urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sebaba002.xyz/
Effective URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Submission: On October 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 12 countries across 74 domains to perform 354 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 317104.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2022. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.179.174 32244 (LIQUIDWEB)
13 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.199.145.188 14618 (AMAZON-AES)
17 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 142.250.185.98 15169 (GOOGLE)
1 23.35.229.56 16625 (AKAMAI-AS)
1 23.35.237.56 16625 (AKAMAI-AS)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 52.28.203.152 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
1 3.120.69.93 16509 (AMAZON-02)
2 51.89.9.251 16276 (OVH)
1 169.63.109.126 36351 (SOFTLAYER)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.50.55.155 16509 (AMAZON-02)
2 104.18.19.126 13335 (CLOUDFLAR...)
2 185.89.210.212 29990 (ASN-APPNEX)
1 178.250.0.165 44788 (ASN-CRITE...)
1 147.75.85.234 54825 (PACKET)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 34.149.50.64 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
8 3.66.51.54 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.35.228.247 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
12 18.66.97.68 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
12 52.206.60.169 14618 (AMAZON-AES)
3 108.138.4.10 16509 (AMAZON-02)
2 52.223.40.198 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 54.174.184.87 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.213.96.88 14618 (AMAZON-AES)
1 18.66.147.24 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 108.138.4.150 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
3 141.95.98.64 16276 (OVH)
1 34.239.63.36 14618 (AMAZON-AES)
1 34.254.133.1 16509 (AMAZON-02)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 141.95.98.69 16276 (OVH)
1 18.193.226.223 16509 (AMAZON-02)
1 18.192.39.116 16509 (AMAZON-02)
1 198.47.127.22 3257 (GTT-BACKB...)
1 185.94.180.123 35220 (SPOTX-AMS)
1 34.208.243.53 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2a02:2638:1::3 44788 (ASN-CRITE...)
1 18.66.97.88 16509 (AMAZON-02)
1 3.141.155.221 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 2620:116:800d... 16509 (AMAZON-02)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2 213.155.156.183 1299 (TWELVE99 ...)
1 16 142.250.184.194 15169 (GOOGLE)
3 3 37.157.4.25 198622 (ADFORM)
1 35.227.252.103 15169 (GOOGLE)
1 72.34.250.75 27630 (AS-XFERNET)
4 4 72.251.249.9 32475 (SINGLEHOP...)
1 178.250.0.160 44788 (ASN-CRITE...)
7 178.250.0.139 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 50.31.142.159 23352 (SERVERCEN...)
1 1 23.35.224.23 16625 (AKAMAI-AS)
1 1 202.241.208.54 4694 (IDCF IDC ...)
1 18.158.8.202 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 52.4.99.227 14618 (AMAZON-AES)
1 1 35.190.0.66 15169 (GOOGLE)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 3.121.205.163 16509 (AMAZON-02)
3 172.217.16.130 15169 (GOOGLE)
1 108.177.15.154 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
1 13.32.121.21 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
2 3 185.80.39.216 27381 (CASALE-MEDIA)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 3 3.121.65.152 16509 (AMAZON-02)
2 2 213.19.147.45 3356 (LEVEL3)
2 23.205.235.133 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
354 99
2    72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
sebaba002.xyz
13    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
20    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    34.199.145.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-145-188.compute-1.amazonaws.com
embed.sendtonews.com
17    2a02:26f0:3500:16::215:1486 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
ade.googlesyndication.com
1    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
at.teads.tv
16    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.de
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
24    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    3.120.69.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-69-93.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com
in-appadvertising.com
1    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    52.50.55.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-55-155.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    3.66.51.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1    23.35.228.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
6    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    18.66.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-68.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1    2600:9000:2490:9400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
12    52.206.60.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-60-169.compute-1.amazonaws.com
s2l.sendtonews.com
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    54.174.184.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-184-87.compute-1.amazonaws.com
id.sv.rkdms.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    18.213.96.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-96-88.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-24.fra60.r.cloudfront.net
player.sendtonews.com
6    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.18.12.242 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    34.239.63.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-63-36.compute-1.amazonaws.com
idx.liadm.com
1    34.254.133.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-133-1.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
1    141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    18.193.226.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-226-223.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    18.192.39.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-39-116.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
10    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    3.141.155.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-155-221.us-east-2.compute.amazonaws.com
prod.uidapi.com
5    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
38    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
16    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
7    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    50.31.142.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    23.35.224.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-224-23.deploy.static.akamaitechnologies.com
cs.media.net
1    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    52.4.99.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-99-227.compute-1.amazonaws.com
fksnk.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    3.121.205.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-205-163.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pubads.g.doubleclick.net
1    108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net
bid.g.doubleclick.net
2    2a00:1450:400f:805::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:400e:13::8 (Ireland)

ASN15169 (GOOGLE, US)
r3---sn-5hne6nzd.c.2mdn.net
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
googleads4.g.doubleclick.net
1    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum.casalemedia.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
3    3.121.65.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-65-152.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    213.19.147.45 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
67 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
ade.googlesyndication.com — Cisco Umbrella Rank: 287
3 MB
43 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
pubads.g.doubleclick.net — Cisco Umbrella Rank: 446
bid.g.doubleclick.net — Cisco Umbrella Rank: 444
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
262 KB
24 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
1 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
pix.eu.criteo.net — Cisco Umbrella Rank: 8015
csm.eu.criteo.net — Cisco Umbrella Rank: 8166
174 KB
19 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 12634
s2l.sendtonews.com — Cisco Umbrella Rank: 13200
timber.sendtonews.com — Cisco Umbrella Rank: 13569
player.sendtonews.com — Cisco Umbrella Rank: 13834
209 KB
17 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 335
129 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
292 KB
13 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
793 KB
13 simcast.com
simcast.com — Cisco Umbrella Rank: 317104
156 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12901
ads.eu.criteo.com — Cisco Umbrella Rank: 7867
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9939
59 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 998
match.sharethrough.com — Cisco Umbrella Rank: 554
1 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
353 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
as-sec.casalemedia.com — Cisco Umbrella Rank: 1407
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
4 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
cloudflare.com — Cisco Umbrella Rank: 139
35 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
109 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
3 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1042
eus.rubiconproject.com — Cisco Umbrella Rank: 596
token.rubiconproject.com — Cisco Umbrella Rank: 682
11 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
18 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
48 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1004
x.bidswitch.net — Cisco Umbrella Rank: 303
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
140 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
gcdn.2mdn.net — Cisco Umbrella Rank: 933
r3---sn-5hne6nzd.c.2mdn.net — Cisco Umbrella Rank: 324455
18 KB
3 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1553
ib.adnxs.com — Cisco Umbrella Rank: 232
3 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1521
us-u.openx.net — Cisco Umbrella Rank: 409
655 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4553
647 B
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1481
tags.crwdcntrl.net — Cisco Umbrella Rank: 1160
10 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
650 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
cs.media.net — Cisco Umbrella Rank: 1392
2 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1980
dclk-match.dotomi.com — Cisco Umbrella Rank: 2865
249 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
396 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
at.teads.tv — Cisco Umbrella Rank: 4239
4 KB
2 sebaba002.xyz
sebaba002.xyz
3 KB
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1679
349 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
266 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
233 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13419
552 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4694
609 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
55 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
1 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2435
552 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 983
411 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
191 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
464 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3897
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3439
904 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 509
1 KB
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
112 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
503 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
325 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2587
308 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8634
96 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4214
163 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 825
356 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
13 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 6673
402 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6449
2 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
166 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
165 B
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 14854
547 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
644 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 15185
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
42 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 491928
851 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 21420
150 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
30 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 smilewanted.com Failed
prebid.smilewanted.com Failed
354 74
Domain Requested by
38 tpc.googlesyndication.com simcast.com
pagead2.googlesyndication.com
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
imasdk.googleapis.com
24 c2shb.pubgw.yahoo.com cdn.adapex.io
20 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
sebaba002.xyz
tpc.googlesyndication.com
www.googletagservices.com
17 img-s-msn-com.akamaized.net simcast.com
16 cm.g.doubleclick.net 1 redirects 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
13 simcast.com sebaba002.xyz
simcast.com
code.jquery.com
12 s2l.sendtonews.com embed.sendtonews.com
12 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
simcast.com
10 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdn.adapex.io
8 btlr.sharethrough.com cdn.adapex.io
8 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
simcast.com
sebaba002.xyz
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
7 pix.eu.criteo.net ads.eu.criteo.com
6 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com embed.sendtonews.com
securepubads.g.doubleclick.net
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
cdnjs.cloudflare.com
5 ade.googlesyndication.com
5 www.gstatic.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
5 www.google.com 1 redirects 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
ads.eu.criteo.com
4 ap.lijit.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 x.bidswitch.net 2 redirects
3 dsum.casalemedia.com 2 redirects
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 c1.adform.net 3 redirects
3 www.googletagservices.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
3 id5-sync.com cdn.adapex.io
cdn.id5-sync.com
3 mug.criteo.com simcast.com
3 timber.sendtonews.com embed.sendtonews.com
3 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 embed.sendtonews.com simcast.com
sebaba002.xyz
embed.sendtonews.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 sync.1rx.io 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 b1sync.zemanta.com 2 redirects
2 d5p.de17a.com 2 redirects
2 match.adsrvr.org js-sec.indexww.com
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 ib.adnxs.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 onetag-sys.com cdn.adapex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 sebaba002.xyz sebaba002.xyz
1 token.rubiconproject.com eus.rubiconproject.com
1 dmp.brand-display.com 1 redirects
1 us-u.openx.net
1 sb.scorecardresearch.com simcast.com
1 googleads4.g.doubleclick.net
1 r3---sn-5hne6nzd.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 match.sharethrough.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 dsp.adkernel.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 fksnk.com 1 redirects
1 dclk-match.dotomi.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 cs.emxdgt.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 cs.media.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 sync.go.sonobi.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 rtb.openx.net 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 cms.quantserve.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 ads.eu.criteo.com 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com sebaba002.xyz
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 lb.eu-1-id5-sync.com cdn.adapex.io
1 as-sec.casalemedia.com js-sec.indexww.com
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 secure.cdn.fastclick.net sebaba002.xyz
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 s0.2mdn.net imasdk.googleapis.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
cdn.adapex.io
1 d15kdpgjg3unno.cloudfront.net embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 prebid.media.net cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 bidder.criteo.com cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 at.teads.tv a.teads.tv
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 cs.chocolateplatform.com Failed 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
0 prebid.smilewanted.com Failed cdn.adapex.io
354 114

This site contains links to these domains. Also see Links.

