQBUmLLSWCh_pa4IU-MYqFLRwL9GpIeTF08yNjOsDrQjQk49uNKPUvv0XVTDpnhSq6x72Zoze9AyGkdg67mjPZtJtmMbFctQKqY9Z3NcAEseuX9lT0q9yxPmBU3iWW9wcPvVpXvmx01_C-d_fZ2mSYksed0Cp3mWOkjAAJgjp74PHw0ZZa-Sx2RIO4DkP8r0C9cM-BKch1CjgSAlfJ27lteawZ7Y4qb4IHU-N36ZD2ig0vatUiTX5zhs6QH3hWqRBk7tVYd0MMgm62G1q0ocV_AyAzqlj-c9PQIi_5wpQWLHqhlBS19EeI9B2B1OxgYrHAbamSPjnwUEN6AWFPYLEkKcdC7KLP9a3G4W4xUhcrIRss1DHHImEKFQyDay2LUPW4IFweeLGsNbfD5JYrq08AO4k_XNzlxkrLE7G50BHXiuv2YRmWI0Y52bGhtWW6_0KuyFC84T4wrawZt0rVqdGM8Ui31eshXB3JvGG1Owgfpt-4n2paae-HJGK29FGnsAx4Px7L6esuMO6XKhwpOzDiS0ex4w52SB66Z6ClpXmPH5S4woyRPdmCUVMOODbYYp6mW2pdNKgLyc2Pn6c8zzij4XMPPalaCJrlhrZ3lHvpyErerzpvp2eisTw2EOEeq3Ub5vXV2DcGSGSGjx1lponJ7dmLTXHocqeVVlM7RORvbRKvCVoAmOPnXsi-IBxRuAV17vThC3yzKGC0gw72F2B3v99vQ1uBqB9jhz2ZD7eerNJgQt03GkFBpE6R9U0AZjKnmriAtbA_ABMw8viBMHvsBNP7XyTVWJr-b9lCmOfrlAxtr3Z_gSMrh2PpQd-kKynPCVkZviTCw0s3rw54w6HdyJTkRmg30KSBkgudUD__jEm8_TFmWrauEbeYBhEDNIAQpfEA9Tm1-2rrQDYhMJhlZywa_y8ggKVoy_bElrYQIB7NCfzut8GUblyHKTHS3__poc3H39MVAHpeFSIJOBF_yGn645v9RDKXOi1zv2nZ9Gvkrw5tvh7AyBgdOsZJWCsKSjCyTZQUwUAOKi_aOqLx99h-DWASpcGC1z1hzgHRunE7al1PXkjnFQWA_b-GMpGNU-bcg2PWV3I6vAGypWsOUKLz3c1dugzjkatodW7cSCYhq2X5YNmB5zcsWVNtDK0_xyr5T43IWLgeSQAbZMePRc7_S6Ic9Ztpj5JLEckswrs6WbXV8v5eKkQgr5ipj6gI6CEDdRJyxtVxqsUAIacgjEiWGGaArXWMBNQl2oAEuIzXWtpU9GNT-JLq-EB8h5a0jjm1vKdIpo6eHb1tn_qFDxfjJHPiqVmeMc1O4fBaN73Uoeq3gecXZkZckaeaYgDyz1MhU-AVGrRztYgCpHb2YzhDlr1y7G0kWf7y5xvBfTSiqV31Gjasxqpod_n5gSU7xkEb_LV2t41QS27r5dsHw9o9qIh8ky_AqtdOkwWqazWInx6LlWJ_FPOBb8484sqZMODzYpe3QtxnUt699060DtjyrnQqzVBXMpwRZO59zWMRXbe12B4IZSThH13Qais80m-bgIRLMUgzk0n-bE0XZEt9ZgOnuRapFQAXa3pK5RpEcDlYAEz4tljpwHh6akL51MsD451PiZDm3aqD4H19ECiUcUCCxb79AGuBOb_Wfse6XlkG9FMXL3hev-2TcHPO-o3tpYYFj8u7zEEpzea4eCEzdOHWAnRYrdsYyOQQ28ygH7AHoskx5xEquWoasKr--_eUalKMT5Ih7aMN7E6eAvTz0Nk1KoBxb5buYSQQsam1UjinwUwttuyje5vao551-cXCVbUX-z32iqnrnaUdiGS_FlMq9rRX0EgHyj0R9p2Iq-zBDsp65ebdxbEq6872xX6Q8BU-3ZUSlrGGDcWt2qrffUGxZ4q_sHOGSvE0SgZIuO1ecbpJ9SfmFWbT15jcZdoEzAAcYuPrdd3B9MwpvPdcCmj5KwVvuauHsmDKhDzZj90SjnFdppL-eyyYy-i7tNbMlxxKyVBRoTsMQQVWpm_6OdEkLEqy269iubRVqxy39lHP_7I5Lxh4dkLa6r1-1AwMv8yea5QGOgg6CzdEkFjjs1VY_dUNusyciMFLH5uCFKi3Ll-Hdb2JXw0g5MwkPbcJxiGKqBlbc-sQ57MDWEw4B6a1oUrqXorjVq-gxUzuUEsKNZ8ZfofcZUWaXkIkIiv6oo6C4-Dw1-ttM6jSeGAEC-K1Ck61_iKWuAa2tZ2ThGsBB4wEMdGlIVCn8g20ny7O8tNw93m8JOBEkzVhaLZoGvN955mSlCKAPjPH-4lK0P6UNEKABKdJ91tnKa44806fSAD0KIqA-qU6Kc1BQkEvd3CEJGAEdCPoD0lA3yrwLu_3GR1a6p1lVJrv_QxpZk62b-ktwpbedAXC752lMm6NLNrJdkBYcx8p4QZJQrZ7Mmsz4ZFqs6JikDAVQCNX24wsGkrCxcDJ3nOGuC2KGiSxvj2lUwzZzrE42fUd7yLMWu9rndcJAfzCl3QktQ28sEn1pw-bgJLbL068Daje_1wAS_FQAw3ttk9aJoWtBbjWYo53VDXGqKlOAuJeIsH0miOTG9LzAnaz8c-jjbR7tKAFmiiz2vcig2OWKyOKajObIo_oYUZP7emGEIgOVSNrPzx_0YWo5zknaDTH0n5LbYIkHNMcvv84WsfPhL2nGVWa0dEN6bxRW8PklU-O8uibgo8JevKDRys1zUqjK_whnkGzFOeBsA4gfSLPd30LhZGsIjjGj2dYyKdZyXnVrby4t-FcJmk_QfcrCgy0LuSVsFbj7gb8PsZASnfEFNbSzc1taJbnh7YlWY146VXQilI6st-CTSo71coiukUhSR7JE6hMV9ihencUcPlKx9-kBqMHlD47rJTuGgrks3Fz_OdHqj_qOjp9DYz_3ceOIrzpHuTXzhdJhDE_vcEkiMEGJJ4ktdRi1gCXrY_BK-Sc53hFx60AnmV5DFg89undKf8_b8pFnONBxbUUVcYa5Ma9St_XM0yP80O3G49OE_EIT_BaGKWLRBmKDC_swFNVkt4bYlwp-HBEpqRby-sSjEa7zgqiTFkq4EbicaVnTwWWQh8g6mTQYE0LOnCd2iBOfVoI-Yp5bEU_rpH9iI3Lx4&cid=CAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw&rfl=1%2Chttps%253A%252F%252Fsimcast.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 23:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 23:12:21 GMT
truncated
/ Frame B35B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3fd9013fb0197de43526b1bd9b43406eb19553d346ebe6df3e7609938f95bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 709E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELQABczIFdwTRSvhJNxSa8A&google_cver=1&google_push=ASkJ3Fa-C2Rmdn9E5s3ZaX2coj2VJLcCql7Oe4k8PX1A9qFzfO_xVoTE0IbRHE0i7w8chnPd8CtOBzxCiXCi6J...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY0OTE0MzQzNw%3D%3D&google_push=ASkJ3Fa-C2Rmdn9E5s3ZaX2coj2VJLcCql7Oe4k8PX1A9qFzfO_xVoTE0IbRHE0i7w8chnPd8CtOBzxCiXCi6Jhef-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY0OTE0MzQzNw%3D%3D&google_push=ASkJ3Fa-C2Rmdn9E5s3ZaX2coj2VJLcCql7Oe4k8PX1A9qFzfO_xVoTE0IbRHE0i7w8chnPd8CtOBzxCiXCi6Jhef-nGJ0ftfb4o
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDI4MzA0MjY0OTE0MzQzNw%3D%3D&google_push=ASkJ3Fa-C2Rmdn9E5s3ZaX2coj2VJLcCql7Oe4k8PX1A9qFzfO_xVoTE0IbRHE0i7w8chnPd8CtOBzxCiXCi6Jhef-nGJ0ftfb4o
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 709E
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEO30Fhs2Kyy6thERh2_Y_B8&google_cver=1&google_push=ASkJ3Fbn9Y-SBsLItXCVU8dhKsHy2dzckMMZhN9hwpYC3wOB1LmPg5Jveviw-tAt75PFNlpGLc06tWzY8FafidBBPU8y-ZQOe4Uw
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VkUxOTcyWmVBWk9wSWJRbGNQYUJZdw%3D%3D&google_push=ASkJ3Fbn9Y-SBsLItXCVU8dhKsHy2dzckMMZhN9hwpYC3wOB1LmPg5Jveviw-tAt75PFNlpGLc06tWzY8Fafi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VkUxOTcyWmVBWk9wSWJRbGNQYUJZdw%3D%3D&google_push=ASkJ3Fbn9Y-SBsLItXCVU8dhKsHy2dzckMMZhN9hwpYC3wOB1LmPg5Jveviw-tAt75PFNlpGLc06tWzY8FafidBBPU8y-ZQOe4Uw
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VkUxOTcyWmVBWk9wSWJRbGNQYUJZdw%3D%3D&google_push=ASkJ3Fbn9Y-SBsLItXCVU8dhKsHy2dzckMMZhN9hwpYC3wOB1LmPg5Jveviw-tAt75PFNlpGLc06tWzY8FafidBBPU8y-ZQOe4Uw
date
Sat, 26 Nov 2022 11:20:16 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 709E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJC67_130eSRF8YWT-FGYMA&google_cver=1&google_push=ASkJ3FZBVozHkNul0tto4cR51_7pT0uufu0ol0h4ESULXV-_jIyrvcXQKF6qUstvXWx-Bsd2coDMJ9Kb2qNcWKp...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yBIKwrvoRFFans6ZuBNU19ly14U&google_push=ASkJ3FZBVozHkNul0tto4cR51_7pT0uufu0ol0h4ESULXV-_jIyrvcXQKF6qUstvXWx-Bsd2coDMJ9Kb2qNcWK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yBIKwrvoRFFans6ZuBNU19ly14U&google_push=ASkJ3FZBVozHkNul0tto4cR51_7pT0uufu0ol0h4ESULXV-_jIyrvcXQKF6qUstvXWx-Bsd2coDMJ9Kb2qNcWKpKO2996H_bcZ0a
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yBIKwrvoRFFans6ZuBNU19ly14U&google_push=ASkJ3FZBVozHkNul0tto4cR51_7pT0uufu0ol0h4ESULXV-_jIyrvcXQKF6qUstvXWx-Bsd2coDMJ9Kb2qNcWKpKO2996H_bcZ0a
Date
Sat, 26 Nov 2022 11:20:16 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 709E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEINFq38uMYciLM_EgiLdNgA&google_cver=1&google_push=ASkJ3FZcsGsZ8jcfyKQAi4a9LoD5hnKpaRQjjrqaPGtEjnmrqZ56kAFIXBPWxhwu8wGzOkNQ4pj...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVUNCOTgtTy1FSDhZ&google_push=ASkJ3FZcsGsZ8jcfyKQAi4a9LoD5hnKpaRQjjrqaPGtEjnmrqZ56kAFIXBPWxhwu8wGzOkNQ4pjhq9kvRWoX1eqFC3eSHtEemwQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVUNCOTgtTy1FSDhZ&google_push=ASkJ3FZcsGsZ8jcfyKQAi4a9LoD5hnKpaRQjjrqaPGtEjnmrqZ56kAFIXBPWxhwu8wGzOkNQ4pjhq9kvRWoX1eqFC3eSHtEemwQ
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFYVUNCOTgtTy1FSDhZ&google_push=ASkJ3FZcsGsZ8jcfyKQAi4a9LoD5hnKpaRQjjrqaPGtEjnmrqZ56kAFIXBPWxhwu8wGzOkNQ4pjhq9kvRWoX1eqFC3eSHtEemwQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
/
cc.adingo.jp/adx/push/ Frame 709E 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEBLECa29jo_sPOZxfpYyT9E&google_cver=1&google_push=ASkJ3FadhMBRFsoFkJhopfMiZrOnq4Lxb4OFRN6TUJ4_z1lqt42cynH7QhrPRSR6bdCuJQ3Y3CFAt26lqt3axYL8AVJrmw3Yh7or
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.45.237 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-74-45-237.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 709E
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEApSWOdoQYxQJWGW20ENgZQ&google_cver=1&google_push=ASkJ3Fb3ymIMEsIq6f9T-tAIS3ZRp70Vj1p5FC8qjuT79HGm6NkdRS0hN...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3Fb3ymIMEsIq6f9T-tAIS3ZRp70Vj1p5FC8qjuT79HGm6NkdRS0hNGEKyTRUlD0KEWZFh54OaRNvy8LtZlprB-FeM4MUBUcxBA&google_hm=QlMuNjExYy1hOTBh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3Fb3ymIMEsIq6f9T-tAIS3ZRp70Vj1p5FC8qjuT79HGm6NkdRS0hNGEKyTRUlD0KEWZFh54OaRNvy8LtZlprB-FeM4MUBUcxBA&google_hm=QlMuNjExYy1hOTBhLTQ3NDktYWMwMQ==
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3Fb3ymIMEsIq6f9T-tAIS3ZRp70Vj1p5FC8qjuT79HGm6NkdRS0hNGEKyTRUlD0KEWZFh54OaRNvy8LtZlprB-FeM4MUBUcxBA&google_hm=QlMuNjExYy1hOTBhLTQ3NDktYWMwMQ==
Date
Sat, 26 Nov 2022 11:20:16 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
report
sync.teads.tv/um/ Frame 709E
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDLX5IC0oaZrwrMBAFpqwTo&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZJDdZRJiD58mruFCVWkR0_19IKtZsoqVwqbSNgdcCHtl8bF6qvFiezBdFDWj5MgDfSxW8VYsOlOTCnS6nL43HMCi4IJGL_ig
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.115.97.56 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-115-97-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires
Sat, 26 Nov 2022 11:20:16 GMT
pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 709E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWOvOndr-G8yyK0Xnrjcm2-Ng3stbCy165QkLfWB-s2KbfiRyZL21w96NVCjjUZMgkZL_Y8FM
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D8DD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 12:23:51 GMT
expires
Sat, 25 Nov 2023 12:23:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame AE06 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h8zf77bntq3y3w65g04bf6k347dm0t1hh2a4t4km72af2wf46afjcgt89qrf3sxtmebcwf0zjhngg8rrw3mv62rmadphpq8hkx4sdkz35mvmtd8yw5n4r71ehveedhgff5q2f0pswytszhkgkvhpcqza4mp5h4fcvtw7v316vyc75ta71d8chsa31hvh8a2shm7stc75vyf589z50enqxgt4hrm7x1yk7kd19mrx9k36c3zkj00ss5kmn3sdwk2vhxzg57en3j4getkegmwetq5h4rww7tmfbh3354tmavxdprcz6k758c59s23wn27g7re75q75vb9wv0j96ghbb427wr59pgaj64zxkywaw80w8g8802mypgk33w5tcypys94en5faahtksped66w85ryszfb0qf80ds87ff1d3tbwwzbtc7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h8zf77bntq3y3w65g04bf6k347dm0t1hh2a4t4km72af2wf46afjcgt89qrf3sxtmebcwf0zjhngg8rrw3mv62rmadphpq8hkx4sdkz35mvmtd8yw5n4r71ehveedhgff5q2f0pswytszhkgkvhpcqza4mp5h4fcvtw7v316vyc75ta71d8chsa31hvh8a2shm7stc75vyf589z50enqxgt4hrm7x1yk7kd19mrx9k36c3zkj00ss5kmn3sdwk2vhxzg57en3j4getkegmwetq5h4rww7tmfbh3354tmavxdprcz6k758c59s23wn27g7re75q75vb9wv0j96ghbb427wr59pgaj64zxkywaw80w8g8802mypgk33w5tcypys94en5faahtksped66w85ryszfb0qf80ds87ff1d3tbwwzbtc7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1669235721
age
224517
cf-polished
origSize=91628
x-guploader-uploadid
ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 20:35:56 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1669235756372606
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXX8yFFi5Jd0S0IyhrHY%2FuS4nug5ZBjB7miE7nwoMEQkxbvlaKF%2BwpnwBXKf4M%2FL8q9fcf998EmVtexsDMjUDaZ%2FK67eKwjeMML7qY787GevKvrzZK71o1Zc5QWpGb20Lpl7McmN74c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77023bdcc8669b82-FRA
expires
Sat, 26 Nov 2022 12:20:16 GMT
r62eglto.js
ad4m.at/ Frame AE06 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h8zf77bntq3y3w65g04bf6k347dm0t1hh2a4t4km72af2wf46afjcgt89qrf3sxtmebcwf0zjhngg8rrw3mv62rmadphpq8hkx4sdkz35mvmtd8yw5n4r71ehveedhgff5q2f0pswytszhkgkvhpcqza4mp5h4fcvtw7v316vyc75ta71d8chsa31hvh8a2shm7stc75vyf589z50enqxgt4hrm7x1yk7kd19mrx9k36c3zkj00ss5kmn3sdwk2vhxzg57en3j4getkegmwetq5h4rww7tmfbh3354tmavxdprcz6k758c59s23wn27g7re75q75vb9wv0j96ghbb427wr59pgaj64zxkywaw80w8g8802mypgk33w5tcypys94en5faahtksped66w85ryszfb0qf80ds87ff1d3tbwwzbtc7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