Domain
namesilo.com
Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-10-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-06 -
2023-06-29		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh

This page contains 21 frames:

Primary Page: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Frame ID: 599BDDE6D9BC0C737136B5572132A82A
Requests: 162 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20190131/zrt_lookup.html
Frame ID: 1FDC408892E0437BEE8CBA0E0103AA4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1665678018&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665678018097&bpp=3&bdt=1462&idt=140&shv=r20221011&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8590730301527&frm=20&pv=2&ga_vid=446408386.1665678018&ga_sid=1665678018&ga_hid=318887674&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070257%2C31062930&oid=2&pvsid=1135657953840125&tmod=1400912189&uas=0&nvt=1&ref=http%3A%2F%2Fsebaba002.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: C24069C7CA755FF54FB1FDFF0D29FB80
Requests: 1 HTTP requests in this frame

Frame: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 885D13E43FE243B14D23831446198162
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 0C0A735DEAC4AE0F866DEDF006725AB4
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Frame ID: E1042400C566AB64CDA45A09339DC032
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210010655000/amp4ads-v0.mjs
Frame ID: 4FEC2DD881D48C527EDB2C0645948C24
Requests: 15 HTTP requests in this frame

Frame: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A960F08425D06EC09826EB0C74BC375
Requests: 9 HTTP requests in this frame

Frame: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B23380087D5C976CE600D68FAA095EED
Requests: 37 HTTP requests in this frame

Frame: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6DF0FE44A5A956772D575D47931D26EB
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: C57AED6600B41510FD9E5052E437AC5D
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0940F82EF202F29B62306F1F6D1C04E2
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com
Frame ID: 060ADEFF38BF5ADA5D4DDE225B0F2D43
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C95C86A7536DF2764D61E7F5B88C725D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 78D488AA050A58062F6167EF2EE41F96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A51D8EBBDD6DCD09472CF0B928C709C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54498E7507CEDD40DDB20B6D653EA30F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Frame ID: F0078B785F5C9F73983345048273509A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Frame ID: 2860ED1049A1C209D12F00F3AA0577F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 418FC3CAAE85210FF991DB550CA58594
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C9752891404CAD6B1076BF9E7DA2E70A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://sebaba002.xyz/ Page URL
  2. http://sebaba002.xyz/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAv3RjUXLELsgGlydki13RGmVMD6iBnM%2F726... Page URL
  3. https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

354
Requests

92 %
HTTPS

32 %
IPv6

74
Domains

114
Subdomains

99
IPs

12
Countries

6581 kB
Transfer

13571 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sebaba002.xyz/ Page URL
  2. http://sebaba002.xyz/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAv3RjUXLELsgGlydki13RGmVMD6iBnM%2F726xjERCmr9Y67Krx8k5nbjTmFLtw%2F9Jwsm%2Fyi3NgJa88KCYFQrOuyWMmN2ynnwNH0p3LHhX1LCbafUfUzOTTP8j98R%2Bqp2aLiMiPNPndet2wyTBVoJDdnJH4Tz5ljQ0UxDoRjZ1ulW41EckW3hN70t4Umb9FfrdGo8TGy1FLhjP422VB07qtrXQ7WsF3pcDB3QKsIUPtSbMgBsoDZVV8sQKhhNKk48FcYTFZTEAXQY%2FevK%2F66AVA2hdl4JUBSky3tJMiTDOdwbUyEhi3ugW7gk6XLKuuG6qjEGrQbOal59r76KphmoxkmPjCbwLxZi5xovQuoD2Bc4iZRlJaFgPz%2Bpm3RPhcBMMj3Zq1I%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 144
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WpxNJnw5UUZrZ3Q3T2VUR2VTbjljeU9Ea0dmWTByMmZ2YkxMU3l6WXY5UWt6SDRnbi9MdlNkUUFMVFRrZCtvQnY2MHJ4azkzazdDMjhwOVNibU1DN2hJS3craTMvQzVWUWxKbndmcW9iZHh2bVpNSldHZ0drWktJVFArb0tOMER5ZTFMZXVwWjROWFVtcVMraFpGTEJvakJFRlRXUzBOdDNsMjRmQlg3bEJaQ2RuZ25ac3hrWkhzTDA3MnEvYUtWa3c0KzR2SDNnM2x5YUZCbHVXbTArZEtiZ0V5Vnd6SC9uTERWN2xRa1RWTzUwY1pzPXw&cppv=2
Request Chain 216
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 219
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKSReJjB_ka1Yyup_DKYUkI&google_cver=1&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRjeMhYI_ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKSReJjB_ka1Yyup_DKYUkI&google_cver=1&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRjeMhYI_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRjeMhYI_
Request Chain 220
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRPcl7wsY7TdaztTKaWWbg&google_cver=1&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEaxCSflWM8-RILPPhHH1-I4B_Q HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRPcl7wsY7TdaztTKaWWbg&google_cver=1&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEaxCSflWM8-RILPPhHH1-I4B_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEaxCSflWM8-RILPPhHH1-I4B_Q
Request Chain 223
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvytDWrQuyRKg7WQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvytDWrQuyRKg7WQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvytDWrQuyRKg7WQ&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Request Chain 230
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simcast.com&sn=ChromeSyncframe&so=3&topUrl=simcast.com&bundle=aM8D9V9Oc2F5S2V3RUgyWmp2WWMyVyUyRnp2VWVXR2Ric2ljZCUyRjNRZ2d4aGdvYlVPNEhxVTlXRjNOSDh0YWVMa0xaNE1CTTE0RkYwcVR6MU1COHZ4bDlLb2I2WXNvS0RHYk5Qa0d0TDk4TXZydGtQTjV6RVkxblc4WHBZaCUyRkpweTVuSE9heQ&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=devXt3xVMjVKKzQyRXVUb285azVtWGJwYjRsRDNnQ29nMnFsNG5YeTU4bkVBSFUycmd4ZldFMEpkVlZRd25LRWJpbEswcFVLbDJFc2J3QWYwR09iT2Q5VHB3N1pnTkhKNDZkR3J5enloSGFYK1JsR3g4V2pwU0kwZXJpWXNJdlpXNTFRVG9WajAyTmtWaXFTaFVMRk0zRTdUOTJyc3dNcmdPb2F3ODZtYVBrdXlPYk1neGhXL0VpL3BWWFk1b0VVcEZEd3AzS3MzT29hMmt3V1JqbCt0WUZWaHE2NjFtOUkyaE8xUFRWV3BWWWRnK3ZRbTh5MWp4SmFUcVh4SXV4QzV5WFJCSU9GRjZEaURwdjhpZ3RXQ3I4ZmhiTEVKb0VBbnVvTVIvNFlVdXZTUTFwVT18&cppv=2
Request Chain 281
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFedboX5BVKCeHpfHK3TjKk&google_cver=1&google_push=AZmPxg82C2IvQRDHedTjUWXB6TXagT5w03X77x8BGmUciYQWuU05RuILGkw7GSwZnh8oTHewOKyczKDWR4hmzHV0uiwXwgsQ1OjRDw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg82C2IvQRDHedTjUWXB6TXagT5w03X77x8BGmUciYQWuU05RuILGkw7GSwZnh8oTHewOKyczKDWR4hmzHV0uiwXwgsQ1OjRDw
Request Chain 282
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEO26HNtMJRc-38yk_s35oYw&google_cver=1&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD3gFlMrVQQdWo9n6 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEO26HNtMJRc-38yk_s35oYw&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD3gFlMrVQQdWo9n6&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD3gFlMrVQQdWo9n6&google_hm=UUFzTVNzMVJBYUtrWDBYTFV2dU4=
Request Chain 283
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg8N4zteXdOEPj44jeJmFhNUj_lavbS0cKrbha0pB0frNAojX7w-PSLP6ir85XU8C7IOs5OsCQA2MVdLTbYZwsFejmcpC3LkFw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8N4zteXdOEPj44jeJmFhNUj_lavbS0cKrbha0pB0frNAojX7w-PSLP6ir85XU8C7IOs5OsCQA2MVdLTbYZwsFejmcpC3LkFw&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Request Chain 284
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHD-SjqxHZGJ6SOOzL0W2wM&google_cver=1&google_push=AZmPxg8pJskx3UYtv1_C6jFGo-T9cz8DwXKvYGBw0wxO11P7ICtGqYtHKR0WDpsZkJNWTnY6F-ViKR7yOXl_XJikpH9Xt9pPndlDJw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&mn_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8pJskx3UYtv1_C6jFGo-T9cz8DwXKvYGBw0wxO11P7ICtGqYtHKR0WDpsZkJNWTnY6F-ViKR7yOXl_XJikpH9Xt9pPndlDJw&gdpr=&gdpr_consent=
Request Chain 286
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELNpAqlHQGS9T5b61okBeN0&google_cver=1&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6TMaC-jdz68r3Zj5f4X7zq7Mr1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6TMaC-jdz68r3Zj5f4X7zq7Mr1A&google_hm=WTBnNnhNQ281c0VBQUF5ZU1XVUFBQUFB
Request Chain 290
  • https://fksnk.com/cs/google?google_gid=CAESED1WQfRBER_giESuAl7Rxr0&google_cver=1&google_push=AZmPxg8NJTCpBxx4G3c0w_5gHQz9r_pu9hRYOcgwjio6fhB_QW7SMBu3kNFDaL-EP9sbWmYAzwyHDLP0jOT14vSwst6Wr6Gn6Hk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0U5MUYyQUZENDZDRDkxMQ==
Request Chain 291
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEK_W118EK-3n22N5JVkLkwU&google_cver=1&google_push=AZmPxg-eCBnVRrDRFUjOGWOGNqXOBFvvu6TwnyKsdzf96hHO75_HK_-IVR2859zssmvh6Eyl95_f24G65WRpN5tcT0LTuwO-Fg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_3IJ94dkR-q8UA29bKJYhg2&google_push=AZmPxg-eCBnVRrDRFUjOGWOGNqXOBFvvu6TwnyKsdzf96hHO75_HK_-IVR2859zssmvh6Eyl95_f24G65WRpN5tcT0LTuwO-Fg
Request Chain 292
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRPcl7wsY7TdaztTKaWWbg&google_cver=1&google_push=AZmPxg-R0pRbM8iGBBkejls4XpkLIuN1xm1UgQ8YUX7JfxFTss6B5Mq3ISxM08Slw9Y-Xq8fxoWhYjQmKZHYAF-ilU3u-FuPiPI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg-R0pRbM8iGBBkejls4XpkLIuN1xm1UgQ8YUX7JfxFTss6B5Mq3ISxM08Slw9Y-Xq8fxoWhYjQmKZHYAF-ilU3u-FuPiPI
Request Chain 294
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg8pTumbSc21-u-YbuNG5u38sd0pdzI28wRml39PnbGxWeBrAJmYeBPCqNQlKDUp2z52YFbWpjvmLErderyMe_M3QJXqr74 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8pTumbSc21-u-YbuNG5u38sd0pdzI28wRml39PnbGxWeBrAJmYeBPCqNQlKDUp2z52YFbWpjvmLErderyMe_M3QJXqr74&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Request Chain 316
  • https://gcdn.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A07FDAB8C69FC3680955F9056549FDA32B18D937.B27CD6AF3A5401F2A91726487D20682E61261E5E/key/ck2/file/file.mp4?cpn=eaBqRSs_Fp3qxs3k HTTP 302
  • https://r3---sn-5hne6nzd.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50972F6170FADFE71A8EC9490CABB9B875ABFB7A.36373C01ED4B185D2DB7954383963538FAAB2D78/key/cms1/cms_redirect/yes/mh/JX/mip/2a00:c98:2050:a007:2::4/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1665677584/mv/m/mvi/3/pl/44?cpn=eaBqRSs_Fp3qxs3k&file=file.mp4
Request Chain 342
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a2761c1f-5527-838b-26f52a47
Request Chain 343
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4&google_hm=YTQ1Y2RlZjAtZDVkNy00ZDJkLTkzYzgtYTMzYzEzNGUyY2I0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECYOXaHKJa8tURuqUnO5pHY&google_cver=1&ssp=themediagrid&bsw_param=a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4
Request Chain 344
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1665678021858 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7596231150

354 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sebaba002.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sebaba002.xyz/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 16:20:15 GMT
Keep-Alive
timeout=5, max=97
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
sebaba002.xyz/page/ 		697 B
981 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sebaba002.xyz/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAv3RjUXLELsgGlydki13RGmVMD6iBnM%2F726xjERCmr9Y67Krx8k5nbjTmFLtw%2F9Jwsm%2Fyi3NgJa88KCYFQrOuyWMmN2ynnwNH0p3LHhX1LCbafUfUzOTTP8j98R%2Bqp2aLiMiPNPndet2wyTBVoJDdnJH4Tz5ljQ0UxDoRjZ1ulW41EckW3hN70t4Umb9FfrdGo8TGy1FLhjP422VB07qtrXQ7WsF3pcDB3QKsIUPtSbMgBsoDZVV8sQKhhNKk48FcYTFZTEAXQY%2FevK%2F66AVA2hdl4JUBSky3tJMiTDOdwbUyEhi3ugW7gk6XLKuuG6qjEGrQbOal59r76KphmoxkmPjCbwLxZi5xovQuoD2Bc4iZRlJaFgPz%2Bpm3RPhcBMMj3Zq1I%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://sebaba002.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 16:20:15 GMT
Keep-Alive
timeout=5, max=96
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		37 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAv3RjUXLELsgGlydki13RGmVMD6iBnM%2F726xjERCmr9Y67Krx8k5nbjTmFLtw%2F9Jwsm%2Fyi3NgJa88KCYFQrOuyWMmN2ynnwNH0p3LHhX1LCbafUfUzOTTP8j98R%2Bqp2aLiMiPNPndet2wyTBVoJDdnJH4Tz5ljQ0UxDoRjZ1ulW41EckW3hN70t4Umb9FfrdGo8TGy1FLhjP422VB07qtrXQ7WsF3pcDB3QKsIUPtSbMgBsoDZVV8sQKhhNKk48FcYTFZTEAXQY%2FevK%2F66AVA2hdl4JUBSky3tJMiTDOdwbUyEhi3ugW7gk6XLKuuG6qjEGrQbOal59r76KphmoxkmPjCbwLxZi5xovQuoD2Bc4iZRlJaFgPz%2Bpm3RPhcBMMj3Zq1I%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
57aa05b8f011b7072cd7e9032df2eb0642f6e1755ec01f7a3ed9c96776fb76ba

Request headers

Referer
http://sebaba002.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
6822
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 16:20:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:16 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15851"
vary
Accept-Encoding
x-hw
1665678016.dop132.fr8.t,1665678016.cds161.fr8.hn,1665678016.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:16 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:16 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:16 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
application/javascript
connection
Upgrade
accept-ranges
bytes
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		532 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b7a509e2a4f7b995d71fa183c05b429a4b418afc83163740b407ffa978c3aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44595
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 11 Oct 2022 03:55:26 GMT
server
cloudflare
etag
W/"6344e92e-85125"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqYfmG6HjN86%2FU5fcfAVe0bGEtxR%2BPt3O2AVULdQR5Sun%2BdCp7CAZoivVspazWBNCoxdI%2FvFDTO1GQTRIC1pY08MxA4q8M1i0kH9AYLl%2BnZyNXhkZT7h9vpbDQaz92D4OsNYUkpeciaMsH8C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
759966d7baabafbe-NRT
expires
Fri, 14 Oct 2022 03:56:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4a0110871088355ed458d77c93360275e339fb0d9798ddac8a0819033b1c622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54208
x-xss-protection
0
server
cafe
etag
1438833066620552762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 16:20:18 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		566 B
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=sebaba002.xyz
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
bf6f8ce71ba0c329dd6d1b0eb8c5fa64ca2b55f1e08fdcf0ed89dffa332cc02a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 16:20:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8536649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fwve1tMM8MCK6GXt4yevgaN2szPn1oUOKB4EQPbysqK4v17WBimGJWoE7iDIHmDEpp%2Fp3%2FWg%2BC3jQxfXjt%2FQVBzdwB5%2FYKBR8vo4c3cNzgmFgtRof2o6AHMbJzmayjie78AkPeO%2BQmSu6oNcf9F%2B0DYN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759966d92b819b5e-FRA
expires
Tue, 03 Oct 2023 16:20:17 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ov%2FCHagVEfOjjPUddtvngGHV66K7ScUkVdIC3GckK1GxJsz3adj3NlEl0SnzCzhUVm8957kE5ivAaxqsGop%2FoGdW5ZOuMwNBPU5vSShwyaHetvf6LuShj%2BHFjcy0RObiNHtYbMD1ZRIhmOWSUdddwea"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759966d94bc99b5e-FRA
expires
Tue, 03 Oct 2023 16:20:17 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
352
embedcode.js
embed.sendtonews.com/player3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.145.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-145-188.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7c038bc32c2be1608df1d03adbce7b2d56d7fe154c2098f70cc024a4f366025e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3096
expires
Thu, 13 Oct 2022 17:20:18 GMT
AA12UHJA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UHJA.img?h=100&w=100&x=1024&y=706.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d8f3bccb5c39fc0d00ed1c79e3b7b36ea24906758491e8954e4f1dd1da099d03
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
last-modified
Thu, 13 Oct 2022 16:12:30 GMT
x-resizerversion
1.0
x-source-length
334057
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431485
x-activityid
31140618-56d0-40ff-b085-e931bd22ed18
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UHJA?h=100&w=100&x=1024&y=706.5&m=5
timing-allow-origin
*
content-length
5063
expires
Tue, 18 Oct 2022 16:11:42 GMT
AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		417 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
last-modified
Tue, 11 Oct 2022 03:23:05 GMT
x-resizerversion
1.0
x-datacenter
westus
x-source-length
417
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=212459
x-activityid
f7a07654-5051-4334-90bf-35c445c90807
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length
417
expires
Sun, 16 Oct 2022 03:21:16 GMT
AA12UJep.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UJep.img?h=100&w=100&x=359.5&y=381.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b54a69845622512752c75619dd297c790663ac7024c92dd2bcb405dedb61478
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
last-modified
Thu, 13 Oct 2022 12:38:27 GMT
x-resizerversion
1.0
x-source-length
1642964
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418717
x-activityid
d11c3546-6e4b-498f-aa7c-e43602b24aef
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UJep?h=100&w=100&x=359.5&y=381.5&m=5
timing-allow-origin
*
content-length
2586
expires
Tue, 18 Oct 2022 12:38:54 GMT
AAHxkqw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxkqw.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c431c5ed2922d87151e13c7fa39c35d5c309ba71a3e4dbbce6e1beea3c2ef2d8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
last-modified
Tue, 27 Sep 2022 10:05:18 GMT
x-resizerversion
1.0
x-datacenter
eastap
x-source-length
18148
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=193444
x-activityid
6853f453-9679-4740-ac32-f7972be5be6e
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAHxkqw
content-length
18148
expires
Sat, 15 Oct 2022 22:04:21 GMT
AA12UTHB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UTHB.img?h=100&w=100&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b88744f30808eb551e9bcfc83cf2be738ed3026a8106569bb263eb492ae49140
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
last-modified
Thu, 13 Oct 2022 13:34:55 GMT
x-resizerversion
1.0
x-source-length
454461
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=422168
x-activityid
7ee3c569-0c25-4ad5-bf2a-c55301f38831
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UTHB?h=100&w=100&x=1024&y=682.5&m=5
timing-allow-origin
*
content-length
4334
expires
Tue, 18 Oct 2022 13:36:25 GMT
AA12UPkI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UPkI.img?h=100&w=100&x=421.5&y=115.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9ad14c5c21e254646369f9b8d5900141dd8a9ec1d0869235d15e2c50f3d9f593
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
last-modified
Thu, 13 Oct 2022 15:02:46 GMT
x-resizerversion
1.0
x-source-length
85881
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427316
x-activityid
ea6e0930-bbb3-41db-acdd-664a97a5111e
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UPkI?h=100&w=100&x=421.5&y=115.5&m=5
timing-allow-origin
*
content-length
4725
expires
Tue, 18 Oct 2022 15:02:13 GMT
9.jpg
simcast.com/images/clipart/news/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/9.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
625e16893b9fa85b2cb666eb1ec4d07d22a5d1fdffcbcddbcde69b5e65013f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 09 Dec 2021 00:11:49 GMT
server
Apache/2.4.38 (Debian)
etag
"3d9f-5d2ab73e23b40"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
15775
AACl6Lf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl6Lf.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Fri, 07 Oct 2022 03:25:45 GMT
x-resizerversion
1.0
x-source-length
18254
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=256056
x-activityid
de7600aa-5194-44ca-a5d2-cfcbbdf3e2ee
content-location
https://img.s-msn.com/tenant/amp/entityid/AACl6Lf
timing-allow-origin
*
content-length
18254
expires
Sun, 16 Oct 2022 15:27:54 GMT
AA10AkIF.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA10AkIF.img?h=500&w=1000&x=400&y=266.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d52ed5675328c4342c48b0f4af7ebba03a3aec5f5195bdf9ef19067e6328262a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 15:09:18 GMT
x-resizerversion
1.0
x-source-length
70298
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427799
x-activityid
58c2ef71-1098-40da-853d-00cd831bfb80
content-location
https://img.s-msn.com/tenant/amp/entityid/AA10AkIF?h=500&w=1000&x=400&y=266.5&m=2
timing-allow-origin
*
content-length
44579
expires
Tue, 18 Oct 2022 15:10:17 GMT
AA12Vopd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12Vopd.img?h=70&w=95&x=463&y=215&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a57f54273d8fa1944e2244d31bb035037e3cc21d73f9bfc9d95b60832c5d9f09
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 15:48:33 GMT
x-resizerversion
1.0
x-source-length
237525
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430095
x-activityid
c2dc4c76-ffc2-42e2-b362-e66c5c4b3479
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12Vopd?h=70&w=95&x=463&y=215&m=5
timing-allow-origin
*
content-length
3186
expires
Tue, 18 Oct 2022 15:48:33 GMT
AA12UTHB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UTHB.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
881e13705638e1b6efd7c844ab37ccb7253214b7d085b38fd81dbc94223fef5e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 12:40:00 GMT
x-resizerversion
1.0
x-source-length
454461
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418815
x-activityid
a28038ab-4d72-4cad-9588-5865185b527a
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UTHB?h=70&w=95&x=1024&y=682.5&m=5
timing-allow-origin
*
content-length
3140
expires
Tue, 18 Oct 2022 12:40:33 GMT
AA12VgPF.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12VgPF.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
954390a1e90eb0c7a942634bb470bd44c387ff203559a8cfcfca77d391b8ebdd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 14:33:01 GMT
x-resizerversion
1.0
x-datacenter
eastap
x-source-length
559288
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425520
x-activityid
3725ed7f-b773-43f6-b1c5-f94a0f12df27
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12VgPF?h=70&w=95&x=1024&y=682.5&m=5
timing-allow-origin
*
content-length
2403
expires
Tue, 18 Oct 2022 14:32:18 GMT
AA12V4VK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12V4VK.img?h=70&w=95&x=1024&y=634.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8ed00777646f5265afc85a7960967b7aa542745c05b2e3bf0b1f1a119a11b817
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 14:36:15 GMT
x-resizerversion
1.0
x-source-length
405080
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425782
x-activityid
36dbb35c-7823-442b-a9b9-5cbd0a09df75
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12V4VK?h=70&w=95&x=1024&y=634.5&m=5
timing-allow-origin
*
content-length
3148
expires
Tue, 18 Oct 2022 14:36:40 GMT
8.jpg
simcast.com/images/clipart/news/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/8.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
5a96c87a8c0cbfeda03c1d3ddc775a85a39c67a9a3afa73adadeb2cc3fbdbd24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 09 Dec 2021 00:11:48 GMT
server
Apache/2.4.38 (Debian)
etag
"4b69-5d2ab73d2f900"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
19305
AA12VonT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12VonT.img?h=70&w=95&x=470&y=264.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58c8bbb3eb04584d91a26c76da8d60f417f3838079add50a51dbaef531b8bd44
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 15:46:50 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
48224
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429911
x-activityid
8b9bcd6f-968c-4255-b2b2-787e80638641
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12VonT?h=70&w=95&x=470&y=264.5&m=5
timing-allow-origin
*
content-length
2223
expires
Tue, 18 Oct 2022 15:45:29 GMT
AAZ0uHE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAZ0uHE.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f8dbc2d5612573014af1406039e69f1f5fb7762820efe4c0550d700dcbd7da6e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Sun, 02 Oct 2022 16:07:23 GMT
x-resizerversion
1.0
x-datacenter
westus
x-source-length
4485
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=258540
x-activityid
ec973b37-4492-4cea-82d1-02a1385897d8
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAZ0uHE
content-length
4485
expires
Sun, 16 Oct 2022 16:09:18 GMT
AA12UPkI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UPkI.img?h=70&w=95&x=421.5&y=115.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
144f36daa0c794f3bad3286bfeb58c92c27b888483a97332d1a72fafe730351f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 15:01:12 GMT
x-resizerversion
1.0
x-source-length
85881
x-datacenter
eastap
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427233
x-activityid
d33460f5-a4cd-4468-a1e7-cdcfdf85beb3
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UPkI?h=70&w=95&x=421.5&y=115.5&m=5
timing-allow-origin
*
content-length
3503
expires
Tue, 18 Oct 2022 15:00:51 GMT
AA12VkN8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12VkN8.img?h=70&w=95&x=1024&y=682.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
daf841aaf65ad2f21dfd49a9136b4b0a59bb2630194a7fad282ba22bede65471
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 13:34:32 GMT
x-resizerversion
1.0
x-source-length
231561
x-datacenter
eastap
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=422021
x-activityid
c0552991-3ec0-4a0e-887a-7d6b5a3030ef
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12VkN8?h=70&w=95&x=1024&y=682.5&m=5
timing-allow-origin
*
content-length
2494
expires
Tue, 18 Oct 2022 13:33:59 GMT
AA12UHJA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA12UHJA.img?h=70&w=95&x=1024&y=706.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4a56af82ac0fb8ad6bd8cfde5405434134999f5bee4bd0b9fd670a5ec9b48a25
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 13 Oct 2022 16:13:33 GMT
x-resizerversion
1.0
x-source-length
334057
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431583
x-activityid
6271ea5a-ab29-4f7c-af6d-7dd92342447f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA12UHJA?h=70&w=95&x=1024&y=706.5&m=5
timing-allow-origin
*
content-length
3736
expires
Tue, 18 Oct 2022 16:13:21 GMT
10.jpg
simcast.com/images/clipart/news/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/10.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8c71215f6306d9dc3e6e025b7baee854e6b0fbf7ef5f1b2add50c68ab030e41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 09 Dec 2021 00:11:40 GMT
server
Apache/2.4.38 (Debian)
etag
"2843-5d2ab7358e700"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
10307
2.jpg
simcast.com/images/clipart/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/2.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Thu, 09 Dec 2021 00:11:41 GMT
server
Apache/2.4.38 (Debian)
etag
"23c5-5d2ab73682940"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
9157
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
351
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4e5b72a51c75114d4695ed31bca68f26ff2f07fcd16f590affcae13101c39ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42398
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:42:21 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Oct 2022 16:20:18 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Thu, 13 Oct 2022 16:20:18 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		311 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb962ec184e9a967d0ab0dba0da677601b5f573f4537e3e2de2952514f97f543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
759966dc1de39948-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f423d583e250bc3970a2185611b730b372970f276fa1bc72ff8dc8394963cfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27724
x-xss-protection
0
server
sffe
etag
"1362 / 172 of 1000 / last-modified: 1665675633"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Oct 2022 16:20:17 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
e3HRkV45dlKSU2VLXzuV.1qsEv2pzDxO
date
Thu, 13 Oct 2022 16:20:17 GMT
content-encoding
br
last-modified
Thu, 29 Sep 2022 14:53:50 GMT
x-amz-request-id
B6G3SCA7DFMGTQ1N
etag
"17c0d6e20839220eda6b6705a5927ecd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3375
x-amz-id-2
PCshiiBIFny1pvCQg5XwLWiOIi2ShVt5IDTjeBVJyNRxn6aX2gzXkCrD41FlmdVjz3xVVQ3Jj/c=
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
content-type
font/woff2
connection
Upgrade
accept-ranges
bytes
content-length
75440
fpc
at.teads.tv/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=a89a58d&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:18 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 13 Oct 2022 16:20:18 GMT
pubads_impl_2022100502.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9a1ef6235ec7b883c904136a8bdc4b9e505f4a9508baf410b9817ab806f34bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131298
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 15:51:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Oct 2023 17:37:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Thu, 13 Oct 2022 16:20:18 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 		352 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a012abe85faec6d0070dce4af8ddb138e5f3f685992e0cd03572052ae13d5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118636
x-xss-protection
0
server
cafe
etag
8005745066507740833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 16:20:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221011/r20190131/ Frame 1FDC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80869
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 17:52:29 GMT
etag
9671129459699598864
expires
Wed, 26 Oct 2022 17:52:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20220923/ 		660 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.145.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-145-188.compute-1.amazonaws.com
Software
Apache /
Resource Hash
65e983d0b74cab16e03ea1ff4f8ace773f4d28b9aaeed22dbb66c252943d8061