363720
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX%2BKww81vBSOjMrSKQuR6%2BsZbdlx6zB09GsBDfvPFmyNahNs48dboi3Snb%2FjK9DkFB8HyTrChGXJp4AH6E64uuaiKXpvqnKL2hl2qonLonH2kStPz8XUUOMiPOu%2B17k16tW1s6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77023bdc989d8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 22 Nov 2022 06:18:06 GMT
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 5A7A 		89 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyqdy79n7jyv12ks8hhjbw7cdj60ts5whqgg9p09dzqf5pn9hvxa740yct3thfrmscmbt6tb3s3t3f4jvddvn821tnte73xght4e91wqss113w7d8yrwqm7bm4s4r1f0hjsg33fr8g6snj7cb18kvkrjfe8tnm7ae5a33sd3z2vbben57ymqhpfhbjkj4jx55av8chnb654ejb4cx3mkdzn7j985nds45rrkheqrykd23jnfv26qra6zk4bnadkhfp8y4fzxpk4p2b4tcqmta6mrvf44e1at1d1xc77yqbxhan2a28yq1benjgksy3bm4hkae7k254pw1sr9pexj8ajh1zj8pxhv5fxh1mv4cy08hgvxfne150kqz7tpc1bs01rgcrvmsg95p6gepdnyk4p30hkf2jy2rwtpx6kxs2nycs0vqbft&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hyqdy79n7jyv12ks8hhjbw7cdj60ts5whqgg9p09dzqf5pn9hvxa740yct3thfrmscmbt6tb3s3t3f4jvddvn821tnte73xght4e91wqss113w7d8yrwqm7bm4s4r1f0hjsg33fr8g6snj7cb18kvkrjfe8tnm7ae5a33sd3z2vbben57ymqhpfhbjkj4jx55av8chnb654ejb4cx3mkdzn7j985nds45rrkheqrykd23jnfv26qra6zk4bnadkhfp8y4fzxpk4p2b4tcqmta6mrvf44e1at1d1xc77yqbxhan2a28yq1benjgksy3bm4hkae7k254pw1sr9pexj8ajh1zj8pxhv5fxh1mv4cy08hgvxfne150kqz7tpc1bs01rgcrvmsg95p6gepdnyk4p30hkf2jy2rwtpx6kxs2nycs0vqbft&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1669235721
age
224517
cf-polished
origSize=91628
x-guploader-uploadid
ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 20:35:56 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1669235756372606
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2U4b4bWpw4giSsLOO3o%2F15W62HqKpNWGSx7HcQH8TZc%2FNDTbGMADOQ4IvMeisJ6Y1IdqDcn4kXsNaLI4hC9rSrnPiPU78vfOQPCuhsbNySQQpfUGJhp%2FDyA0IhqCzvxWkrrkuLMPgU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77023bdcb8629b82-FRA
expires
Sat, 26 Nov 2022 12:20:16 GMT
r62eglto.js
ad4m.at/ Frame 5A7A 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyqdy79n7jyv12ks8hhjbw7cdj60ts5whqgg9p09dzqf5pn9hvxa740yct3thfrmscmbt6tb3s3t3f4jvddvn821tnte73xght4e91wqss113w7d8yrwqm7bm4s4r1f0hjsg33fr8g6snj7cb18kvkrjfe8tnm7ae5a33sd3z2vbben57ymqhpfhbjkj4jx55av8chnb654ejb4cx3mkdzn7j985nds45rrkheqrykd23jnfv26qra6zk4bnadkhfp8y4fzxpk4p2b4tcqmta6mrvf44e1at1d1xc77yqbxhan2a28yq1benjgksy3bm4hkae7k254pw1sr9pexj8ajh1zj8pxhv5fxh1mv4cy08hgvxfne150kqz7tpc1bs01rgcrvmsg95p6gepdnyk4p30hkf2jy2rwtpx6kxs2nycs0vqbft&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
363720
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eI2sWTJ1hO7NU%2ByXZn2asapKGWAeYlfJ8aBbE7hbQxcR2EN9Nsj8pNRp7LOcs8CzZAWHvcWc0eCZJU5QjjuqbMjw78p1Af%2FsfykWFplOSxdbCDbxrGSpqXxPa11lmswkNrxN3hI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77023bdca8bf8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 22 Nov 2022 06:18:06 GMT
index.html
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/ Frame 0230 		22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=63468d106d216e35f43d8a53&cb=1669461615196105&tc=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
957f635abbd132ec82dd4d80bdd204d0666c3aee37f21b60418c972a4f30f24d

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
86135
Connection
keep-alive
Content-Length
22499
Content-Type
text/html
Date
Fri, 25 Nov 2022 11:24:42 GMT
ETag
"6aa51c0893ca272e6621c3c5e7d081c4"
Last-Modified
Thu, 27 Oct 2022 13:09:02 GMT
Server
AmazonS3
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
X-Amz-Cf-Id
r3rTm9blO0MIfU2LhRd06cqpwSGz_rvaFLbKm6KcYM8tWSIkPbKTNg==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
x-amz-version-id
OyuVKBMMO4qRlS.ZubKUvYbXCgVZQyx4
impression
anz.audiencemanager.de/log/ad/ Frame 0228 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anz.audiencemanager.de/log/ad/impression?id=63468d106d216e35f43d8a69&adId=1be0cc6381f66ff125c1328531937066667285&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&curl=aHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw&ntuId=e4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4&cb=1669470365
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.117.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-117-113.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by
PHP/7.2.9
requestid
648e2e6381f67025711741596004357433552
content-type
image/gif
status
200 OK
hostname
10-0-13-41
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
responsetime
7
content-length
43
B28678037.347519798;dc_pre=CMqO5ZTdy_sCFY-M3godyj0K1w;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/ Frame 0228
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CMqO5ZTdy_sCFY-M3godyj0K1w;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CMqO5ZTdy_sCFY-M3godyj0K1w;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CMqO5ZTdy_sCFY-M3godyj0K1w;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669467861;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C48 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:20:16 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6C48 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:20:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6C48 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 21 Nov 2023 11:20:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6C48 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 21 Nov 2023 11:20:16 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6C48 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZnUBk3yB9hrfaY7YMBZvZt17b_FMu8q5BMuTeY74DBB3cRjMV2ZaD2p0SWyLLegpbZ1nikCmAkFOyRrjW8DzlST5kSnU7i4F4FNMbqFQMooAd8YimEBLO1ulWnfDUKabMsXzyX_3lCBk-eLyTTzw53-xpxJZI7t6TuapxLdqlP01JtuDpEp9llIKjDGOGdI9pQpNcHZpDC71KR5ydDgikRqFHE_OttGgE8QrpeXRfiAa0dxgSpdDstbAX6L6HtbucFKc2-uAJ79MrdF1eYED8YTXAmHgn0xGzcAFwr959mIHkSkL9ue4QHg65Op_fnyvEMhPpXl59AREmIiYUs5pNMyHW2MrR_1E1CITk7OYzLSDpKXYDIspMc3-yp76ySGd2ZwHvYLT4wz6NsRg66j766IIL7jrxqvD-jnhqdQfGpiIfhyR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2852178
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6C48 		44 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1669461615
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:be00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
6F0OzsiKRlgP1gNB4UyHwnTYKv0BGu45iMliVDfiGY2rp6Aezm6IsQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BF60 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0228 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
545b4e763519e81b5251aa5b50daa81ac3a22b3feb09bcc8fd1252dd4b0fc028

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 6C48 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:20:16 GMT
img
pix.eu.criteo.net/img/ Frame 6C48 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=668&s=AcDRqlALm2HLZ-oMVCTMou4Y
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30982392
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13859
expires
Mon, 20 Nov 2023 01:33:29 GMT
all
csm.eu.criteo.net/ Frame 6C48 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KNuzptXDmeafmHmVCPca9_rC3rixEAO8tcaFcudpYV7USM_FeZVoCVAfH6uPzq9f_tNrMp8BSrUe2aMzNcUzD-BN7zEoPO-yI1A5HtdIlDB7sl_WFNztZjehUGdPnu83uy-DmCzU5eYO7uLpLL9-9YzbtXJIbQ0jRG0Yq40fb2L8OJKFkCgzJqMvCeGEk358wCpgdkBaSeK3jZSDozyxR6wffo9H_5zpPzAZhJfz-JVBj-oAks7QNb7hwkyHT8TUne1ukw&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C48 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:20:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6C48 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4H2bwAC_goK01PHAAapd_GtYS_z516IacWXnw&u=%7C8LAeSJmwC9ePcaF161ag2A1UgyDUIgVHtUzIMYELyRM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8WyeawNHAyf1Ts4rWGuBDIueUYT8XiKYw00Cf3Ni5I9sfoJcz5pZxHfvHfbD2HK0l6_A1SQqNPCKDf7igCVnlv6PU_0ceTa25QFRn7pL-2dH6csG0K9mxeSzw727lpto4co8SiPMtRXMvTKjnDdSyYSKSewimS3_8iqcZZW-chWuqOhwHihuIlez1XFkO0rALQ8qaGGvuNsRgVdYKMZy7X--eAqthfwQIL3uTFmDXPTgNou-2wEnPK9FMHrA-mqq7c1cIsydeBhPJLRpTfSyR0NNTXbjq0oC4PXnwLxxGc3y2UfXHxHFx4RxfUpcBmcRq8yMDniaVHEjrQ4d57MqY4D95D65adRCWUIX2jMEvaxfAABQlQLN4quyMhHRUwUnYWEHenG4_FRWijEOpT2Ec4Bpd12zCXSZ2hutF4bevkrP9bAcC5xYisebJ4GExGNH6XKPp9WHR0KMz_S45vyYFv4rNRbT5ILGwbH0DdjQoWltNG_Rew84jAiw18is4xUWbL9ESHMts__OaVNyE2VvDtOW55WboyLAYgxBJKD8Kt1dlA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBOkfb_aBY4r8C8enzQb30prQD8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0xMDYyOTcyODYxNTUzMzAzyAEJqQL9XeJ6n3CxPuACAKgDAaoE_gFP0FgvGGaYe851sug3Wo8uPQRqvN3JJ3FUT3ZrI7yIo5CzTxEQK9_SSc86pV-n6zinZpeESAq-WGV-MmNHCit5mt-EiP8AnB7QsF2F8l9HQNQ9TauL6l8dlBlCaCdj_xe1lIeF47g-sbcuKLiIrYceiAO_l_vNPphHaVUgt7zsJ-cJIaAtzsGyTRGLj3f1sncBr-mqXMb80j1wyM-QKe5S7WtQdEUPnj19GinF9JEeC1z6z6oNDBaM8XXuH4YbBsHzDSvlbhb16BWRsKQ5-e0pllqwPxgynfz9SWK-NqvxRtOfez06hoDAuogudfzSe1a9TEl7MNDv1Elytv41QeAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1h89J0C1VOWU0fA9ccQV2fIk0qig%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:20:16 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame D8DD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Nov 2023 14:14:41 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1180045/66149901/ Frame 0230 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1180045/66149901/skeleton.js
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.7.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-7-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8f27b2727d0ab5528261f8f87294c85d527e5ef3511e3201411d4945dd156fe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
gfx_white.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		81 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/gfx_white.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f2d571dc958545acd535c55ab8b0480c4f4d5ff9f0222adc1189fa389a571be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
LILVqPqjpWNUCYcU6t7enaIj6llpjhsR
Date
Fri, 25 Nov 2022 16:27:42 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
67994
ETag
"05b85bf02d70a2ef82efce3adc970877"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81
X-Amz-Cf-Id
x20hQkStQ4FiBIHODT5caz0c1LK3QK-nIW7ZjvDo61xEA668PfkB2w==
img-bg-overlay-0-0.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-overlay-0-0.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e35f6c665cbffb68919476d04700217c724b94166d9e14ea7d0e9ce0f989c77c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
ls8vZY6C5XAbH8e99OhdjjC1tIAPAj1m
Date
Fri, 25 Nov 2022 11:24:42 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
86135
ETag
"26a85d3bf6320fb16e8d811433bff8f1"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4241
X-Amz-Cf-Id
s6vudkAieL4zEamwyMkrPOSV3l1FROizzo-LhiUnpNqtZGz6QJ5orA==