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
last-modified
Sat, 24 Sep 2022 02:48:20 GMT
server
Apache
etag
"a4ea9-5e96353c4e500-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 13 Oct 2022 17:20:18 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d13935ca0339315e1970c3e57b3c94f48a5393e1f83a4cdbcaebf6a5ac0367d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C240 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1665678018&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665678018097&bpp=3&bdt=1462&idt=140&shv=r20221011&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8590730301527&frm=20&pv=2&ga_vid=446408386.1665678018&ga_sid=1665678018&ga_hid=318887674&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070257%2C31062930&oid=2&pvsid=1135657953840125&tmod=1400912189&uas=0&nvt=1&ref=http%3A%2F%2Fsebaba002.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
Thu, 13 Oct 2022 16:20:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 15:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4699
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 13 Oct 2022 17:01:59 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		818 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3111747631baa821a8db91dbc4b6e37726eec687ff446411a4c141d9adc13db3

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:18 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.228.0
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
hbjson
grid.bidswitch.net/ 		24 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.69.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-69-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4beffd3dadb07b0fdbdab51a8a1f03bbb95f3dd7c64ba7bea56f9fd8d189493b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
49
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://simcast.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bidRequest
in-appadvertising.com/api/ 		55 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=7419bba494b7a91&pubId=30557&sectionId=10399&vers=7.16.0&url=https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
ee0a84bb1976ab1960cf8d40b526067942fc9264e9d166f8b9291cc33965e3d9

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:18 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://simcast.com
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Cache-control
no-cache
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.55.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-55-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2285653906c837ad6%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fsebaba002.xyz%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%22eaf2aa66-b545-4b11-af9a-deaa8642ad48%22%2C%22divId%22%3A%22eaf2aa66-b545-4b11-af9a-deaa8642ad48%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22868e87b54d25fc9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22902b438f573cf45%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22320x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22942923432282987%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2296aa68964b10adf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b57ac195-d17b-44f6-adb3-2ecc29f1ad5c%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf211f387bb0a8c58d1b835297388fe0b6ed5810e1f957ba5dadcc1857af5adb

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvJZWCQkGmY7St%2Fyz2nR3NUFkHPnuI39QKwDwaPJWniqJeiwYiU75DsNVGNhDG58nAPdWwA%2Brt0rx5jGF8WsM9CxGFqw4XpynBGvuhuQBvUxh4ojvsjTf%2Fm5lYj%2F0wuNMomJPxFr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
759966df2ea59bec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		486 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
24329a6304f33e66046a3ab23f4f9f5051966bdca5842089f7cde348a0d99de2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:18 GMT
AN-X-Request-Uuid
ec2a3126-9623-43d6-842b-1bc5cc8028d4
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
486
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.16.0&cb=85832146806&lsavail=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 13 Oct 2022 16:20:18 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
ghb.adtelligent.com/v2/auction/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
866ec07e284a89d42cc73ccc006e11e7914dad672ed25792bbb8be044e71b5f6

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 Oct 2022 16:20:18 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1523
bid
s.seedtag.com/c/hb/ 		11 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
via
1.1 google
server
nginx
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5bbb19e540e3ca964d3807307718e5e8de4565bebc6e46cf72a61f4f10b1f2f9

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
554a19db650b6965d78bf789a13639a617550e86c66f60c7cf10481d8dbb7012

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1b5ebe1a3973c1c067a4233b62f6a06581ee1d364f9de68a561a890bc84a7bbc

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
30db511a47e14b5ff61bf269c967932fdda26a4ff349e763ca2404390cbe0176

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5dfdd91f5fe2324755bb830ca572ca5f0d02f08aab27b9412e8305e0becc7c92

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
180c519c618274a63de6d72126b7ee669340b697eaa90c3d6a08750c5cc8d2d5

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7314ea15cd6fc259bd5c26b4554aa5391182c6ca3fe6fd4c919f63c49e545564

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8aa3079ee2cd7d3c827b9f0f510b6f77b9b3ae749301c0e46b8a35f588a5bc86

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
31f125fbcf28ddef2443e9d6aacd752b29e78a7f1dbddfa31d137d1b5fc1fdbe

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cdf8d3c6500e896332fb34e27af40c37e94b80d57c63b57ff3cb99c9f8732ceb

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7c01749b764c10419e12a4b81b4348946c943eb36ad84d2c21ea23d1d82455c0

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
81e72d9bfc25d0eb85fe466fa94dcf2cfbd00ee6f9380621ef3623d987c04e3c

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
prebid
prebid.media.net/rtb/ 		1 KB
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1283a2549e74067146b3efe54e4ea0eba241fdea9fe919c25ece71264588261f

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.51.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-51-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318887674&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fsebaba002.xyz%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1565074716&gjid=1376952931&cid=446408386.1665678018&tid=UA-205158314-1&_gid=1043018305.1665678018&_r=1&gtm=2ouaa0&z=1979970632
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		352 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135657953840125&correlator=3229252230956620&eid=31068501%2C31069634%2C31062930&output=ldjh&gdfp_req=1&vrg=2022100502&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=2209118510%2C3158244279%2C1737771876%2C4043537373&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dbusinessinfoline.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D1570e0d7b76417c2%26hb_bidder%3Dadtelligent%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dbusinessinfoline.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D15654fcdbe6268d3%26hb_bidder%3Dadtelligent%26anh%3Dadhesion&cust_params=arTest%3Dfalse%26wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D200%26wrap_l%3D2200%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D400%26padpr%3D20%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D500%26waae%3D400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=1&cookie=ID%3D3fa94a9018f8196e-224f54c743ce0027%3AT%3D1665678018%3ART%3D1665678018%3AS%3DALNI_MYHDpZMpLpR20HbvyRTATnZSMdv0g&abxe=1&dt=1665678018827&lmt=1665678018&dlt=1665678016635&idt=1485&adxs=315%2C791%2C1230%2C0&adys=193%2C1055%2C288%2C1473&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fsebaba002.xyz%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1403&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=446408386.1665678018&ga_sid=1665678018&ga_hid=318887674&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
59709f2b66a447017938bdf12374d50ca65d99eccc9bd37a3217194f61fb93f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69829
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 885D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
Fri, 13 Oct 2023 16:20:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 16:20:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 16:15:38 GMT
Server
Apache
ETag
"90294b-9a4f-5eaecd1e3fcc4"
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3547
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13270
Expires
Thu, 13 Oct 2022 17:19:25 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:45:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 16:20:19 GMT
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 16:20:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 16:20:19 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2067644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFtvLugmBgoPbPNwGSt%2B4layUn%2B2lVilzuagLUvulF%2BaN3WjdI3RkTOnWVYdFKkPeBt%2F0AXRjXZ4%2BmVibYPNVBGxoHS69Vj4hcfZABY8kVXfOzFVUiiMV75IGvswGd54eBm9Q6PtX27qEqVt3Kn9EF3b"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759966e29b785b38-FRA
expires
Tue, 03 Oct 2023 16:20:18 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 0C0A 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4314779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RPzy9EO7Ou4r2XR9HvPMXSHKPEFpUs0AhtGBs0tMhzWn05fE%2BFeLhIBjyyr%2FI4xauQ7z50TXaxZoluCvbQtKTxbnZJds8zwWdKHCAP8pkdJHUK24NEPOGehqRUv23NXJ3UwWXHRyRzNZWndzF9PJ905"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759966e2ab8d5b38-FRA
expires
Tue, 03 Oct 2023 16:20:18 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 0C0A 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
iP3cD1lzSI3rQY6VVJAOtDFKtC-3S0GLyztK073ppp3YQSGlUK2GbA==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		101 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:9400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc3b86e8d27691fc7ce7c7d4f7362293e70a12b9e40ec6b62afb6c8945ff35d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:22:22 GMT
content-encoding
gzip
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-version-id
Zstc6Hjv_Cx2iWhpFE0qx.flNSxZRmq7
last-modified
Wed, 12 Oct 2022 17:22:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
82678
etag
W/"bc1859c1c82ffb31af5db4826f3bbaa9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=84600
x-amz-cf-id
z5iWkoTp0D0iUbZw8J84xfQ7eCVv0onlpn0lSoggmIaiNH4YQZ4lJQ==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 0C0A 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:39:26 GMT
content-encoding
gzip
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
51291
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
M-JHgkryQAtvIrM24Om3VZ-0sVEnYQH8csOh990xxzq30n3AGnrPwg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		380 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129648
x-xss-protection
0
expires
Thu, 13 Oct 2022 16:20:19 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:37:04 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
79707
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
qVhS5BvswwWy0Uim25yPAau6l8-tmBD9uLZ-tm-2UW9xldQKyXTO2A==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:45:03 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
79707
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
pwVhn61VTzOl3h_zATV0T2W4SpiyA3i_tuO2wUzkOd1nkwFyy_2aEg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:04:54 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
47726
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
dG3J5D89oY8MjsmXcHDUUW3p1upLFCn0fuHgthQtvxCttSpsa_umqg==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:13:30 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
11210
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
MiF5F2CF9PE-gicfFF14eYih9DpTa-ij2DB94ARXQ1wlQQ7MQ_2w7g==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=589498&version=7.8.1&age=221013&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=3244.3&relativeTime=0.2&canonical=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		34 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=asGEx-He1pnPjBf7&instance=589498&version=7.8.1&age=221013&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.145.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-145-188.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0426240a2dd325e204255da9b28103658b625ab3c43c66fefe60b4eca680d29d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
6379
expires
Thu, 13 Oct 2022 16:20:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0C0A 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:29:22 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3058
x-amz-server-side-encryption
AES256
etag
W/"13600701857be6a3c4cd98a7b8e7133a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
RJnJYIJTE3_R8n_v5pQt95LfFSPegACZsVHFpK8ceHb2neotmM6NsQ==
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
28d8607e42e9b3852954be9b1ed78c265148cd7055e2c6aa04f21d20414ca02e

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 12 Nov 2022 16:20:19 GMT
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		2 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.184.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-184-87.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:19 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0C0A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 01:34:23 GMT
x-amz-cf-pop
FRA56-P6
age
55624
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rZWIzMSgWRUWLKmwjPuLTZaCc7DLPnf0tLiM-M3JMPnRbj3FJ5_QDg==
bridge3.539.0_en.html
imasdk.googleapis.com/js/core/ Frame E104 		687 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b3b5056e215c527846e60d3c1244f74b9ad5435f41bda47d354e027f29df49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
343075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 17:02:24 GMT
expires
Mon, 09 Oct 2023 17:02:24 GMT
last-modified
Sun, 09 Oct 2022 16:55:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 16:20:19 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 0C0A 		248 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:36:17 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
20642
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
SQ5nucEM9sbyVekp-L1N1qsvNruWpgCjDh7s4L8txpPBx0cKB0ux-g==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=3501.4&relativeTime=257.3&canonical=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=Cbf9U3V0YW&USR_ID=214589498&ST_usrKey=asGEx-He1pnPjBf7&SM_ID=2295599&C_ID=12018&C_companyName=Adapex&version=70080010&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.96.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-96-88.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 16:20:29 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Thu, 13 Oct 2022 16:20:20 GMT
0.js
player.sendtonews.com/bidderFiles/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
df0058c3af6569aacf1c15401e9607ac797013d89d45876c86c817cd426d2793

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 15:35:59 GMT
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2661
x-cache
Hit from cloudfront
content-length
1389
last-modified
Wed, 12 Oct 2022 20:07:56 GMT
server
Apache
etag
"dda-5eadbf2cfdf00-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
Nn6Evmka-WwNQkejO_CB1NoHwKoHKZ051hNh4D1R3rnMev2NN07zbA==
expires
Thu, 13 Oct 2022 16:35:58 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 19:00:05 GMT
x-content-type-options
nosniff
age
249614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 19:00:05 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 20:32:16 GMT
x-content-type-options
nosniff
age
589683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 20:32:16 GMT
i91zhhz5fya17yxrrvkidg0253k23jmj.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/i91zhhz5fya17yxrrvkidg0253k23jmj.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8a9db811a1ca811fab7b4808dcd4be46701690d2145b3e20c60590c1224c80f

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:48:15 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
66725
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
52470
last-modified
Wed, 12 Oct 2022 21:40:08 GMT
server
AmazonS3
etag
"c2983451d0a84f830edc32a7b6453869"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
CpNwN1wcmBV3UR8S0G0IJjZnz8MCPv3xBo2-TsMF15jeWrszRdZbjw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=3532.9&relativeTime=288.8&sC_ID=8783&sm_id=2295599&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=Cbf9U3V0YW&USR_ID=214589498&ST_usrKey=asGEx-He1pnPjBf7&SM_ID=2295599&C_ID=12018&C_companyName=Adapex&version=70080010&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.96.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-96-88.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 16:20:24 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Thu, 13 Oct 2022 16:20:20 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 0C0A 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
759966e4cd758fd6-FRA
vary
Accept-Encoding
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 0C0A 		58 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Fsebaba002.xyz%2F&pid=wzR0tK1PpwTml&cb=0&ws=300x150&v=22.10.32118&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!sendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
YH1JSZ1G1MFSTP5YZMNA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
58
x-amz-cf-id
e209iNbVjUl1wtWj_Q9UezUW2NsLKdSq0L4Fla8FeUHfJr-oor0MXw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 0C0A 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Thu, 13 Oct 2022 16:35:19 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
541659
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=WpxNJnw5UUZrZ3Q3T2VUR2VTbjljeU9Ea0dmWTByMmZ2YkxMU3l6WXY5UWt6SDRnbi9MdlNkUUFMVFRrZCtvQnY2MHJ4azkzazdDMjhwOVNibU1DN2hJS3craTMvQzVWUWxKbndmcW9iZHh2bVpNSldHZ0drWktJVFArb0...
360 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WpxNJnw5UUZrZ3Q3T2VUR2VTbjljeU9Ea0dmWTByMmZ2YkxMU3l6WXY5UWt6SDRnbi9MdlNkUUFMVFRrZCtvQnY2MHJ4azkzazdDMjhwOVNibU1DN2hJS3craTMvQzVWUWxKbndmcW9iZHh2bVpNSldHZ0drWktJVFArb0tOMER5ZTFMZXVwWjROWFVtcVMraFpGTEJvakJFRlRXUzBOdDNsMjRmQlg3bEJaQ2RuZ25ac3hrWkhzTDA3MnEvYUtWa3c0KzR2SDNnM2x5YUZCbHVXbTArZEtiZ0V5Vnd6SC9uTERWN2xRa1RWTzUwY1pzPXw&cppv=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7e118104cf39541ea173ddb39ae0bdcdb0702c6e647a92b3ce2220919dc0d584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
587263
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=WpxNJnw5UUZrZ3Q3T2VUR2VTbjljeU9Ea0dmWTByMmZ2YkxMU3l6WXY5UWt6SDRnbi9MdlNkUUFMVFRrZCtvQnY2MHJ4azkzazdDMjhwOVNibU1DN2hJS3craTMvQzVWUWxKbndmcW9iZHh2bVpNSldHZ0drWktJVFArb0tOMER5ZTFMZXVwWjROWFVtcVMraFpGTEJvakJFRlRXUzBOdDNsMjRmQlg3bEJaQ2RuZ25ac3hrWkhzTDA3MnEvYUtWa3c0KzR2SDNnM2x5YUZCbHVXbTArZEtiZ0V5Vnd6SC9uTERWN2xRa1RWTzUwY1pzPXw&cppv=2
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
440713
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.63.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-63-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
d37575fc289eecc5
vary
Origin
request-time
1
id
id.crwdcntrl.net/ 		63 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.133.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-133-1.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7329ad5a6f84ea75a98d28b23c15072529467822a597557330714581d73e3578

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.28.184
access-control-allow-credentials
true
content-length
63
expires
0
headerstats
as-sec.casalemedia.com/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx4UJLNBpctIFT%2FYJ9dvhc8Wi2e2bUXfCJ0%2FJLYHjYbTih9w1y6mvQ%2BUHnGW9WGlxoORj6XHopnO0o8cOMlnwkLnse8dJa0PC7OpGpI9UsHmQlTIhNASvKJtTLKvunXMPOMW2JxjAz8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
759966e5dcd96925-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WpxNJnw5UUZrZ3Q3T2VUR2VTbjljeU9Ea0dmWTByMmZ2YkxMU3l6WXY5UWt6SDRnbi9MdlNkUUFMVFRrZCtvQnY2MHJ4azkzazdDMjhwOVNibU1DN2hJS3craTMvQzVWUWxKbndmcW9iZHh2bVpNSldHZ0drWktJVFArb0tOMER5ZTFMZXVwWjROWFVtcVMraFpGTEJvakJFRlRXUzBOdDNsMjRmQlg3bEJaQ2RuZ25ac3hrWkhzTDA3MnEvYUtWa3c0KzR2SDNnM2x5YUZCbHVXbTArZEtiZ0V5Vnd6SC9uTERWN2xRa1RWTzUwY1pzPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
498223
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a02411b4b5c128043fc7c9e73c0da1739e09cc3cd67ff8ca378ff2c5f9c581d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11209
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
b63402b63b0f1d97b0dc728f332ebcbf65d4ecbb5c9a5b6be9196b8ca522a184

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cygnus
htlb.casalemedia.com/ Frame 0C0A 		36 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22121616ac034136%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222882ab7e0d9362%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22sendtonews.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c838b49f06df939d22ef87643893553af16aa2c21720aedef3319a1b616f4d