img-bg-overlay-0.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-overlay-0.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8508408273717ae33118b2534e05ee065e92d87d023a169cc00254614593f4f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
3P8nP3ld5q7EPEBoknuuFY3ldn3xjCEz
Date
Fri, 25 Nov 2022 16:51:17 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
66598
ETag
"29cc7a7bc99fdeba25ecfd854fd198f8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3828
X-Amz-Cf-Id
81H1SwNCCR5m2iyEJMofNsCiVrepHu5K1ct4PqI3ztddn5Ry0-p2vA==
img-bg-overlay-1.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-overlay-1.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8472f8e9376927bc57574db586960515033609db7823d5e6610f0c9993d8ebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
iw4CdgD6KIzI3pzFcrlVsbvD1D6S1Ey.
Date
Fri, 25 Nov 2022 16:08:33 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
69117
ETag
"c856a248e3b6dc3ee7120028eed7cff3"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5122
X-Amz-Cf-Id
os0f2tu0QED6JF8oy7huB6sgb4JC4hBbs2Z6yHptiTRlzm8gGkttZw==
img-bg-overlay-2.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-overlay-2.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
541be6e17b933f0ca125df086e4d534c432ef226508f1fdae32c583fff79d9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
dudbyr69CiVMH.zAUusgcqjLqmGLFtt3
Date
Sat, 26 Nov 2022 06:42:40 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
16656
ETag
"f2bc35895a7aed0d2d458a605a842c7c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4202
X-Amz-Cf-Id
L1h2ez9pwou8b6MHtqtUeJ8s6C4me6jyvIod4qHp3Fj0cQQ4BeHn0g==
img-logo-0.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-logo-0.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36dcf000478cf87979f6fc8702dd2f68a11295c3bfdbc3c88d586b08e0ebbbb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
PCb4H0cxJyfTwkufIKKFSGssmu0PsXIu
Date
Fri, 25 Nov 2022 16:27:42 GMT
Via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
67994
ETag
"02f067f9b647dff6cba9eff23d17b4ef"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4138
X-Amz-Cf-Id
BMRlaSqTiCs_K5L6KbafXQQkkExzLWdp0Tl8brvwJRZ8KXwOq1A5tw==
img-bg-overlay-3.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-overlay-3.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7090d99febdb36e0059c263b0d9fe1ec0388a0609ab7add9a62c280f1e4db3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
b8TuB9KXtZfBiULdg1lR.j_qzYWcKxiW
Date
Fri, 25 Nov 2022 16:08:33 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
69118
ETag
"b002ef76c3e9aee84a1f5e14bd404f2e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4991
X-Amz-Cf-Id
Lu4sBYEh5g2TMuYBFUf9bIq9zLIdF5iAhnEYOTX57D9KZfsPSaWOVw==
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0230 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 11:20:16 GMT
TKUT_v1.1.1.min.js
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/TKUT_v1.1.1.min.js
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
pyvbxMubFHCbaVEd15QU0W_fGcxWcgFE
Date
Fri, 25 Nov 2022 18:43:53 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
59784
ETag
"33966fde6a113107dafb766b36529442"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2324
X-Amz-Cf-Id
5bcskupjR3v9GZxfcbXVVPyjhmPPu-PWQhoKrlzguIZ8qf6pkzMRxQ==
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5A7A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26358112
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TJGzNYORyxo6X2YAZd44oqVvrQRK41q6PYXamqp9GdWdKCju5G2%2B2P4NG3vH%2F6zF8bN6imHZJee%2F7f1pQMhJ%2Fq6JU2m%2BunWjq%2FYTc4Qq3f5wuxuHilVyU0ovUcedqPqtpJQCXEv7tqyeJ1ersDLdT5A"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77023bde7acbbb38-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AE06 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26358112
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXVJ2BLMukBzS0a1yPGBynomcTGN3SUDEBb8b9mQO5elzdohEa%2Fnx3%2BvuVB4k4WYbeaFoMRrzBg%2Bnj0HEaTniDnTJQFsK37m9tRWgocLHukAfOm14ZKWGQELfiB22T1%2FQQMGDN0rSKg3XSnmQ7O0ARtV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77023bde7ac4bb38-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
pixel
cm.g.doubleclick.net/ Frame BF60
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJNhZXjNcuiOcfu9qgVm65k&google_cver=1&google_push=ASkJ3Fb_v7AL6dbmYuCjd8vvat8Uio-SGWWQ-zUJ_4EVVjsN818TSRNnqvn0-qcHW9ta6L0rMTLFX...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fb_v7AL6dbmYuCjd8vvat8Uio-SGWWQ-zUJ_4EVVjsN818TSRNnqvn0-qcHW9ta6L0rMTLFXo59me_vCcc07AP3qcca2fU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fb_v7AL6dbmYuCjd8vvat8Uio-SGWWQ-zUJ_4EVVjsN818TSRNnqvn0-qcHW9ta6L0rMTLFXo59me_vCcc07AP3qcca2fU
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 26 Nov 2022 11:20:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 642996A2399B47FEAB1367D9F69547A7 Ref B: FRAEDGE1109 Ref C: 2022-11-26T11:20:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fb_v7AL6dbmYuCjd8vvat8Uio-SGWWQ-zUJ_4EVVjsN818TSRNnqvn0-qcHW9ta6L0rMTLFXo59me_vCcc07AP3qcca2fU
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuXdKdsyWJu0R9Fl1AIA==
pixel
cm.g.doubleclick.net/ Frame BF60
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIBVr_XzyYd0BK9K2TZ4Mog&google_cver=1&google_push=ASkJ3FYCcAyGv3OtSA86K_zexxSDEs8piC0kOuiAveTmorTnQRAxVDGBx58YJFFpBycs0uFbuYG6VAQkwn1EGk...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYCcAyGv3OtSA86K_zexxSDEs8piC0kOuiAveTmorTnQRAxVDGBx58YJFFpBycs0uFbuYG6VAQkwn1EGkB5YXLPTCqOJVU&google_hm=hmOB9nBcDK-ln3XZGA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYCcAyGv3OtSA86K_zexxSDEs8piC0kOuiAveTmorTnQRAxVDGBx58YJFFpBycs0uFbuYG6VAQkwn1EGkB5YXLPTCqOJVU&google_hm=hmOB9nBcDK-ln3XZGA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6381F6705C0CAFA59F75D918BLIS
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYCcAyGv3OtSA86K_zexxSDEs8piC0kOuiAveTmorTnQRAxVDGBx58YJFFpBycs0uFbuYG6VAQkwn1EGkB5YXLPTCqOJVU&google_hm=hmOB9nBcDK-ln3XZGA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6381F6705C0CAFA59F75D918BLIS
date
Sat, 26 Nov 2022 11:20:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame BF60
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESECg_5REeCcV-hjLpSZNsErs&google_cver=1&google_push=ASkJ3FbztyNZlph9FXWXyTR-ksD_RgndLn87fcbvUFaX69dP_w-gLmN6g6TsNrQkiSiagcGDYigZ7tJo7PVgyrtJxijRAXmP3Wg
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkY3OTY0OEU1RDc4RDZDNQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkY3OTY0OEU1RDc4RDZDNQ==
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkY3OTY0OEU1RDc4RDZDNQ==
date
Sat, 26 Nov 2022 11:20:16 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame BF60
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBjzRpbyD8LzndPavp0s_i8&google_cver=1&google_push=ASkJ3FZ4LKgxvj-hHhenkhhKaM0W9d970NngqgJtP-9xebHVGJ2Q7dgixPXwvNBpGcazL96i1ORRV7eP4D_O54JfhTowd83...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZ4LKgxvj-hHhenkhhKaM0W9d970NngqgJtP-9xebHVGJ2Q7dgixPXwvNBpGcazL96i1ORRV7eP4D_O54JfhTowd83fbgk&google_hm=MjAwMjUzMTE3NzY3NDMyMzA5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZ4LKgxvj-hHhenkhhKaM0W9d970NngqgJtP-9xebHVGJ2Q7dgixPXwvNBpGcazL96i1ORRV7eP4D_O54JfhTowd83fbgk&google_hm=MjAwMjUzMTE3NzY3NDMyMzA5
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZ4LKgxvj-hHhenkhhKaM0W9d970NngqgJtP-9xebHVGJ2Q7dgixPXwvNBpGcazL96i1ORRV7eP4D_O54JfhTowd83fbgk&google_hm=MjAwMjUzMTE3NzY3NDMyMzA5
content-length
0
pixel
cm.g.doubleclick.net/ Frame BF60
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJphYZvEXEGssEsfB2VJKLI&c_param1=ASkJ3FYysq_prt0y-3RD548Bk6zGL88PN_4BCrJ5YY_xaRzQMt3uIz0UBTIzkg0H7z04cUhG7R1EdEQ809aHn1DgCIeEi5qeFR4&gdpr=%%GDPR%%&a...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYysq_prt0y-3RD548Bk6zGL88PN_4BCrJ5YY_xaRzQMt3uIz0UBTIzkg0H7z04cUhG7R1EdEQ809aHn1DgCIeEi5qeFR4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYysq_prt0y-3RD548Bk6zGL88PN_4BCrJ5YY_xaRzQMt3uIz0UBTIzkg0H7z04cUhG7R1EdEQ809aHn1DgCIeEi5qeFR4
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYysq_prt0y-3RD548Bk6zGL88PN_4BCrJ5YY_xaRzQMt3uIz0UBTIzkg0H7z04cUhG7R1EdEQ809aHn1DgCIeEi5qeFR4
date
Sat, 26 Nov 2022 11:20:16 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame BF60
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIQe3caMU2oOKYx2KmTVSy4&google_cver=1&google_push=ASkJ3FZTqR-noALppyTcIgNu4E5ByF5u-DTNaSr4170fF-sJhEXvp_pLg8JSBJ_1CUBs0YXO7jI1Kq1S3gjy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZTqR-noALppyTcIgNu4E5ByF5u-DTNaSr4170fF-sJhEXvp_pLg8JSBJ_1CUBs0YXO7jI1Kq1S3gjyRJSBEkhsYrZvkQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZTqR-noALppyTcIgNu4E5ByF5u-DTNaSr4170fF-sJhEXvp_pLg8JSBJ_1CUBs0YXO7jI1Kq1S3gjyRJSBEkhsYrZvkQ
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZTqR-noALppyTcIgNu4E5ByF5u-DTNaSr4170fF-sJhEXvp_pLg8JSBJ_1CUBs0YXO7jI1Kq1S3gjyRJSBEkhsYrZvkQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
spacer.gif
an.yandex.ru/resource/ Frame BF60
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEGKVtohcJr5GDQwOYQOB4e0?ext-param=ASkJ3Fa-lcIfY9Y3ZSQR1sE5aGtk-aQOqQn6yoytZqYGOc3O_ZC9t2I3C6y8Qo4EvMgM_9uFYoaipEDV103mipqc049KdR7Vm18u&partner-tag=yandex_ag&g...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGKVtohcJr5GDQwOYQOB4e0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 11 Nov 2023 11:20:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BF60 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItvVe7JsDRVC9drYX6WQyjMJU2CttACLDiQ1nEeOdSTHmMEWhKLxuSI6oSlhjVg4BzxFbZpA
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame F214 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2646903
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77023bde1c139b82-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 26 Nov 2022 11:20:16 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYM3bZFcHPVf4QaD6Sl9aXjJAcaNRTNgc9ENB5z2GkRQCkuOSKjQyAFfpI%2BTRzvFAHHGrWOSpaeyZavANk0LslA6QJsj1vlwPsjmoa2u%2F%2FvMDNATtrYAIR4lY2xterw2keq10rc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 259C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2646903
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77023bde1c169b82-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 26 Nov 2022 11:20:16 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCdjcmy%2Bchx63whMmBfX4pP9u5lLMWewaJ90OOT1X8hCfFiBzj%2FP5fI%2BRTmZz46SlByJ9i9kIoyH2SvwKxSoQlhFy%2FHFNOMaVjihhzLLjbCi9JmFxyq4t%2FRr71qu%2FIvbyzxiJsM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame AE06 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e4299a84639e5d2301dde7543f550dea866a2a747a609f28c7f14fec38173c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTmWdehNKUeMc80nNW4sFdFKTbx1HCpWsZTkB70AY6vQ6%2FWVMYP4UC%2BHXdY2ErkcYck7ixk6PNVzrdIBOvKLInn%2BLb332IkIWDvHvPPmMqBiwzlLYT6iSoRgnQPKgJ5ne92Bzn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77023bdf694a90a0-FRA
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77023bdf08da90a0-FRA
content-length
24
content-type
text/plain
date
Sat, 26 Nov 2022 11:20:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYLBfd8%2FE%2Bw0m4LgFf%2FzZouRD1xMEjWMt14adZc5JOEUOrDt%2BFkghrldmD01JHI12Ql%2FIqkXEY6ZJF9QqAjht%2BBpSM2h7eH0d%2FGz1Fj3Kb9SPXVTjC1ikHDpVU7qQ7wPhLpn63s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-ktgt
rs
ad4m.at/ Frame 5A7A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738b0581f78519e0903375a2ee009ab54ca6cf2005382108d9b5b95db1a8e3f0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hQ4NGn6g0R8gHNXTSCnAlp7DVUaPU5IFM6aOwXhjdtzuTF%2BwYuAzZUCZNs06xHxcpLeA64XCrY44VUpD%2Be65z9eaoZMhKc%2BJEqI8JjGl5%2FWmOHEDr3HHFxEvNnHMnDNWo0bu%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77023bdf898290a0-FRA
x-backend-server
aa-reachservice-group-europe-west1-ktgt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77023bdf08d790a0-FRA
content-length
24
content-type
text/plain
date
Sat, 26 Nov 2022 11:20:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BafOn48PC1j6wy4KLie4H5vZvcKrBpy24cl%2BYQ2EbZfjL1fB%2FJuT3iex2Rtg9ImHKUle0x3vc935xkYIHv7T249d%2FPkWs7PBo1yHtV27FYPwdlWCyN63egRZt7XDK5N8kRgf3cc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-ktgt
main.19.8.366.js
static.adsafeprotected.com/ Frame 0230 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.366.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1180045/66149901/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id
DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
394944
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 21 Nov 2022 19:50:49 GMT
server
AmazonS3
etag
W/"ca4194ffbaa3712186a83d16b497895d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
JyHEFr_qwbzXvmnJ3VHlYEaHxwbp0stXcnODuWSg0Ym9P8FgiD5NfQ==
img-mask-tf1.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-mask-tf1.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df844419cc9ac6897808536c03132a6b090bc56c3ed70aec76e0488d533d2e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
5.srDShlGl5brd4U77oUnxsamqx45ZTU
Date
Fri, 25 Nov 2022 18:43:03 GMT
Via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
59857
ETag
"a9feb803b3e460f14cceff8adff584ee"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4992
X-Amz-Cf-Id
JXy0GBbuNlaBV7D-O3O40sMnbb6VG-YhcrNGIBG4_TgwokQGzfI9pA==
tf-0.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/tf-0.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
146ae3ee85c930d0db9635ef0b209cdd9bc7f90b798b518200b2eab6dcd23999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
YemkZK8995z.J2kHMJP6IyPQGmHT8FyB
Date
Fri, 25 Nov 2022 23:15:03 GMT
Via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
43561
ETag
"e77e001ea4c7f5035e900db015c976cb"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7490
X-Amz-Cf-Id
__sz8kQTzrlOfePGbRFbjs_SSA3RxsvS2I9_Qk2tP9Tcq8EGQl2SGw==
tf-1.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/tf-1.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90fc2ea1f98a704b5820a2e17c8ada425043c2dca1819d2d10d8169738573e4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
LIvn0PHA05XTgzbiuPcmRE1vW9gFKyq2
Date
Fri, 25 Nov 2022 16:52:57 GMT
Via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
66440
ETag
"f120190fdf5abb57a9d703b4ad1d52d6"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4866
X-Amz-Cf-Id
nH83fTqvdczgck-5sA6YYxS93q7Yh2hAvQ71elSXM2SRJ1edpW0-aw==
img-logo-1.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-logo-1.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a589874dee9ab8294d0b94d5aae579561214766c58625559d0fc45ff330b1e8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
1xGURSLJsW8RRpm_Vna7W1XQ3j3nLF6D
Date
Fri, 25 Nov 2022 18:43:03 GMT
Via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
59857
ETag
"21b8ce57c833e32a0a0f9b533bf8bcf3"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4246
X-Amz-Cf-Id
VdWgsJ54LXu1mkn5E8P0uJTlw_9pwNavBOaLlAqcR94vgXf8Q9SfcQ==
tf-2.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/tf-2.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6648b5bb3ae5a0a2f906ae31b80e2eba7b7fd42ce7cd990d791c398cb794e9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
4aOoxtUBnfYRBOLEhKXRbnYCzFbcCqU7
Date
Fri, 25 Nov 2022 16:08:33 GMT
Via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
69117
ETag
"d0cbca383d43d7a971917c8ffab3131b"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7860
X-Amz-Cf-Id
kesfsdXf3wGJiZtLCOfgRxXAiEESfPfQUc201eM5xW_k6SoXQhj9Rg==
img-cta.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-cta.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32a13b8094113882c01a671a58511bf6dfb57a2f29afa02353219888267e6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
XBnmPu7gVtaUO8.oGZlsLQLMZEfHwf9s
Date
Fri, 25 Nov 2022 18:33:10 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
60427
ETag
"087be6b3c72f3d604c41673e1ae5cecb"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4429
X-Amz-Cf-Id
6NlPVjCVTn7dxZGpgMbRt0Hc-MgkNpldaxJMsG5OgkijSGyFt_9Spw==
img-cta-arrow.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-cta-arrow.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfec9994f02562897d54968bd8553fa6b99d7a8402b7c3d60b69857e9059fe26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
YdqATYnwDnqQZnBmztd3M0oSmmYDBvaL
Date
Fri, 25 Nov 2022 18:43:03 GMT
Via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
59857
ETag
"fcecc34b1d88274c500b29a4ee83d941"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1800
X-Amz-Cf-Id
0aS0ifDwsxt9rwtrHza41GeclwXlEm2Sh22i1Vj6XNbqs1fDe6PUtw==
img-logo-end.png
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-logo-end.png
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d80251d59b2c8ec3665ab396d1cc906b8e115999a9c00dd2a96d49070a043db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
c02tCHFJinHauh_zllJiLLRRMIPepLEh
Date
Sat, 26 Nov 2022 05:06:24 GMT
Via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
22433
ETag
"41e3c0b78e96d4979e986b91ab92cb37"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6929
X-Amz-Cf-Id
Pl6yC_xoT9_p1HUYMaRQEir3asXhw_rhrxPcFI4a5e8ae2a-hWntfA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEkEAb_aBY-euNfLH7_UP_au3wA8AAAAAOAHgBAI&bg=!aWqlai7NAAbvMpMzzzI7ACkAdvg8WnCuVM_ss0QQY70M7WRV6fmxBTzDK_vhKls9JH3BFQkyOjw4gwIAAACmUgAAAANoAQeZAvFWILb0kVDqCMk_68BNEZeuBhAeMwlnoq2ZAHdAuqvTNFtxzYt1H8K2EGBC5NN_nFnIDMc4R69bg0lFzk192cdBkT11-wkHLQYUVD8lO1lXrSzEN3rspvGhfJg0qqulFHR5cjctaZyJZXkwNqc0HllQ3umB6Q5lcTnkVmV9CthS-MNLcE5Hwh5hbAwzsAIKvYxBGpw33aM5tjlsjyCd_dlhxSzy0HoJX8seRJCYX05r4fmq2zD5SIyaCGjF4Uv8Qk8THc99EczInVzA1Ja1W7DOPpTVF-f8QTawodZ0H2upCxvINbKdrnaN4jqkFvBHuTnSfUsu5iHxyGGwZYnG43vSHdaXpvX6LiiST0_uDtWyr1pY3Ti7mPxIZIywCRJaEXxF4F_VwZ3vGSV6ymHaGa5xQyK6ukZwiROzEZqO9cisKw1F2v-Ayb-xPabH4YfgPCvMIwERHnWeXeS1L0IMRu_W7__9ngyf6IkUUIsHCaROOVycO_Kzql9W7mLM4d7_CL3rOgxwr9Xtmu30f6v_D15mBmJnNDkL6g9GeQWW_cB3hvTeqTGCRB94AhowBcJIQp1kxLTQGg41sBPrfr60CbWDOD8qcud_Av_2FNQzk7wu9W1sb9-E3IVkh2N2cNqxX-0fjjxJKLmh-52XjMf8_dOg551TypXcumv2yDqThlP25fLw9piVHpmlJipuZTTdCcdf78hofA5mWA30cDIOg2zxO8La_8bwB0SllpPpL7bNsMN-BIY6kwcVonYw7Ptd5bsa2Ar1i_OQVZCrw6Jis4DLC23oeYnQId3mhy4WPS7Qq6iSwM5fOm7Mf1SG3Gmf8gEMwRdTXg3CPEDsiLP-Y9A5hs_vV33Efmq0bQD4KGNtX63HIXkYvFUHupiJkoq5jPAxmb82ZXjfvcc61FSdANm6L0b4tk9yiZfst4D8f1qa6yWZo0A5tQGSV5-ngD3N72_H5xAQPjM1WNVpV0o5KNWy74K3jLtUhtip3EecT0MhP9A
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 75BE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e375b7d76b7c5d80db47d1ca63cc43023170dbf1a327084ad6ef2e74ec00ae54
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h8zf77bntq3y3w65g04bf6k347dm0t1hh2a4t4km72af2wf46afjcgt89qrf3sxtmebcwf0zjhngg8rrw3mv62rmadphpq8hkx4sdkz35mvmtd8yw5n4r71ehveedhgff5q2f0pswytszhkgkvhpcqza4mp5h4fcvtw7v316vyc75ta71d8chsa31hvh8a2shm7stc75vyf589z50enqxgt4hrm7x1yk7kd19mrx9k36c3zkj00ss5kmn3sdwk2vhxzg57en3j4getkegmwetq5h4rww7tmfbh3354tmavxdprcz6k758c59s23wn27g7re75q75vb9wv0j96ghbb427wr59pgaj64zxkywaw80w8g8802mypgk33w5tcypys94en5faahtksped66w85ryszfb0qf80ds87ff1d3tbwwzbtc7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77023bdfd88e9b82-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:16 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame DC2F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08f80218ee70dac31eb2c0d6e6c5cabe76b707aa96ba963b5a88ca8e52b8302
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hyqdy79n7jyv12ks8hhjbw7cdj60ts5whqgg9p09dzqf5pn9hvxa740yct3thfrmscmbt6tb3s3t3f4jvddvn821tnte73xght4e91wqss113w7d8yrwqm7bm4s4r1f0hjsg33fr8g6snj7cb18kvkrjfe8tnm7ae5a33sd3z2vbben57ymqhpfhbjkj4jx55av8chnb654ejb4cx3mkdzn7j985nds45rrkheqrykd23jnfv26qra6zk4bnadkhfp8y4fzxpk4p2b4tcqmta6mrvf44e1at1d1xc77yqbxhan2a28yq1benjgksy3bm4hkae7k254pw1sr9pexj8ajh1zj8pxhv5fxh1mv4cy08hgvxfne150kqz7tpc1bs01rgcrvmsg95p6gepdnyk4p30hkf2jy2rwtpx6kxs2nycs0vqbft&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77023bdfe8c99b82-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:16 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
img-bg-0.jpg
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-0.jpg
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbd52c06371db8791566b6c846a7171bbe70a8458b8ab0d7dfa56609b4d783a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
yBOw0lWO1fyk0U9NzkSxi7w8p6NyzFm_
Date
Fri, 25 Nov 2022 19:38:23 GMT
Via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
56514
ETag
"a32b3556a7a348f06f74d35fe9af03b4"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54132
X-Amz-Cf-Id
AGM-z6cuvOFNJqMKv7PX9u2XjBCQhNeSC-sugnIrw9wKJVmBgRJGmQ==
img-bg-1.jpg
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-1.jpg
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27285bf12bd3bb26b6d56b49e715a106b8f974c874e55a23fd89413c910ee2f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
oCHL4e1yabMq0wcwBxDjFu7tq0l7xAgJ
Date
Fri, 25 Nov 2022 19:38:23 GMT
Via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
56514
ETag
"a7f1307bb51ce7911d472bce9218fb2a"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52558
X-Amz-Cf-Id
Jlbmuxs1W__GxLSdwbp03frBER28s5tgPLHOtA9ctbCdAQ2SyU1XsQ==
img-bg-2.jpg
cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/ Frame 0230 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/assets/img-bg-2.jpg
Requested by
Host: 1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19b22d4f5f821adb152465f85ae1ac906eb9a660e074b9aab73640236aac067d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
Zoa3yviumJWOJmU.g1hBNkIIFmJTVe88
Date
Fri, 25 Nov 2022 19:38:23 GMT
Via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Oct 2022 13:09:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
56514
ETag
"b8f07e69c9b3de1d00b2dfdc463e7d4f"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48764
X-Amz-Cf-Id
3Kp6XaMCPBPwNB6Y8G9MgwfuvaYzl6JCF3pGgX4oElAgY37o8RsG0w==
skeleton.js
static.adsafeprotected.com/ Frame 0230
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1180045/66149901/skeleton.js?adsafe_url=https%3A%2F%2Fsimcast.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fcdn.audiencemanager.de%2F&adsafe_type=f&adsafe_url=...