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rlq7eLuxY2wFI29qTJUl4bW5nUCskQwa95qCEv62sskdtSxwUk1lqdlowRw%2BnMzhIvuQboMAUwMJbh1EogjuxL7P1sw0pislVE7aKss%2FjDwIgs4e08YcrAXcYRjnCn4zsrkFyVx%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
759966e5fc4e9193-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 0C0A 		138 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0a56969d6373599becf5b0483abf7a727528e4d57901cd8fc477d52106f967a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:19 GMT
AN-X-Request-Uuid
ef7b5bcb-6437-4963-89a6-9906d6ca45bc
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame 0C0A 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.226.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-226-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 0C0A 		173 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.39.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-39-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4eb5de8d4f1b81b3018ecf2cc38464ba0eb4ca11dcf48894d0de56d04ebbd9e0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
translator
hbopenbid.pubmatic.com/ Frame 0C0A 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 0C0A 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 13 Oct 2022 16:20:19 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.017201
X-SpotX-Timing-Transform
0.000352
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.017201
X-SpotX-Timing-Page-Require
0.000348
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001708
X-fe
138
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.020845
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Thu, 13 Oct 2022 16:20:19 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000889
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
cache-control
public, max-age=86400
last-modified
Thu, 13 Oct 2022 13:44:20 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
VD6XB4MBHFJKJ9DH
age
78
etag
W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
759966e64fe99c12-FRA
x-amz-id-2
a05TOcWOnJKrOsbJzgI4ouelLEAs/jW7tt5UEs3lfB6eB8+M9ZBIxELZdCS20TkaNbFYH4Y+BAg=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d43a78c0afdaab62e85c43f804e0f994d57679d9a959a40686498c5ef6b4e6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Oct 2022 16:20:19 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 07:22:13 GMT
content-encoding
gzip
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
32292
x-amz-server-side-encryption
AES256
etag
W/"2fa1275c04d6208db458c1ec8559f92d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
lYJWuete3vilnd1o9AROM5tVnfpvFkCtiND3KNsCMqoFYSydUIgiww==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.155.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-155-221.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210010655000/ Frame 4FEC 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1372b8e93b2564430b5d25a73adcb314332c3ef8987b54835ec1126dd273e82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Oct 2022 19:07:52 GMT
age
249147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61531
x-xss-protection
0
server
sffe
etag
"fad38abc3cd3dde4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Oct 2023 19:07:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210010655000/v0/ Frame 4FEC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6690c943dc6916f073007014274995c4b63a8c3342c9f0e38a2d5f6f553b70c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Oct 2022 19:07:52 GMT
age
249147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
etag
"d89cb332ee00a9b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Oct 2023 19:07:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210010655000/v0/ Frame 4FEC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9c25362d77ed9e7fc9b09c4f90f1cd5f7e63a779553ea96db425b33aa0f90e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Oct 2022 19:07:52 GMT
age
249147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28826
x-xss-protection
0
server
sffe
etag
"c27c5264082b6b5d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Oct 2023 19:07:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210010655000/v0/ Frame 4FEC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e72f7b38ac1a9a336b5fec2e0dc150dc214c3972e323dfbd043cdd082e2575d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Oct 2022 19:07:52 GMT
age
249147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"92732a03a38ee2ae"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Oct 2023 19:07:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210010655000/v0/ Frame 4FEC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a360d92d9084610217bbc9228381fc071268b72659333f62d7351a221660efa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Oct 2022 19:07:52 GMT
age
249147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12937
x-xss-protection
0
server
sffe
etag
"ddfc39a99ff4d103"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Oct 2023 19:07:52 GMT
css
fonts.googleapis.com/ Frame 4FEC 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 14:50:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 16:20:19 GMT
container.html
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
Fri, 13 Oct 2023 16:20:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FEC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
21841
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 14 Oct 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FEC 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 11:12:30 GMT
x-content-type-options
nosniff
server
cafe
age
18469
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 14 Oct 2022 11:12:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4FEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmDSYwjpIY7fLN8WP9u8PoM6SoASKppzhbMLdzqHrEPKD8O_DMBABIIb3hiZgleKQgqAHoAGk3ZqLA8gBAeACAKgDAcgDCqoE9QFP0C1uaGi2xsQN_9KzbI7AZnjfDfiw08E6tam9B4SxjSnI6vztQuecXXavB13eTqJNyCsfTvZNUTkRim6rACRLtHsLkh-Isehl6YJsZn1-N-B7iraR2FM-5MErcB4TzjNeSLVPh_Fqhp--UZ15oQlpUXmtEdQtCudjGuNBXJjfBQOeZoTPQ_KlHIkwmTpgVM0n0Uty6Uwit4CIpksoRy-FleBHCyeHSckuKqGkEtnPpkNomOc2UXdFNFtskGJAZ229UjQWcXM8lVV35oW0NJzXS0coQdDNGRhBC_bZ0LCYshBn8Iii1tVTDL6zDRX1UB20ZdBtKMAEzoW1z8ED4AQBkgUECAQYAZIFBAgFGASAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDslAjSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDIgUAdAVAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=2vXCsMggAlM&uach_m=[UACH]
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
container.html
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B233 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
Fri, 13 Oct 2023 16:20:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DF0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100502.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:18 GMT
expires
Fri, 13 Oct 2023 16:20:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4FEC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12e7b7106a582a6c8df78a4d1ef15f13c4892f87ac9595f107b3c3d62cdd3208