  • https://static.adsafeprotected.com/skeleton.js
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
2600:9000:223f:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
24528133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
-C0OyqYlq_vFexZQRkQWcy-xft80iVNEMlYZrC8n-BTqzuIfaEvEwA==

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
server
nginx
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8DF1 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82ec2d9d3b597d345cb6/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx_sDb_aBY4n8C8enzQb30prQD46H8qBt78y3tMMQ8C4QASCG94YmYJUCyAEJqQL9XeJ6n3CxPqgDAaoE0wFP0PXAXZ7A6SJiKGEaLbzmgQHAdqGZ6lBet80uHtirsepZhIrkJvQTQt9oCybcf-OXF5WAnlV9tK1_mffWNZQGT4OjtxpjTnh9GqI-a8K0U5kjRMCwucnKYJrMAkGMnOSjcDwgtLJVXK45y8Ga64HJrrhwG3sbWiedGSE2jyjmEfvtScJ4Lt0_gb6raEbLC5OYLOlC87gvcOF270e3MrrBPduamDfp79iW7d5vHCBm1XspqFUVrhDzgocr3aXLMhHJ_gmbFpTSKkcnHTClIyEe3vLSwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw%26sig%3DAOD64_2n_xAYnqgPkkRw-EgO5kv5iSy7qw%26client%3Dca-pub-1062972861553303%26dbm_c%3DAKAmf-CW_bPj8XPCSaxNUeYWLXnyNoeu_VailvQW6pP8sNbscschZ1Wtu-bgmGmsBFvC1HhbQ7n_G7T-pFo-1BI35cvK2vL3wtST7ve4pwR5jvzgZtEG2fTB38h8kax116Et0q95LqwM1Gk6xNcqeE9KQzSyrsiKtBgD8OZoNDsrc9iNDyA7fAg%26cry%3D1%26dbm_d%3DAKAmf-DjRFfC18aSkz2EcoHUogVXExxrcXNN7Mr5trQHiEFi9dNJiVWjJcZBjVxSTatOrudlIbNtKHJfkZnA3ddUW6kHJfkwpMYljzYBT4FKjljeqDr4xEupU489vnUxW9YSpeuf-x-7S3QYokkQt70IOXlBQ5wnIDhHOXYDmeBDX66fqW67m413TvbZlZKX4WanWmWHh8qOAUbDmmFCKGR5Bx7mWcMZeWxI7z5-5cjyg2kpyAMpIqMBaMrq4oPkKOuHak4-gRUGJklRdOvBvbjyCc1ryT-Ig7-pGTNaFFtoI-kad31_2teuB72e5KV9gc9MwSCncN9HA-Ji9bjhpFWy5rIvAEJFKMe7r1OGJzWMvUK5ZriNwWOSwIOueOvumRqFhynLqOnmqKE05bfF13Y0ojnTVAqi3RN3EcEfIXIZUU2dtVeH3r0yiKuvCBRuy4isM89TMliipkV6vITZRX9ZQuvlWlWgt4LA2dsqOM8yGTtWWHSchClQ8i2z3czFi18tuX-JcoYl2pSqE321PtkW_2XutnGbIj27Ho7xepdAzzjGnHjf1yk0BgFBCJpIeLaviNh812vlnXdDZINS8KR84xpLGhPo6A%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a69%2526adId%253D1be0cc6381f66ff125c1328531937066667285%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253D1be0cc6381f66ff125c1328531937066667285%2526curl%253DaHR0cHM6Ly8xNTAwYjk0YWQ0Y2QxNDNkY2RmNWU2Mzk2MGQ3M2UwMi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253De4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4%2526cb%253D1669469004%2526redirectUrl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
5687040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
tOdQ0isMly_16hABIooDXB0VcjPjFU99QOZceHh1RHpZaqe_fnfVDw==
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 75BE 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1669235721
age
224517
cf-polished
origSize=91628
x-guploader-uploadid
ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 20:35:56 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1669235756372606
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByGWcMojSM%2Fd5WTvHG7Ek7XGKAMv2ZmcHr%2BeKqUbMVvuaf62oI8K4g5TZ1cs4GWofdOzIsJXhYDBTirVpQ40XSdpJ1rzfk0WDtJC4sjUuFygYeZoA7ouVhq1piou7A%2F8xmTF4cJ3Fn0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77023be06a049b82-FRA
expires
Sat, 26 Nov 2022 12:20:16 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 75BE 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144316
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxny9Doi7YTFZm3MMGkZJ7wMdHpOlLhrChowd2Xb6Q7E0%2F6cZvtGkc4oM8J4B9bIeYN5%2FlWxZV6C5MmaEvYpCVukFwhq6ZgZqcCHwOB79eOP9s0v0OaQP%2BYRQ3KP3nZKSvVfQEEWC8tFt0k0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be078cb8ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 75BE 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143262
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBun45XTNa1OtfOQC%2FG7uvfrjNgk0jkW9bnBHanr1EOkVZ1aechR8GbrZaLHKBBby%2BoShkTSKnxjjKNcC98tPY1RzWVkEVJvo%2BNIR6%2FL31%2BO977rUBO2cD0CvbE9k5snwkoj4f8Fwd0bCnoc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be088e48ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
/
partner.o2online.de/a/ Frame 75BE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJHshpXdy_sCFUWL_Qcd3PEFZA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:17 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112612201778895692565X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 75BE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
140512
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X8rCMy9f7XGLezzBQ%2BRan4XPoFkRna%2B8HNdKNxegwfBhfeYPPaTPXN6tsGn1Tw8MgCFemOTAyYRnMmq8JwP2OtFuwKAZQVtwcpn4aWhu%2Foz1oqgkKmFs%2FkGpzKoLXoOb8Z6Gu300CyVl546"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be088e68ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 75BE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
845002
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0FIvUm3J2sE1kJr6vKKQu716PNqok4LkkWIlr%2B9lBq7K7EMri8%2BiLYTBDMy%2BLIOFLMb2bITmm0V6KsP2A%2BHn60odNNgcLtHAczYJP%2F7gapeLDnZUU3dBZ2wJGdh6xReXHhMs9taKz%2BWmBun"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be088e88ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
/
partner.blau.de/a/ Frame 75BE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COLshpXdy_sCFWuF_Qcdh10OkA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692575X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692575X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:17 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692575X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 75BE 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
142035
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eZHD5at0PM7jyiK%2BnG6fGn2m75yVI5b1CPKMQ2WxZwYuKFXCMbE22Gh9BTsC1KC0Vm18iALdI%2F4immCDDF5A%2BO45llfAifQIQOaT5VP3mFXyv7C57oHfOsTHdqhsAJMYS8kZk5JnoYNaTv7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be088ea8ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 75BE 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
140989
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FukNYtzPZsDtvMrbcmNzziTnDd%2FHW7w5fuy0higtrl%2FLdybZGILErhD7f3etr%2F0dpVL25D5L0RH742NqdImrGcKVzOEE91J%2BGq%2FaqZ4WrP6Tty%2F1mavzxHHx%2BB54YUD8xSnzHDh%2FYfOLhDs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be088ec8ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
ztpv.php
www.conrad.de/ Frame 75BE
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e1bf229-6d7c-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=
0
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e1bf229-6d7c-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=728&d=90&e=&g=731d13b7c2040622f0a869096daf0a87%2F6160676775315793564&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616565&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8kz6zh8xdcbkxeqtfsfxsygrbcgbqghmhaj7q05c9vgpzksh69b99n8ht7bjcbynzkkes3p1jzjmpwcf22bp44mnb44h8chbz9dcgvy972ysnc9q2gq5bcdfhjk8wnkwd30q27wh7tg0ntj6h8cs5pqvfr1k1943n2v4f26yvq5fn71dfw5daf7xv747pw7wdft0cn65a4kt1vts7azdkev166c7d6vcjwafh75s0yzx7a90e5r8fcja6wa7z2aapemf5p6n8d999mrqcg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDvn6b_aBY4z8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBIQCT9CuuAfeu2xLiM3vMEWSHLgV-R94rvtPPnGezVD2buYLq9qkTDafb-6MtQwK8tctj7PwNrVgijqf2DRKGfVQEGR9nTqYufTsGgj-EWoyinT1HKybjn4fJrDqhF8MBNnh0HPfIeJtWsjfG5HjD732ZN5BWQP3-B2ZZYzglrtffNBninmH2Q_p0hShCqUAOILAdkxX6MGtHkXeVstaI9NY_Ouw5BMIkTuoDQVf08NlXtEPB5jcUpVQPtRvqf8JUjruNRaC68HGuGKsSLHyPUuCfz09dv7qu_IoVrONjNm9CxqOUx-cVmhLoVcQYSqahGpd0nj_P2fy5M8L8DGuOR-xsUjMy47gBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_81UeUxlug6tTOfQflbUXHoTz5Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:17 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
510660673
cache-control
no-cache
cf-ray
77023be59e44915e-FRA
expires
-1

Redirect headers

Date
Sat, 26 Nov 2022 11:20:17 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e1bf229-6d7c-11ed-89a3-223851067267&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame DC2F 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1669235721
age
224517
cf-polished
origSize=91628
x-guploader-uploadid
ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 20:35:56 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1669235756372606
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWq8ll1mpi5hCoOsxkPYE1U8%2FVbRvl%2BrJamrOhbnifnBM1hEDUK%2FFLF1u44v%2BxXBzSJfQDCBRd8vuBBaor7ySipFm2jwZUcbLM9AToS0SCxuyqau1GpxdKFB0ZR6GTNfidDuTQAu2wk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77023be07a209b82-FRA
expires
Sat, 26 Nov 2022 12:20:16 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame DC2F 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144316
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPAqXtit9Gwch5Yaj%2F4UC8XRbp6fpjEM2vJ%2Bc38gNYbCyFsRsaJZuvATvDFCe6XzFzZ1kUYJ5EkhCtqpg0986lP39i%2BVvsg9FmQT%2B8P%2BttpnXQZWQ%2FhfY83RvZu9dMNPnBZeKiW5FmqkjMAg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be078cd8ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame DC2F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
838413
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd3M2PeSEQBOvEhuGsJJtxVK7HCqiSvyNkIRyknZz6eQ1XMnkOQcxVeyeuPirJR3wON4AV0QUSzJNtIrRgICJrLo5uqtYAKGX8RIN2%2FXRkWcFj8qbVAvicScHFdR4P8HBLk%2Fn5Azhop4j4cl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be0b9388ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
/
partner.o2online.de/a/ Frame DC2F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLL8h5Xdy_sCFQzruwgdnXUJ-w;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:17 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame DC2F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
140512
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDuWaWQv7dBakdKWmSImBWcdvax2gWQcHa6FRBl5XPMk7GWa6bmM956hYosej5L%2Bx6k6vObgHvEVE2Bh0Yk%2FwcCHmJBL6fVKWoVtmglSg%2F7X1pIZMDoKyLYd6IpAImJXnH2dCUHJFke7DrnJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be0b93e8ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame DC2F 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
845002
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EEAYem6xuPu4Qa3PfRp%2B9cnlxfjIh%2FAoyqrHaPCAitkozSvFB2QTRWosSohyEJ3GdqwLOqgjfcrIedIoJZr2OvZrWIfdOdfXBAudBSCX3bLD%2FPHLiyELbkdwYNlb2FW12frc9dPw2yDvm%2FT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be0b93f8ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
/
partner.blau.de/a/ Frame DC2F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPb-h5Xdy_sCFRGK_QcdrOkCRQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692571X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692571X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:17 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112612201778895692571X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame DC2F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
142035
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCdlfbpTPbhp%2FYN7bWGE0JgNEqM9LzU5i8%2FvdLgTVeGvJ1C5T1SlVzL%2BIX1FNC%2FCgwW%2FyA5ycZOgEKopoGlZ8vAwUn8OtySmcPHl3UPlvlyft5jl5lswfRWKgPJyAja7LBADGhJUHjFD1zN7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be0b9408ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame DC2F 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
140989
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ0176JqpcgOQoiXtvZ%2FmhMyRcOCacufbj2VnMedS%2FPYT%2BqpzMCi4IA%2B%2F72zxnWADRwBWMXiEjUmzz2qAyVDuRyufs9GoGzRmFpEuZ4%2BWj1aJOStNruWn3ECGOiYrSE8oS3UMyNBfduDeI8x"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77023be0b9428ffe-FRA
expires
Sun, 27 Nov 2022 11:20:16 GMT
ztpv.php
www.conrad.de/ Frame DC2F
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e18e4e0-6d7c-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e18e4e0-6d7c-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C322829&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=250&e=&g=496801a16f3d4c37ba08969ae7d5ad92%2F11504423371185451342&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669461616590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyaq8gj882pnq3gpv82sszme58qkkcrkkjmaja60dkhkbx8gezwcp583857h9eaymy2p6ny2x9j5gg6mws3ahwbn2fajzx0yxwkjfm5ez6wbzdp5xtk7q1nhhh5zsmwdk5prf4j26xfc2dbbdfranhevwf3erqv1avqaa2k9bvxp1tfeq6ta9a1gvsv8k2eywnc7g4bj28sj84j5kjmxeq3s0s5jjzt045pea752xxfhhd7tps8jvzgh4vadqvzvyba69h8ma4wta33kbjg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCFMNZb_aBY4v8C8enzQb30prQD5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCakC_V3iep9wsT7gAgCoAwGqBPsBT9ABEb7OYYqWvGwS2ZQXXyFf3U-lFG8ytXC2y_RoVM_HHgK1x0gQa-XA1s6Bla8kSfmboIjVgA4XE4K5R3MeDSYjmumRef_vHSq0-_oj5xglUvsTKtVo6xk5IwEN6pBBzLwwHQQlHZj44-V67-Hf2BFkvvfCPNGEHmLeqxCPI3heZTU_WpTWa8k0ONWE-V1RzL-9eF8rNC4fVu4DDbIrbVz-Tk8Ud0fK557w9ZTp0TUPjy1SjU_7MJWvKaAtx2S2bo3xJw87IwKQrfLeIysqsYj7J6Wneu1CSy3MnEtMKZ6nWBv3hXMojAFIMOo_jE-8-S5cWZ1bF_jh6KHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_02iIKVGWbc1OjUUE_cEdLDbBEATQ%2526client%253Dca-pub-1062972861553303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:17 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
510660675
cache-control
no-cache
cf-ray
77023be59e3d915e-FRA
expires
-1

Redirect headers

Date
Sat, 26 Nov 2022 11:20:17 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1669461617_4e18e4e0-6d7c-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubns,pingTime:-3,time:214,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:171%7D,%7Bpiv:0,vs:o,r:l,t:213%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:214,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt41.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubnu,pingTime:-6,time:216,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:216,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173%7D&tpiLookup=ao:simcast.com*%2C1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com*&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubnY,pingTime:-2,time:247,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:191,bdZ:387,beA:393,beZ:395,mfA:537,cmA:539,inA:539,inZ:544,prA:544,prZ:557,si:566,poA:568,poZ:585,cmZ:585,mfZ:585,loA:609,loZ:613,ltA:640,ltZ:640,mdA:396,mdZ:523%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:171%7D,%7Bpiv:0,vs:o,r:l,t:213%7D,%7Bpiv:100,vs:i,r:,t:246%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1,o:246,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D,%7Bsl:i,t:246,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:173,sinceFw:72,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt43.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
syncframe
gum.criteo.com/ Frame 0E33 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:16 GMT
server
Kestrel
server-processing-duration-in-ticks
906276
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubqI,time:416,type:e,im:%7Bimprf:%7Bttecl:561,ecd:96,tsecr:89%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:170,o:246,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D,%7Bsl:i,t:246,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B170~100%5D,as:%5B170~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173,sis:358%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt44.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubu8,pingTime:-10,time:628,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669461617128%7C%7C4fe87bfe16d416868295c858f28ccfe9%7C%7C6663fc817094191839d96ef6de7d9494%7C%7C2da372755a6fcbb4d0e2a7dcb9951533%7C%7Cf08c84661a420ff0d22d32903dee2676%7C%7C2c07c38ebb42acd44759b437c3122d8d%7C%7C1f45b2da445bda32f7d459f2967d8fa3%7C%7Cc8edfdd345f705427d46281004c97748%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sid
mug.criteo.com/ Frame 0E33
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simcast.com&sn=ChromeSyncframe&so=0&topUrl=simcast.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Ul2NnHxnUGNWbW5BbG4vNTZCVjJyOFZUYytYOUZuMk1yMW40VndMNWljai9rQ0ZsZlg5TnF0K0tCNzQxOTZnOUg0b1dmY0g5T2RSclprK2VxU3E5WCtHNGZYbTZvcWRRZGxSUWorakc2UE5wSkdzQzlVaDUwTitkUG1rRj...
419 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ul2NnHxnUGNWbW5BbG4vNTZCVjJyOFZUYytYOUZuMk1yMW40VndMNWljai9rQ0ZsZlg5TnF0K0tCNzQxOTZnOUg0b1dmY0g5T2RSclprK2VxU3E5WCtHNGZYbTZvcWRRZGxSUWorakc2UE5wSkdzQzlVaDUwTitkUG1rRjc2M1lRODMyd2x6bXdBRFpWYWxrcnlHakxvNDhDQmFFTS8zWlc2RFAxT3d6ZkVPeVRPSXVyMExyS2JNbHZYdkdyZ0tjK01NbWd3UFNzc1R2Z0QyZGV5MkFON3hGbU1jK3pYUFl3ejRvRE9QNjZ4M3IyK1JJbWhwcTRvUkZ5dHdxenhqWlV4K0NQVW9IVnBjK0hSWTdycjFETUJXa2Jydz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2a6cf5211a43e97b37eab75cd310158c782263f8d79f5a4d967ae00e0d9026fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1427480
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Ul2NnHxnUGNWbW5BbG4vNTZCVjJyOFZUYytYOUZuMk1yMW40VndMNWljai9rQ0ZsZlg5TnF0K0tCNzQxOTZnOUg0b1dmY0g5T2RSclprK2VxU3E5WCtHNGZYbTZvcWRRZGxSUWorakc2UE5wSkdzQzlVaDUwTitkUG1rRjc2M1lRODMyd2x6bXdBRFpWYWxrcnlHakxvNDhDQmFFTS8zWlc2RFAxT3d6ZkVPeVRPSXVyMExyS2JNbHZYdkdyZ0tjK01NbWd3UFNzc1R2Z0QyZGV5MkFON3hGbU1jK3pYUFl3ejRvRE9QNjZ4M3IyK1JJbWhwcTRvUkZ5dHdxenhqWlV4K0NQVW9IVnBjK0hSWTdycjFETUJXa2Jydz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
536685
content-length
0
expires
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 11:20:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B35B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbMsgH_t62B5YdKI0uDn5DATwVpHP5bJ8iU-9qVLk2IBWB1rmGgig8PaCLKnZF7b6RXEitzLioEXR-yN9TcSbwflnz&sig=Cg0ArKJSzK3gUITlgBIfEAE&cid=CAASF-RoDMlnIlr755bLQYYnNRirQbKdt_2F&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2429799460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669461615764&rpt=417&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B75 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnPIEWS9VxkzA34vbALNi1WedDvHLXaTC5Zl9y1fR9ZO3-n54QJK3tcAl4QH99WJkHX4iGBlq51_ykrtCqssFzSOGd&sig=Cg0ArKJSzHzA-cow2CiJEAE&cid=CAASF-RoMZlzo0dxqnOcMDmxc-7nN7FfVR7m&id=lidar2&mcvt=1003&p=495,1250,745,1550&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2429697290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669461615760&rpt=384&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
anz.audiencemanager.de/log/ad/ Frame 0228 		43 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anz.audiencemanager.de/log/ad/viewability?id=63468d106d216e35f43d8a69&adId=1be0cc6381f66ff125c1328531937066667285&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=e4bd4e4c18a5c950e558cba7c4c019a9ed25700e101c9762caed3bf662c4f8d4&cb=1669470396&lsUserId=null&time=1&percentage=51&hless=0&jsCurl=1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
Requested by
Host: leaxusfinancial.com
URL: http://leaxusfinancial.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.117.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-117-113.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:20:17 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by
PHP/7.2.9
requestid
50b29e6381f6715307d7184571017349588799
content-type
image/gif
status
200 OK
hostname
10-0-13-133
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
responsetime
7
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 0228 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiE0pf8wxMmUNVtc6KGi9dCFfrKI_VNv2tdo3eBp6dSRZ2gW4zWkS37fJQpji9oLI0T930qEtISyZT4dWPmwhXT7VmcWAc7T2bKW9coRR2iSeib__p4ZRT-5nw&sai=AMfl-YQOxGQKGUCtaSAYbytgmdNoh6cRnLtc6Ifrghg2hhK2kZpZDui8VQJjn9QOKVMkj2LuXPQH5QtQ8RTHN6V1Mj85APytUSCw6d8PdPPgqL4oo1vcEJDgj_hQbQ2MLQ&sig=Cg0ArKJSzGrg239XGsrsEAE&cid=CAQSOwDq26N9dSwWQY7-OrsgZHnotRL7HhoSvh4CNEafbLynaBYh90mlG2pha97G0uXdXaMVfVWs2jqnRhokGAEgEw&id=lidar2&mcvt=1000&p=150,315,400,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3073657333&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669461615751&rpt=601&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 3323 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simcast.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 11:20:17 GMT
server
Kestrel
server-processing-duration-in-ticks
6285364
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3323
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simcast.com&sn=ChromeSyncframe&so=3&topUrl=simcast.com&bundle=ZEyJlF9KVm5DYVdoY2x3TGJZNzdHOUpuVE9uMjgxemR5VUtaNGhaZnV1NzY4YUUxem1nSFAwYkV5...
  • https://mug.criteo.com/sid?cpp=qtlL2XxGUG5GOGV4K1IycXl0QWg2Y1BvR1UvbjZJdEJZdG45KzFDbUNtaHNSZ3I5UEN3d281V01jYkhUTTNNdUNZYXdHa2dMZTVRQ3ZGMUJtbzhuR2VqdERpUkxOS1BYdGpuK1hSVktnQXA4SlpuMGcrS0JWd1hnbjBEeG...