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
579.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
35e6f053568062b1e748bbe1e6eefd8b3646594f45095c6341dbfcb383f8da09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com&bust=31070257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 16:20:19 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4FEC 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 08:44:44 GMT
x-content-type-options
nosniff
age
113735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 08:44:44 GMT
css
fonts.googleapis.com/ Frame 6DF0 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 16:19:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 16:20:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 6DF0 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6DF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ_BnwjpIY7rLN8WP9u8PoM6SoATn3fX0bKCmk8-uELCygOyQAhABIIb3hiZgleKQgqAHoAHZ0uTPA8gBCakCgh6_BJtDsD7gAgCoAwHIA8sEqgT8AU_QmGG3f1fW4Se3jk4YCx0c1XfdEzGcOE3U-5ETfmhtaydj68DCQ4E-NDofuMu2yJMZP74IDTXG4jg9kylol-BWzGM0u1CaLbYBn3BZ9jVam-4NPY1z3nbe_Vc1iZvBwV6DHH_2vQtbQXuA9yHs1-1iZ6bVOT-D2qgjiAVdBSAULYMTtUKJSscJEIXkTVCGdCQkC6Jwc4YjKPPRRRYMmVa7D4_OFqf4d5JiNjJKe28NusdvrUlCa0A_YSuMcC1WRFVgSZg5AV0rzb6c9UXkWq056IAQLTTKZKcPJDk7Aa13VWKdtVwopWiWqBwo79-PoE_RFQ02IQd5Gf3fTsAEvKnkupME4AQBkgUECAQYAZIFBAgFGASgBi6AB_ixrTWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCAvwTSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAZgM6_CbgI8EuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=vn-BY0S6a-4&uach_m=[UACH]&template_id=515
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/ Frame 6DF0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/abg_lite_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
server
cafe
etag
2674910403068493586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 6DF0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 14:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 14:13:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 6DF0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:05 GMT
l
www.google.com/ads/measurement/ Frame 6DF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-2JeqJsgOLw2jnSG605wRk-pTXhLo2C8kZkZZuP6gMN6upTa_Shys0XJWmLVccT1sHka_pFpKsb942okTeDFF_02y-w
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DF0 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 16:20:19 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame 6DF0 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:21:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:21:45 GMT
cc2fa6f05f6b7ab36f626f2501931c3a.js
www.gstatic.com/mysidia/ Frame B233 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:21:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4312
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:21:45 GMT
7b10044830d5ce934f308db4c711e1fb.js
www.gstatic.com/mysidia/ Frame B233 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7b10044830d5ce934f308db4c711e1fb.js?tag=local_product/lca_square_v3
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc4fb74c76371d71da54ce28ce2edfb7ec95f0ad41367b43c37ef4f8be36dd58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 07:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14383
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 07:40:20 GMT
css
fonts.googleapis.com/ Frame B233 		13 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:16:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 16:20:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame B233 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/ Frame B233 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/abg_lite_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
server
cafe
etag
2674910403068493586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame B233 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 14:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 14:13:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame B233 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:05 GMT
l
www.google.com/ads/measurement/ Frame B233 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxbEkbg6ufSiSUtZ2rfuX9PYGN4zd6qTLDBT2SWvHUAStQiwfYt9u3D3YeSNcpbV2EOw0OSKGxBaOW_YV3kLzjABcF8A
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B233 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 16:20:19 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame B233 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:21:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:21:45 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7A96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1fA3wjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT1AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT9G6GLjcbArzzw21UiOnRu1U32IoihVwNqthzQytje2G5BsLCzIZ4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=Bigv2XCwH1w&uach_m=[UACH]&cid=CAQSOwDq26N9rqzXuof2pDSEBhu3kEyAO-LmZj_zLbtNpbcEqVt6CG5k0yrbAQlYip_uD0nkL1dtaNbWbJvVGAEgEw
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7A96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k63ECLikCdACmAKdg2ICAgAAANzcIsRkPmti9TWInwk5jtsQwjpIY4kXsiJ2zmliEWmiABIAAA&wp=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
283476
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C57A 		154 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd759af6fe54aaea81f0a6518fba9f79167fd8b1985fc6eecf8d71d6f9e5b578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6nF0bTp5CfamwuW5efsu7k9RbyWo6MQEKz0thCa9BczrqmN51EvycoLTsF7X8fEXyRzE6aPI_6TMr3kY7JnLbN_PRKYQNW2wo6JDfZoXgKU8hRqu3ChKFot4Rc6TTAhfCLrTjWsIloqGDa1KQIRK88HXAfXe5svEfkz-yxnIBfLiQweY-eo8enIpLAdkZ-worWAO97694iZeExmcAZZOVnosLWa7cjDvhcuJ9PJ56c5nhEd898kF8SP0sorBOj36edEv5g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
98778686
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 7A96 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 14:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 14:13:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0940 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 17:25:10 GMT
etag
48472445140208031
expires
Thu, 13 Oct 2022 17:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 7A96 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 03:38:05 GMT
l
www.google.com/ads/measurement/ Frame 7A96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8YSbiSiu1QEiQDaQpp4Bg4Tm8MTAILt7PfiTQBPP1_tq_Dut2NLGe0YlZMQb7VhoG-AfOiMiUM5Nw4mup4RNAMcq2Iw
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7A96 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 09:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Oct 2023 09:55:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A96 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 16:20:19 GMT
10074023703360132787
tpc.googlesyndication.com/simgad/ Frame 6DF0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10074023703360132787?w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4aadb2562ca721cfd827a843b4f98758939082377413f3b915114e1a4753922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 15:38:34 GMT
x-content-type-options
nosniff
age
88905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 07:31:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Oct 2023 15:38:34 GMT
truncated
/ Frame 6DF0 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6DF0 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6DF0 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
increment
id5-sync.com/api/esp/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Thu, 13 Oct 2022 16:20:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 060A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=simcast.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:19 GMT
server
Kestrel
server-processing-duration-in-ticks
1013189
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C95C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:10:32 GMT
expires
Fri, 13 Oct 2023 16:10:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 78D4 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f59f9b83821ed8f0a2c1947881a1d7734ea6bdc1ce1d28afc7feac167838e8e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KHOaMbF_FnvI1aFXOX5Hwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-KHOaMbF_FnvI1aFXOX5Hwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 16:20:19 GMT
expires
Thu, 13 Oct 2022 16:20:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4FEC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Thu, 13 Oct 2022 16:20:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 0940 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB12KQV9vv8m4Eg3xXSmkHo&google_cver=1&google_push=AZmPxg_wp-PjAvYu1leHprapF2TYx7m4m0fC8mzsu7yb7PfXWyUn-O6cDYXqHrbKI9PyafbELLcIiuA4Ko5b1S3kNiigHCpOgOLx
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0940 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEM8JNoOGGxRRkB-mNfsFbFo&google_cver=1&google_push=AZmPxg8RfP270-pO3u4dqM4SLxr7KzHCDI2yv38Ay7YEg05z8dnwRkkXPhzQ4wiOn3FDl_4_wz2xBrSmxxfQPsfV4eCxY5kipsXEsQ
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0940
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKSReJjB_ka1Yyup_DKYUkI&google_cver=1&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRje...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKSReJjB_ka1Yyup_DKYUkI&google_cver=1&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKR...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRjeMhYI_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRjeMhYI_
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8dat6L0r1HzGynrsH9p17iBbaPxkqHDve7pbTb8PzXHJ0PCeDs6uO_8sdvSqdOBA45E7QjQS-bzT3fb5PNasuKRjeMhYI_
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0940
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRPcl7wsY7TdaztTKaWWbg&google_cver=1&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEaxC...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRPcl7wsY7TdaztTKaWWbg&google_cver=1&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfh...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEaxCSflWM8-RILPPhHH1-I4B_Q
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg8SjBXhsa5KwioRn_qE7prg67C_wexYC9JnFVXRRG6xd1uA4AgJXDQn8OstGWzgHz_SCfhjEaxCSflWM8-RILPPhHH1-I4B_Q
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 0940 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELobRPIGSqIBsBWOoQ2tDZs&google_cver=1&google_push=AZmPxg8uSC0XcAp_GBXY9HbYqKdxiStDwB6JgMKrqzTE3m7GUU95M01K08OnUqhwd8SlMEmMFGCz926gn8pbjJSygmjuMj-SN3OmSA
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
oduiagr0h52ul36l7dq8dbqdntomem33
us
sync.go.sonobi.com/ Frame 0940 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg9EdEY66Bizaqlv-zmQGGyPQCjPWY-pHzbJLBPjjm6AKW9toXu7Sfvfv68jHTSyhBL4zr3yvDmST9sSZNAgJM3js58LS1acpA%26google_hm%3D%5BUID%5D&google_gid=CAESEM8Ki9TvRvaY9hcXT0w6GD4&google_cver=1
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:24 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-40
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0940
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvy...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvy...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvytDWrQuyRKg7WQ&google_hm=FeZUrGZHXc5_8-PeT_qN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvytDWrQuyRKg7WQ&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 13 Oct 2022 16:20:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_FxjNli7EVsmUFTZO6RUIzemC2zGModcDYpXaiixhALXM8z-QgU9NWiUexONJZPvXb4G7-pzJ8uyG8kDPvytDWrQuyRKg7WQ&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 0940 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPm2UHa0wRpg7lQcehhWu0_MoPOSI3xC-g9iPWqmLczI00pJ4iDgJe00PEP666nR3GnE6I
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame C57A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Oct 2023 16:20:19 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C57A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Oct 2023 16:20:19 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C57A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 08 Oct 2023 16:20:19 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C57A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 08 Oct 2023 16:20:19 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame C57A 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=aV-Xk1KL8GPFRhJ6YrOp14kvLuA0s0rbKtKBpY6zeHoVbsv0CXXVCUIDhqANaQdoTN2J5GQzpgXRTfGq1iTB5_23U6SHlCBmD0iP3nsTBX8M6-TiFkQSLLxNf1T1-ZjGsF2Dx3B9fplu5QQDrwo94eR8PUxr20BCcucj8ZM_4OsK_9BOKfdTSpibfaVB1o5kUmVqlQgEx8pOnVT_VAF4w2snZAaYNXOU7BzFU8dj8YW7TwKX7_ImyJGlGCE2N_HZxyGOq9q5Wfk7e-EnGMcL6zKSiKCLLEafgVbXbznCAgrSlxqfuXSW9411fYV_TKnSwNJpiVO_OIil90kR8JOL1gs73rIP1OO1iSC3FuBzkKduCgFVPrHHCBq8O3cp-rKu5NNccJ1a-KimBVTheK7wFZ_Wa-PKF7bsZyLgpNbLDG5gKPJb
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5893029
expires
Mon, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 060A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=simcast.com&sn=ChromeSyncframe&so=3&topUrl=simcast.com&bundle=aM8D9V9Oc2F5S2V3RUgyWmp2WWMyVyUyRnp2VWVXR2Ric2ljZCUyRjNRZ2d4aGdvYlVPNEhxV...
  • https://mug.criteo.com/sid?cpp=devXt3xVMjVKKzQyRXVUb285azVtWGJwYjRsRDNnQ29nMnFsNG5YeTU4bkVBSFUycmd4ZldFMEpkVlZRd25LRWJpbEswcFVLbDJFc2J3QWYwR09iT2Q5VHB3N1pnTkhKNDZkR3J5enloSGFYK1JsR3g4V2pwU0kwZXJpWX...
427 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=devXt3xVMjVKKzQyRXVUb285azVtWGJwYjRsRDNnQ29nMnFsNG5YeTU4bkVBSFUycmd4ZldFMEpkVlZRd25LRWJpbEswcFVLbDJFc2J3QWYwR09iT2Q5VHB3N1pnTkhKNDZkR3J5enloSGFYK1JsR3g4V2pwU0kwZXJpWXNJdlpXNTFRVG9WajAyTmtWaXFTaFVMRk0zRTdUOTJyc3dNcmdPb2F3ODZtYVBrdXlPYk1neGhXL0VpL3BWWFk1b0VVcEZEd3AzS3MzT29hMmt3V1JqbCt0WUZWaHE2NjFtOUkyaE8xUFRWV3BWWWRnK3ZRbTh5MWp4SmFUcVh4SXV4QzV5WFJCSU9GRjZEaURwdjhpZ3RXQ3I4ZmhiTEVKb0VBbnVvTVIvNFlVdXZTUTFwVT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c8396e78225d19edcb000b8601bfd429217230f2d23eadf9dbca94cc47c416e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2393377
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=devXt3xVMjVKKzQyRXVUb285azVtWGJwYjRsRDNnQ29nMnFsNG5YeTU4bkVBSFUycmd4ZldFMEpkVlZRd25LRWJpbEswcFVLbDJFc2J3QWYwR09iT2Q5VHB3N1pnTkhKNDZkR3J5enloSGFYK1JsR3g4V2pwU0kwZXJpWXNJdlpXNTFRVG9WajAyTmtWaXFTaFVMRk0zRTdUOTJyc3dNcmdPb2F3ODZtYVBrdXlPYk1neGhXL0VpL3BWWFk1b0VVcEZEd3AzS3MzT29hMmt3V1JqbCt0WUZWaHE2NjFtOUkyaE8xUFRWV3BWWWRnK3ZRbTh5MWp4SmFUcVh4SXV4QzV5WFJCSU9GRjZEaURwdjhpZ3RXQ3I4ZmhiTEVKb0VBbnVvTVIvNFlVdXZTUTFwVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
725299
content-length
0
expires
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FEC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210010655000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
21841
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 14 Oct 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4FEC 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210010655000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 11:12:30 GMT
x-content-type-options
nosniff
server
cafe
age
18469
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 14 Oct 2022 11:12:30 GMT
2652319142383699934
tpc.googlesyndication.com/simgad/ Frame B233 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2652319142383699934
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdce65c59d8d48e267e996153af14ff83be1af70d6e37c59c6dbdd635a8fbe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 05:19:34 GMT
x-content-type-options
nosniff
age
558045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2488769
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 10:16:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Oct 2023 05:19:34 GMT
10074023703360132787
tpc.googlesyndication.com/simgad/ Frame B233 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10074023703360132787
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31019c9d45fc559bd5b7d56caea9eb3d56a7fb8b1f5794b6f5fdf99af6c0af0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:51:43 GMT
x-content-type-options
nosniff
age
26916
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3143
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 07:31:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 08:51:43 GMT
7236275432524843255
tpc.googlesyndication.com/simgad/ Frame B233 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7236275432524843255?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmLW7qLcL5Bg0bCG_giLzsPfLaQ5w&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b50dd11c701a28d37710d29f90fd6ec60f5cc20556035657842cfc7d71534513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53731
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
16199060315739276296
tpc.googlesyndication.com/simgad/ Frame B233 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16199060315739276296?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmQLcz6pc_vXuFu8a5Zmja6FlxnyQ&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f17783ab8ef9f72da28ba858faa3ec4067a0c6a54abbd4707cfc5f547e5487ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61219
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
5553447860553581388
tpc.googlesyndication.com/simgad/ Frame B233 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5553447860553581388?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlwSR_otwD_hH5EZOuzJqmjd9qZRA&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e03a09d9b7e42b597b7c7d1a543523709cc669d7ed0e397ec1d5323239cbcc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52286
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
11760893083632820055
tpc.googlesyndication.com/simgad/ Frame B233 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11760893083632820055?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlPNjv-uc9B1XBE9GRrOkHPvlEKhg&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cf8f2e17ca87ead5ae512b3ae7fedb46ee97af0ec2930ac614366f8e3af5445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 01:05:20 GMT
x-content-type-options
nosniff
age
573299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36782
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 17:33:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Oct 2023 01:05:20 GMT
5237768404378814082
tpc.googlesyndication.com/simgad/ Frame B233 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5237768404378814082?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmQ2-obS7241OaGn5So6N2nZ9l1qg&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6867018d6ad63f52506884c687d0e2c18b6c8d5c77cc6beb854c7a6e32e13e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35897
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
truncated
/ Frame 7A96 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
449e77bd7d7575bb2ea9c06098a31f34706cc00578b91d274987f91527f8fdb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A51 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 17:25:10 GMT
etag
48472445140208031
expires
Thu, 13 Oct 2022 17:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14018238258511591458
tpc.googlesyndication.com/simgad/ Frame B233 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14018238258511591458?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmDoH9VtIbbj9LpAYOOnnCeD28zSA&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8a34feef57f0bae61f4bdfeb69279d83404dbbdc4f24f0c5dd1410b19e06697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42162
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
17057606885349183903
tpc.googlesyndication.com/simgad/ Frame B233 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17057606885349183903?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4ql_hpkZD6k5nxumXEx9GpuUdrOonA&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58c1bb99970d1d4bbf5614712ae63677a3dab93372581149ca2a51e72ed27ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51233
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
1420399882167117435
tpc.googlesyndication.com/simgad/ Frame B233 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1420399882167117435?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qkCsfd4weW9-DK_ntoDHiIuhWJHAQ&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82099de34016e1a9695203f3df4828f9c0e5affa5c174e2f4f29dbf5720ae7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60230
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
1942320299345675847
tpc.googlesyndication.com/simgad/ Frame B233 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1942320299345675847?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qnBJ2CsXKMEEPOJDPVC_1vLUbO5Iw&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cedcb1c3893d013167866b58735d4bdc88ed18c567bd2caf74417493e5c7ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78578
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
15812567348426905528
tpc.googlesyndication.com/simgad/ Frame B233 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15812567348426905528?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4ql2GU44U6F87amu7JifXQgLL9v1Jg&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4782a455e432220d22825cc2a24357d24b3e6add3df6c57a028ad88eb393286
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73883
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
13505233527746964697
tpc.googlesyndication.com/simgad/ Frame B233 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13505233527746964697?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qm8TQTHVPSH4gPkjDSvkTRj59xQBw&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd4ef058b25b1329ba6dfe146cd8c5e29d55821d7b3f7b6cb489421c1f8d9616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88459
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
16672675727333477780
tpc.googlesyndication.com/simgad/ Frame B233 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16672675727333477780?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qnM86j482Z4fLtr7gEmFyLxYqNOSA&w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a36889b9a30595916b0873ee414f9b0968db3c860a7be6acdb891523563a1fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:59:38 GMT
x-content-type-options
nosniff
age
40842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46507
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:37:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Oct 2023 04:59:38 GMT
13392867249100377424
tpc.googlesyndication.com/simgad/ Frame B233 		1023 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13392867249100377424?w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
089519d57709ae55c20e3c480bc73d23f891021e3a44fb7a34aa408745abf51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 00:44:24 GMT
x-content-type-options
nosniff
age
574556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1023
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 07:01:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Oct 2023 00:44:24 GMT
truncated
/ Frame 6DF0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc9b484398de21fd715e7b9b0b20f67b8b796543abd3f3f5f9de53b78df2b018