425 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qtlL2XxGUG5GOGV4K1IycXl0QWg2Y1BvR1UvbjZJdEJZdG45KzFDbUNtaHNSZ3I5UEN3d281V01jYkhUTTNNdUNZYXdHa2dMZTVRQ3ZGMUJtbzhuR2VqdERpUkxOS1BYdGpuK1hSVktnQXA4SlpuMGcrS0JWd1hnbjBEeGcvaURQcFJQM2FGQUpyR1RFcGxPSGVwYjNRWmxNWVdyVEVOdC81Y1dYWnI1VG9sMG90RlgycWdSZm02emp1M3J4K2tTQ2NvMTJIUng2ZklGRHo3QUNhcHZFL0VPTW5VOThOdE0rSVg5UWkrV1JNcHRtMEJrSmhxTzBMdjBycVNydTB3YjkwYTNRMExLOWltSUVhWlhydnBzOXoyMHFodW0rZmwyNEFOZjFnV3hJRmI2ejNkUT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7e2054c65fd365e51a1332817d57c8420178f4b684dace56f1ee7527d453a28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2404765
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qtlL2XxGUG5GOGV4K1IycXl0QWg2Y1BvR1UvbjZJdEJZdG45KzFDbUNtaHNSZ3I5UEN3d281V01jYkhUTTNNdUNZYXdHa2dMZTVRQ3ZGMUJtbzhuR2VqdERpUkxOS1BYdGpuK1hSVktnQXA4SlpuMGcrS0JWd1hnbjBEeGcvaURQcFJQM2FGQUpyR1RFcGxPSGVwYjNRWmxNWVdyVEVOdC81Y1dYWnI1VG9sMG90RlgycWdSZm02emp1M3J4K2tTQ2NvMTJIUng2ZklGRHo3QUNhcHZFL0VPTW5VOThOdE0rSVg5UWkrV1JNcHRtMEJrSmhxTzBMdjBycVNydTB3YjkwYTNRMExLOWltSUVhWlhydnBzOXoyMHFodW0rZmwyNEFOZjFnV3hJRmI2ejNkUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
676543
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame 5579 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.46.23 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-46-23.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 11:20:18 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubE6,pingTime:1,time:1246,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:171%7D,%7Bpiv:0,vs:o,r:l,t:213%7D,%7Bpiv:100,vs:i,r:,t:246%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1000,o:246,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D,%7Bsl:i,t:246,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:154,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173,sis:358%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ubE7,pingTime:1,time:1247,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:171%7D,%7Bpiv:0,vs:o,r:l,t:213%7D,%7Bpiv:100,vs:i,r:,t:246%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:246,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D,%7Bsl:i,t:246,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:154,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173,sis:358%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:17 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1127080431113253496
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1127080431113253496
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:18 GMT
Server
Adtelligent
Etag
ed5bb43ca383b7f1
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:18 GMT
AN-X-Request-Uuid
49febc9c-a1ee-4358-8a6d-517eaf81dcca
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1127080431113253496
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidswitch
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
54.171.40.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-40-8.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 26 Nov 2022 11:20:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADzDk7HA-0AACGGanx30w&expiration=1670671218&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADzDk7HA-0AACGGanx30w&expiration=1670671218&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 11:20:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADzDk7HA-0AACGGanx30w&expiration=1670671218&gdpr=0
Date
Sat, 26 Nov 2022 11:20:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 5579 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.46.23 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-46-23.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
323beb1fff02e028bd3fe5ce0cc5f68c5273430e7c34c3d0148ed3e2bdf789bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 11:20:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 05:30:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65399
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 05:30:17 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5579 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
397s7r68o390srp5130q8o9n411n6733-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		560 KB
561 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/397s7r68o390srp5130q8o9n411n6733-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221123/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e748979ca0d5d18e6ab068f41ddf6b44c47cffcd001f79d62d6ff70edf917ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:14:38 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
61543
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
573212
last-modified
Fri, 25 Nov 2022 18:03:13 GMT
server
AmazonS3
etag
"29c6815ab4bc2ee9afe2e116f8c26632"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
zbIFNYaMG0A1uS_uwh7995_cFG_UldTj_XU36Vfq74tlZrdXnNeJVw==
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ucGC,pingTime:5,time:5246,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:171%7D,%7Bpiv:0,vs:o,r:l,t:213%7D,%7Bpiv:100,vs:i,r:,t:246%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5000,o:246,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D,%7Bsl:i,t:246,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:115,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173,sis:358%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:21 GMT
server
nginx
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0230 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=29555493-a829-bb30-93e7-0d3c645036c0&tv=%7Bc:v4ucGD,pingTime:5,time:5247,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:171%7D,%7Bpiv:0,vs:o,r:l,t:213%7D,%7Bpiv:100,vs:i,r:,t:246%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5001,o:246,n:213,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:171,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~1,0~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:o,t:213,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D,%7Bsl:i,t:246,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:115,fm:toi6O68+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163*.1180045-66149901%7C164%7C171%7C172%7C1811%7C1812%7C182%7C1911%7C1912%7C192,idMap:163*,rmeas:1,rend:1,renddet:IMG.qs,siq:173,sis:358%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b143:d45e:4e79:c71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.audiencemanager.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 11:20:21 GMT
server
nginx
x-server-name
dt38.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet object| liQ function| myConfirm function| myFunction function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| __mobxInstanceCount undefined| __mobxGlobals function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer object| headertag string| p1653183464 string| p1653183519 number| p1653183520 undefined| oAddDVTag_ undefined| oGetPageStats_ undefined| p1653183549 undefined| p1653183544 undefined| p1653183541 undefined| oDeleteHardcodeRefresh_ undefined| oRefreshHardcode_ undefined| p1653183538 undefined| p1653183521 undefined| p1653183517 undefined| p1653183515 undefined| p1653183527 undefined| p1653183524 undefined| p1653183522 undefined| p1653183498 undefined| p1653183503 undefined| p1653183489 undefined| p1653183488 undefined| p1653183486 undefined| p1653183479 undefined| oEnableNullChecklistener_ undefined| p1653183531 undefined| p1653183470 undefined| oPageUnload undefined| p1653183399 undefined| p1653183404 undefined| p1653183523 undefined| p1653183389 undefined| p1653183390 undefined| p1653183391 undefined| p1653183392 undefined| p1653183393 undefined| p1653183395 undefined| p1653183396 undefined| p1653183417 undefined| p1653183459 undefined| p1653183400 undefined| p1653183467 undefined| p1653183435 undefined| p1653183436 undefined| p1653183473 undefined| p1653183474 undefined| p1653183478 undefined| p1653183480 undefined| p1653183482 undefined| p1653183532 undefined| p1653183507 undefined| p1653183534 undefined| oObserverChanges_ undefined| p1653183533 undefined| p1653183535 undefined| oAudienceListenerEnabled_ undefined| p1653183484 undefined| oDevice undefined| oParentHostname_ undefined| oParentPathname_ undefined| p1653183485 undefined| p1653183487 undefined| p1653183502 undefined| p1653183504 undefined| p1653183505 undefined| p1653183494 undefined| oAdSlots_ object| otkjs undefined| p1653183525 undefined| p1653183526 undefined| optimeraInsights undefined| p1653183536 undefined| oLoadedAdImpressionDivs_ undefined| oTrackSlots_ undefined| p1653183547 undefined| p1653183548 undefined| oEnableInfiniteScrollUrls_ undefined| p1653183543 undefined| p1653183546 undefined| p1653183550 undefined| oHasStnVideo_ undefined| p1653183444 undefined| p1653183397 undefined| p1653183398 undefined| p1653183466 undefined| p1653183446 undefined| p1653183445 undefined| p1653183448 undefined| p1653183552 undefined| p1653183553 undefined| dateObj undefined| month undefined| day undefined| year undefined| today undefined| activeDates undefined| p1653183569 object| opbjs object| oaudLibjs object| ovpjs object| google_tag_manager string| GoogleAnalyticsObject function| ga object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_822901 object| Criteo object| gaplugins object| gaData object| closure_lm_774160 object| GoogleGcLKhOms function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 function| setImmediate function| clearImmediate function| __esp_getUID2Async object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo_identitytag_132 object| criteo_pubtag_prebid_130 object| Criteo_prebid_130

69 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: ifhficnnpts7ku7qk7tooeugd7
simcast.com/ Name: uidinfer
Value: 79419112
simcast.com/ Name: _uc_referrer
Value: http://leaxusfinancial.com/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: __gpi
Value: UID=00000b879d8aea98:T=1669461613:RT=1669461613:S=ALNI_MY9yNf9iIm8t46zyY6ziE7HKrJ2vQ
.simcast.com/ Name: _ga
Value: GA1.2.1759178039.1669461614
.simcast.com/ Name: _gid
Value: GA1.2.1803935905.1669461614
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkpbp4Fz7JIwBoEgZ27wYz5pCXZKYvw9tWsp7xVvcE1vmzb0aTbQCLqe7JgFoU
simcast.com/ Name: _lr_retry_request
Value: true
simcast.com/ Name: _lr_env_src_ats
Value: false
.simcast.com/ Name: __gads
Value: ID=3393c437463bf46e-22827e2793d700b1:T=1669461613:S=ALNI_MbNFj7Cc0Jif7f0SqaasNd84MOVSQ
.adnxs.com/ Name: uuid2
Value: 1127080431113253496
.liadm.com/ Name: lidid
Value: f0d13215-0ef5-4fe7-8c4c-0f6f444af040
simcast.com/ Name: pbjs_li_nonid
Value: %7B%7D
.ctnsnet.com/ Name: cid_6e0fb1a855fa483c96087dd122a4f9ac
Value: 1
.ctnsnet.com/ Name: gid_CAESEHaJGWEuqlxXSbLIbIpFDZQ
Value: 1
.3lift.com/ Name: tluid
Value: 4119828460679057747052
.blismedia.com/ Name: b
Value: 6381F6705C0CAFA59F75D918BLIS
.lijit.com/ Name: ljt_reader
Value: FtyotGZHrItODIs2QKO1ecQV
.bidswitch.net/ Name: tuuid
Value: 3734b2ea-bec6-417a-99aa-9f958e2973bd
.bidswitch.net/ Name: c
Value: 1669461616
.bidswitch.net/ Name: tuuid_lu
Value: 1669461616
.adfarm1.adition.com/ Name: UserID1
Value: 7170283042649143437
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In1F+eBc!@wnfH8K6pQK`!5=E<*L5?%M3i.u!0hr*0g5+DB83`4osl]s=z??kCbu/Uv'%nugO%v4VB%nn>8*%pt$
.casalemedia.com/ Name: CMID
Value: Y4H2cEsonu6kfQlj8XmERAAA
.casalemedia.com/ Name: CMPS
Value: 5147
.casalemedia.com/ Name: CMPRO
Value: 5147
.bidswitch.net/ Name: google_push
Value: ASkJ3FaVzLm6yafW46G9_mMmelJUyuRDs64G8ocbkKwUIPWS_8hTC7Zw4HljcDIolqwj7iR6SLd-9K6jstvFFmLoEnd03whEKYby
.yandex.ru/ Name: yuidss
Value: 6959782631669461616
.yandex.ru/ Name: yandexuid
Value: 6959782631669461616
.uuidksinc.net/ Name: jcsuuid
Value: KbhFzcw61a8uWZyhE62W
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c8120ac2-bbe8-4451-5a9e-ce99b81354d7.4w6S4KN4gbGECutjN73ngM4u80ek3dnOpbXRkkPllOI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AyBIKwrvoRFFans6ZuBNU19ly14U.mqPPYs4iEK3zr4CqgrrWDktS0XXEoTFqyfmvzF55Wrs
.yahoo.com/ Name: A3
Value: d=AQABBHD2gWMCEL0fTYM_8SqaX3ta435MdhEFEgEBAQFHg2OLYwAAAAAA_eMAAA&S=AQAAAq9hSvZVTT93H98xGxzpwUg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2125dec6-84bd-49e6-8d44-d1ece85520a0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njk0NjE2MTY7MjswMjGBRPfVRmui2uWNEuE2LZZaDmDk431jovEqnV/fs89ikg==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2875:u=1:x=1:i=1669461616:t=1669548016:v=2:sig=AQFvTqM4mA9yrzmYLNmnqAvONYqUo6Gf"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
fksnk.com/ Name: AWSALBCORS
Value: lhM+wgP9QwmBCJerQAuvJzip7F+wRb5UuppSRNvDHpRfuE8mX1WGahwn/LgITtw3M6wvAMZeqUG4JLyOBNlBC6K3Jquempfr0F6USEDi5pZWZ2pRi9rsHjZU5uNy
.fksnk.com/ Name: f_001
Value: BF79648E5D78D6C5
.fksnk.com/ Name: g_001
Value: 1
.c.appier.net/ Name: _auid
Value: VE1972ZeAZOpIbQlcPaBYw
.c.appier.net/ Name: _gu
Value: CAESEO30Fhs2Kyy6thERh2_Y_B8
.criteo.com/ Name: uid
Value: d4a7b1f2-ead1-424f-8bbb-1f1392e9fe4b
.awin1.com/ Name: AWSESS
Value: 377129:2470185
.awin1.com/ Name: awpv11354
Value: 412871|1669461617|4e1bf229-6d7c-11ed-89a3-223851067267
.blau.de/ Name: nscQ486
Value: V
.o2online.de/ Name: nscQ485
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY5NDYxNjE3dmxlYTFkZTIwMjIxMTI2MTIyMDE3Nzg4OTU2OTI1NzVYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022112612201778895692575X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY2OTQ2MTYxN3ZsZWExZGUyMDIyMTEyNjEyMjAxNzc4ODk1NjkyNTczWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022112612201778895692573X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY2OTQ2MTYxN3ZsZWExZGUyMDIyMTEyNjEyMjAxNzc4ODk1NjkyNTczWDExNzcwM1YxMjI2MTMyNzAyT
www.conrad.de/ Name: HTLP_timestamp
Value: 1669461617
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 1gnjpbXImKO9gHBxo1dICYhIfsUXhWgjF7HsvtlkVRY-1669461617-0-ASpR3L/YPCNFfBeuh9dJ+p0qGNgXJ90nO/vixDta4kmVm8ql2J2DKtVemlUR8oWdkyqQEXxq6ETzFo0CiNWdV3Q=
.simcast.com/ Name: cto_bundle
Value: ECVRYl9KVm5DYVdoY2x3TGJZNzdHOUpuVE9tVnBrVE5hNDZIWElIUXF0WTdWakdRJTJGRkxZWWVtUGFIR210MGR0UVFNcmc2JTJCSGpQcFJHMmNjS3ZocWNBWiUyRk9CbFFtcFg3Qzc1bHljOEUyWVNYMm1hRjAwRkg1ejNCNDVybEZKYkxHSXgyZEJKJTJGMkRKOHFrZkd5SjdmY3BETXFjdyUzRCUzRA
.bidr.io/ Name: bito
Value: AADzDk7HA-0AACGGanx30w
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMTS
Value: 3257
.adtelligent.com/ Name: vmuid
Value: ed5bb43ca383b7f1
.adtelligent.com/ Name: a584890
Value: 1127080431113253496

12 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=leaxusfinancial.com&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1500b94ad4cd143dcdf5e63960d73e02.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
an.yandex.ru
anz.audiencemanager.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
at.teads.tv
bcp.crwdcntrl.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.fr.eu.criteo.com
cat.hbwrapper.com
cc.adingo.jp
cdn.adapex.io
cdn.audiencemanager.de
cdn.id5-sync.com
cdn.resonate.com
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
code.jquery.com
csm.eu.criteo.net
d15kdpgjg3unno.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d3div1mtym39ic.cloudfront.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
ghb.adtelligent.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
im.bluevoox.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
leaxusfinancial.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
player.sendtonews.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
prod-rtb.ad4mat.net
prod.uidapi.com
pubads.g.doubleclick.net
px.ads.linkedin.com
rtb.nl.eu.criteo.com
s.seedtag.com
s.uuidksinc.net
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure-gl.imrworldwide.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simcast.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
sync.adtelligent.com
sync.inmobi.com
sync.srv.stackadapt.com
sync.teads.tv
tags.crwdcntrl.net
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.audiencemanager.de
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
api.rlcdn.com
prebid.smilewanted.com
104.115.97.56
104.18.12.242
104.18.33.19
104.18.36.94
104.66.62.204
108.128.117.113
108.138.17.31
108.138.4.10
108.138.7.20
13.248.245.213
13.32.106.197
13.32.121.72
141.95.33.111
141.95.98.64
142.250.185.198
142.250.74.194
147.75.85.234
172.105.235.90
172.64.154.237
174.137.133.49
178.250.0.160
178.250.2.146
18.156.195.47
18.189.199.42
18.203.7.223
18.66.147.24
18.66.97.101
18.66.97.8
184.31.143.212
184.50.46.23
185.64.189.112
185.80.39.216
185.89.208.11
185.94.180.124
192.241.157.60
20.127.253.7
2001:4de0:ac18::1:a:2b
216.52.2.48
23.55.125.54
2406:2600:4::1
2600:1901:0:76b9::
2600:1901:0:8344::
2600:1f18:1aca:4280:b143:d45e:4e79:c71
2600:3c02::f03c:92ff:fe2d:3e71
2600:9000:223c:be00:1e:a43d:b640:93a1
2600:9000:223f:e000:8:48e:53c0:93a1
2600:9000:236e:d600:11:1ed0:3900:21
2600:9000:2490:7400:11:b309:9100:21
2606:4700:10::6816:3456
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6810:84e5
2606:4700::6811:180e
2606:4700::6812:7f05
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::1a
2a02:2638:1::2
2a02:2638::b
2a02:2638::c
2a02:26f0:3500:16::215:14a0
2a02:6b8::90
2a02:fa8:8806:16::1460
2a05:d018:d29:3605:2256:d6d3:539d:24e0
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.121.4.183
3.125.152.115
31.220.27.134
34.107.148.139
34.120.133.55
34.149.50.64
34.233.109.239
34.96.105.8
34.98.64.218
35.157.180.193
35.167.189.6
35.186.193.173
35.71.131.137
35.74.45.237
37.252.171.84
45.79.244.12
46.4.41.145
51.75.86.98
52.19.187.82
52.205.40.19
52.29.25.216
52.29.96.46
52.45.175.185
52.55.14.74
54.156.207.182
54.162.152.214
54.171.40.8
54.76.134.229
54.85.209.208
62.149.1.122
66.155.71.25
69.173.144.138
69.173.144.139
72.52.179.174
84.200.5.215
85.114.159.93
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
025031785e86abaa3e43592a6f53f18e1dd435ceab8988dbb6b4837ba070027e
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
08096af58544baf2b89acc2cf83a63c90870c001e0f189248dbab1f68ae100cd
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
093f75472cb42490db7e9de339a48e79fda12a1d48089cf1b3753fb0c12c6d37
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e58f0ccdb68bb246e496df7620ee42ce2848e10c4cea3ff050ba97ec14f6f8
146ae3ee85c930d0db9635ef0b209cdd9bc7f90b798b518200b2eab6dcd23999
19b22d4f5f821adb152465f85ae1ac906eb9a660e074b9aab73640236aac067d
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1b9406d1dc11c962a928dbd0076ee0fd2c957035ca37eef9f6cd61da4e565e48
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ea1b16a2ac695c0b0c7dc62485cd8b3115c16250d15966416b95ce589068f2b
21c5c9c2ad43e689327bd5e3ca7338775d4cba94ec517b971d1d585b4e999436
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
23f2a97a2607d0dc1b5e8518e81a3cc63e6572a2bb619c94ab4910ba83537505
26c355d1c57e454a38f5e311065808d4a26c177eb0d8ac613da7ce620a67aca8
27285bf12bd3bb26b6d56b49e715a106b8f974c874e55a23fd89413c910ee2f1
27bd3e558c75229c619e5dec31543b7749bde126968adb14e8939e98017efc3f
291d5ea012bccaa4b4cd955fe8f8a6098ba2625a7fcacadac9d08f10d91eb8f2
2a5cf60a53f1354b4dae619892c42618b287bc13e7ebc97fbbf3ec3658bffdf9
2a6cf5211a43e97b37eab75cd310158c782263f8d79f5a4d967ae00e0d9026fa
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323beb1fff02e028bd3fe5ce0cc5f68c5273430e7c34c3d0148ed3e2bdf789bd
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
350b9da6663f716be70ebdf2f1dfd1e89b4ae0be015f120229c257ef934b1814
36dcf000478cf87979f6fc8702dd2f68a11295c3bfdbc3c88d586b08e0ebbbb1
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3bb67bdb38a9feef291f50c3a1eda23bce2453b23a5d73e377360667c0dd739b
3e51529273fb1ff43ff6c305641a98fa9d20ad7d9a8bef0568c4751699c81b89
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b19851bae2c8d96ef409475ddc5bc94b0061b34c4b520d3f1638454ee00d01
42d3726ee89c13a920fc85244f4c84c0bcc0a547f48df05b0de18fb8ed4cdb68
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a
4d0b0bd501bdeea8ff591ba2e0f57326f44a92506fb1ac2d01861e0d03811730
4d3c158e5f5740eb1ba78651f11ae1b57132b208424b4c49f3dc690a557a685c
4db1db38f5794a7aec031263a293ecd25846902a4687fe139cbf8d2cf64e1103
4dc3e11d42c6a5197f04dbf3f61a66d3cbf52dcbf970ae1213b9dbd2f7b5685b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5334b6dc7d19548c961bbc5a6bfc61e21131b6b29afcd86e82eebc2259d1ce2c
541be6e17b933f0ca125df086e4d534c432ef226508f1fdae32c583fff79d9a8
545b4e763519e81b5251aa5b50daa81ac3a22b3feb09bcc8fd1252dd4b0fc028
545d960652f4adfcf1dcaf3ecca7dad350c0c9c5d7dc8a0eee7638aae08d79a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a73bd63b39fa7acca98326360b507792f97f1ed0f8e9169f017d19e44ff876
54dea0e54c8ff7ded10ed34346406782cd4b11c1e34aedad6f1289b48c6339cb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c11dee22420ec7558166c16b2090c4af865d618878fe3ef413c3956589b651
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5c83f9f6ea7213a4a8f7b17db7b6e768582cdd2fe36fd9989009d1a1d5cad593
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f2d571dc958545acd535c55ab8b0480c4f4d5ff9f0222adc1189fa389a571be
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cbcfee8f57cb084bebdd0efc1c2f0a44d108d49d67f0f1a251e87a5df9be37
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6648b5bb3ae5a0a2f906ae31b80e2eba7b7fd42ce7cd990d791c398cb794e9b1
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
6775fde9592b00fbc72ce9a127f316d89684c73de916c45ed63261a835af2e08
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
689270673fe38b2ddbc0f63614bf4fff81a99ae6b5b8b1dfcfc51164fce68de9
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b83bc177ce65349cbcef2d2615a39a12fb71d01e3572c1fc8ad1c76eada66a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
7027942234d07bc86d93352737d028aec6e820d0818f48c54019e35a7f89a053
70b7e40960cc682c9f685bc107fc7948fce56e054814c0b86214d283130a523d
70d4bb0b3b03b8414f62b8e2b0736a48efdca9c32c720992c25ff7e504bbc816
71080da69830f8a2c33bdada9604d3289a87dc213a8f73c7e419e6a067c44d67
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72d381802417f441d82a25214689414b14ecdf32941461a88ab0b3c86f2b5612
738b0581f78519e0903375a2ee009ab54ca6cf2005382108d9b5b95db1a8e3f0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1
7717da18fff86552728b93961721cf5acb4fdd04c8e08535096af16bb206587f
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79661c48ded6f8cc0c83bc4c8f700306037bd41dc3ba7c88275cc2d5b36e2690
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7df4008c7578cd75b389da27f8805127f7ec6a7277faf90cf3757a9074d0a528
7e2054c65fd365e51a1332817d57c8420178f4b684dace56f1ee7527d453a28a
809cf5f44f7182386e632364e92be0b6f8144ff333050d1045f1368a23ecfc83
81ec0d30b215db32828af356b4f9913e3a82be5534b5f2b319634b90667ba92e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8508408273717ae33118b2534e05ee065e92d87d023a169cc00254614593f4f9
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8812493d520cbc5235a0eebfb50ea2fe67f913102988f3b8413b72bb6ef690dd
88d63e53e04357121977a7a9754139b7f8e949228d90cc2b8398c7042632fb40
8a753652e785f2b7ff9eec9a24e362adb01c7d6846a935b2a41da422f9b9a4e7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e748979ca0d5d18e6ab068f41ddf6b44c47cffcd001f79d62d6ff70edf917ba
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8f27b2727d0ab5528261f8f87294c85d527e5ef3511e3201411d4945dd156fe4
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
90fc2ea1f98a704b5820a2e17c8ada425043c2dca1819d2d10d8169738573e4c
92990c1cb6fbc2f88d317d44c369c1a2f8b419a495cf199ba869ae585837d23c
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
957f635abbd132ec82dd4d80bdd204d0666c3aee37f21b60418c972a4f30f24d
95e1bd7b559c76491d457ea8666cdf79104614c53772b7e9fce1b2b64d9c5974
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
974e48c7fc7289abf78ee433f055bb3317cfbffed8a5baa075a7e9aa614e67b2
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9a5a34b4a2ac69f57ff81b82bd66843c5f19f70371ed53b290aa60c4ee1f08
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fcebe7aa22a32eb3f255631508ad0891d1ba5a2df286ebef6050f016899b5a2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a589874dee9ab8294d0b94d5aae579561214766c58625559d0fc45ff330b1e8e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ab78187780f571d6784940f65d561a440932f8e67706ecd546d6b7cf617f1f79
abaab2cba237aa106298f6fbba0f540da1e0f943171b14d50e74776696168ec0
aead9e7fa3c7aafc40d641ddf77f2398689da4579ff2569ebb16d6e7ba43c4a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7090d99febdb36e0059c263b0d9fe1ec0388a0609ab7add9a62c280f1e4db3e
b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c
b8472f8e9376927bc57574db586960515033609db7823d5e6610f0c9993d8ebb
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b8f36f7c8d02ea63660f4dbfdaeb18097dae690ad6b60d987bf45f0f84ee3c1b
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
bb7390f330489b85c1899de036030f2e25d22c87617ebe3af395816881fe5de1
bbd52c06371db8791566b6c846a7171bbe70a8458b8ab0d7dfa56609b4d783a4
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf9bad18e1f73d678275f79a6c1b05c8e1d49eb406b02b4f3f3cadbdd90d0d76
bfec9994f02562897d54968bd8553fa6b99d7a8402b7c3d60b69857e9059fe26
c2e6d45cf4e09e3b90031fdfa2aedb1e064df5bd13021c0ddc1a8b074512f4fe
c3802f9ca74273f77cf2f9a21a8e154173159b9ae13aa15c8d78f09eafa0b86b
c495ffc646089069063ff59dc5caee54e12ccc699164226a8ac2ec71bf5b7114
c769d986deded0936c5c2216166e832f2263062065848f572310700f02e7bff3
c946cbe31a4e61fd21aa1fa8c939fabd9b8f21c36aa68396150f46509307483c
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cb94758c021b64d9d64ce40b3039ba37774e37d9ff8ff65213472702e8a16a16
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cda10f1d3344c6231ba88640312c32a994728b205f77e0760fd57d66297dffe5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1cdbc3a0cdd596970f248964173c62f9b54b93a9913f06a28240d5e5c2d507f
d32a13b8094113882c01a671a58511bf6dfb57a2f29afa02353219888267e6dc
d6c9cece55c158bd58a6b9c1b6e6c7c71bf1f3f0a0b14f3088629c59bc0f4544
d80251d59b2c8ec3665ab396d1cc906b8e115999a9c00dd2a96d49070a043db5
d9c4fc998a6769dec5bac34ec6e250f9d5cc66b5b2ba8956fadf14a2602204a9
da45740954b06a70ca1fc0a1554f7d7135e1ac414157c52b361e90d6b5bc807a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
df844419cc9ac6897808536c03132a6b090bc56c3ed70aec76e0488d533d2e8d
e090c27e54e7f5b60c469aa8c68003f74785670ab196af2f004021a739c9fa32
e2a9677f90a8abf643f17345788419de5b555a162bedb252a1b0a4d0d603cf4b
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e35f6c665cbffb68919476d04700217c724b94166d9e14ea7d0e9ce0f989c77c
e375b7d76b7c5d80db47d1ca63cc43023170dbf1a327084ad6ef2e74ec00ae54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fd9013fb0197de43526b1bd9b43406eb19553d346ebe6df3e7609938f95bb6
e72d88ba4b2048a66a78cf13087eb257f8f2458c6be0a5bcb09a9756381c24c1
e85de0dee826ab9f4eaf558fa40d5c116742b26574814b5bcf7e31fd76028ea3
e9e4299a84639e5d2301dde7543f550dea866a2a747a609f28c7f14fec38173c
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f08f80218ee70dac31eb2c0d6e6c5cabe76b707aa96ba963b5a88ca8e52b8302
f09c46fd81d3c8b0727dd05077f3fb61cfaaac1c81d661e29d59030b77e30eb7
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f8dbc2d5612573014af1406039e69f1f5fb7762820efe4c0550d700dcbd7da6e
fb3807dd72ddfddbc7e9e2547b9d737408559685853a02eff358422bb13fe4ed