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
12515068480849997201
tpc.googlesyndication.com/simgad/ Frame B233 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12515068480849997201?w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5783636d7b3cdb204704d62e327c7b97f1ca0ca22e901e7ca8da45190f7e783c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 05:08:36 GMT
x-content-type-options
nosniff
age
213104
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1086
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 07:01:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Oct 2023 05:08:36 GMT
7085568262221304458
tpc.googlesyndication.com/simgad/ Frame B233 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7085568262221304458?w=100&h=100
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4683908a1b902c2f0800d2a25163dd4ac29e01786a9853426827d393050814fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 15:29:03 GMT
x-content-type-options
nosniff
age
521477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1047
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 07:01:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Oct 2023 15:29:03 GMT
location_map_preview_80x80.png
googleads.g.doubleclick.net/pagead/images/ Frame B233 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/images/location_map_preview_80x80.png
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f4e942b89543c917fca335351a2bd1d968c5415f04b2054d01348bed12dd644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:55:00 GMT
x-content-type-options
nosniff
server
cafe
age
84320
etag
208617018205852857
vary
Accept-Encoding
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4410
x-xss-protection
0
expires
Thu, 13 Oct 2022 16:55:00 GMT
directions_googblue_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B233 		448 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/directions_googblue_24dp.png
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3254b0c4685110561aece33f604a07923b63e4dfd91ea9bd691a65ca85455691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 16:54:43 GMT
x-content-type-options
nosniff
age
257137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
448
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 20:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 10 Oct 2023 16:54:43 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B233 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEdBJwjpIY7nLN8WP9u8PoM6SoATn3fX0bNGAx8LqEIXdo6fZAhABIIb3hiZgleKQgqAHoAHZ0uTPA8gBCakCgh6_BJtDsD7gAgCoAwHIA0iqBIACT9DsYLNeT5nP9utShS4codNruWBuJcYCK6tIsRZcWaHDyI7A9nHYlt5D3E3knhOiBS-Iy5aTXeSuVTNMPo08PQXg07EXX7-dd3xPkf2VpOW3hIpacuiLGC8DmINdSV_f1vBMVq4sRyXY2vyuhzMED55XI3s1EW9118sWl73eOuLuNKJRk2l_zw6KZicL_OySEFEWHswkTq8IfBW_7aERFAVjX3_LeXBmW3w5GYvBTS_Aq2Xa0BxxNlTqhGEGG-iZ9N-c8pmZ5IKi8w3LbOW7JW-nS8uWj-57MdIX2KcqIhxyDRS-5Rd2NhQPMvhkrOHyUmZj50aLA3C5tyGH1gr3sMAE_4a9nJ4E4AQBkgUECAQYAZIFBAgFGASgBi6AB_ixrTWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQnLYEqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGYDOvwm4CPBLgTpQTYEw7QFQGAFwGyFx4KHAgAEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=jhvsy-u-sY8&uach_m=[UACH]&template_id=549
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5449 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 12 Oct 2022 17:25:10 GMT
etag
48472445140208031
expires
Thu, 13 Oct 2022 17:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
16n4ro2o2143508506q267p89qpn2093playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/16n4ro2o2143508506q267p89qpn2093playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7389cd2d5790e13447a71c21d5c66161b38f7a5375b3f503329e829d011a3cee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:53:54 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
66387
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Wed, 12 Oct 2022 21:41:38 GMT
server
AmazonS3
etag
"a4600cca2230ea60aa7f99eed2434f93"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
yGb6woYdkELX6JeAt2XAnZprJsM258ru-7NoJyby2qQ8JPHRaiil-A==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=4373.2&relativeTime=1129.1&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.539.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=4373.9&relativeTime=1129.8&sm_id=2295599&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=154.1&prebid.bidders.appnexus.time=115.4&prebid.bidders.triplelift.time=107.7&prebid.bidders.rubicon.time=609.6&prebid.bidders.pubmatic.time=100.8&prebid.bidders.spotx.time=128.6&prebid.start=3745.7&prebid.time=616.9&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ Frame B233 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
007e822b7306a0fb36f3c795dc682a12c8e3a68682a0310cc8cdc00fcb23ff9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6DF0 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 08:44:44 GMT
x-content-type-options
nosniff
age
113736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 08:44:44 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C57A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
70838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJjQNqZgdWSEdd%2B2C2fn7gnmlSftNk2tHNNmsQfjxR06EsVGwW4dzGCuC3%2Bw2l%2FyU87st%2BhLpIR5XM6bPHUkGAstT%2F6Tm2%2F2YRCkMhgJc7F0kScdWNE%2BGJ8U90kLFfp4xJQuoEB74aWTuSRZ2CntTIyf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
759966e9fdb45b38-FRA
expires
Tue, 03 Oct 2023 16:20:20 GMT
animejs.js
static.criteo.net/animejs/ Frame C57A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Oct 2023 16:20:20 GMT
87c32c6c727d4e84a9edbf2d82fc5b4c_montserrat-medium.woff
static.criteo.net/design/dt/ Frame C57A 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/87c32c6c727d4e84a9edbf2d82fc5b4c_montserrat-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
293c0759f28a7c7c87ee2551994bb3f956ce544da2ba978a49cffdec05403dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Mar 2019 11:22:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c7915da-d614"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Oct 2023 16:20:20 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=92&m=0&partner=6320&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F6320%2F220104%2Fda98c66614694405a204bd8f23b37f14_imp_logo_1000x1000px.png&v=3&w=668&s=_I1ZoUIp36pn5kpeOCnSwE5a
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
974351381ac6aac628c5020a74f4cab1120180ae0d0c02c36f5f5dae9d0edab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30819735
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13866
expires
Thu, 05 Oct 2023 09:22:35 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F063f722b99b05436bb27fc89d816737b%2Fjoop-buegel-bh-serie-tender-flower-0001730756.jpg&v=3&w=400&s=u0gusGYCZAVf4M_0HfpC-y3r&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c451bd8a33213edae9154c6af23596d73e1ced2a9fcaed41e4c15912ecefd35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30364863
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3150
expires
Sat, 30 Sep 2023 03:01:23 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fb8c4080f094401a4a8cb274e42d573a5%2Freken-maar-steppmantel-0001533244.jpg&v=3&w=400&s=aANfky-aH-dZ855gSrPZXUO7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f36a5656d2efae628cb7d580137807708e3bec1dbf211e6b8b394c22ce8b57d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29180783
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2478
expires
Sat, 16 Sep 2023 10:06:43 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F702c87eccccc28bed5ecdf8389a4c4b7%2Freken-maar-stiefelette-0001790954.jpg&v=3&w=400&s=yIzY6cFbnYX1Lakqp1FBtSOC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ce33b97d10be813db4e94a5b8a664568a0fb4ff75b6a4dac0b22124ca19ea4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30133156
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7072
expires
Wed, 27 Sep 2023 10:39:36 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Ff5770f66f88d04d76add8976657b7768%2Fsienna-kleid-0001794615.jpg&v=3&w=400&s=Mmhp79ZF4Pl4JW8rRMRztvXY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
47060c63eb696ba0703f940afefc057ec694c40aa52e0c10c2585ebade89884b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29976168
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24098
expires
Mon, 25 Sep 2023 15:03:08 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fcb37dea5da7ba8ae93edfeaa9648e6f6%2Fdrykorn-teddyweste-0001707080.jpg&v=3&w=400&s=vwF9UF1c-1wrhfSeswtabhtO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d5c7a4f9911dc5b1b82b8d83b2eccf2f928c8f9be551c81f43ebe5e2c205f8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29943108
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9926
expires
Mon, 25 Sep 2023 05:52:08 GMT
img
pix.eu.criteo.net/img/ Frame C57A 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=6320&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Fimages%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F635c039cc6d7c132a9fc245652ffd6a7%2Freken-maar-mantel-0001801555.jpg&v=3&w=400&s=sKcNig4aCpdTnqLkCxj-Owkp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7178cd7f2ac564d92e6486cee7c86008830049312a55558cd7517673605a7f59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30403811
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5586
expires
Sat, 30 Sep 2023 13:50:32 GMT
all
csm.eu.criteo.net/ Frame C57A 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6nF0bTp5CfamwuW5efsu7k9RbyWo6MQEKz0thCa9BczrqmN51EvycoLTsF7X8fEXyRzE6aPI_6TMr3kY7JnLbN_PRKYQNW2wo6JDfZoXgKU8hRqu3ChKFot4Rc6TTAhfCLrTjWsIloqGDa1KQIRK88HXAfXe5svEfkz-yxnIBfLiQweY-eo8enIpLAdkZ-worWAO97694iZeExmcAZZOVnosLWa7cjDvhcuJ9PJ56c5nhEd898kF8SP0sorBOj36edEv5g&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 16:20:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C57A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Oct 2023 16:20:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C57A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Oct 2023 16:20:20 GMT
010n68pq87n347782rp9p1074ssrp66pbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		918 B
1 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/010n68pq87n347782rp9p1074ssrp66pbase.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70a81e5c39cf8f203f39ad1bc6765629d5f518935813e9f6a6d1d8db39f4a12d

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:09:17 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
51064
x-cache
Hit from cloudfront
content-length
918
last-modified
Thu, 13 Oct 2022 01:51:55 GMT
server
AmazonS3
etag
"5a13764284fa421662bdd36eb6699b87"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
pF7yWHZ1re_jYDJJDnFCex82ins6SMALY1J05i7kJ5htr876isgc0Q==
16n4ro2o2143508506q267p89qpn2093.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		377 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/16n4ro2o2143508506q267p89qpn2093.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33ccd222e6de6eb9498f8362a359a0d34be82056e0c471e611f5953e3c4d32aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:53:55 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
66386
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
377
last-modified
Wed, 12 Oct 2022 21:41:46 GMT
server
AmazonS3
etag
"45a30c9b09394ca263a1042869f2e125"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
LV2rfiYDgMbNT1gfEOQz0B7RbfzNmxq847O5t9E8h1tqThezbH5Hzg==
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B233 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 08:44:44 GMT
x-content-type-options
nosniff
age
113736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 08:44:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 78D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221011&jk=1135657953840125&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1A51
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFedboX5BVKCeHpfHK3TjKk&google_cver=1&google_push=AZmPxg82C2IvQRDHedTjUWXB6TXagT5w03X77x8BGmUciYQWuU05RuILGkw7GSwZnh8oTHewOKyczKDWR4h...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg82C2IvQRDHedTjUWXB6TXagT5w03X77x8BGmUciYQWuU05RuILGkw7GSwZnh8oTHewOKyczKDWR4hmzHV0uiwXwgsQ1OjRDw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg82C2IvQRDHedTjUWXB6TXagT5w03X77x8BGmUciYQWuU05RuILGkw7GSwZnh8oTHewOKyczKDWR4hmzHV0uiwXwgsQ1OjRDw
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg82C2IvQRDHedTjUWXB6TXagT5w03X77x8BGmUciYQWuU05RuILGkw7GSwZnh8oTHewOKyczKDWR4hmzHV0uiwXwgsQ1OjRDw
Date
Thu, 13 Oct 2022 16:20:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 1A51
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEO26HNtMJRc-38yk_s35oYw&google_cver=1&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEO26HNtMJRc-38yk_s35oYw&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD3gFlMrVQQdWo9n6&google_hm=UUFzTVNzMVJBYUtrWDBY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD3gFlMrVQQdWo9n6&google_hm=UUFzTVNzMVJBYUtrWDBYTFV2dU4=
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:20 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_H8QyDrOow7bkmayrtRJbnNthKN3_rEdghhBq1INY7XMW02NvdL_lUdT_u4qLIKB0L81puXwBf0RNgD3gFlMrVQQdWo9n6&google_hm=UUFzTVNzMVJBYUtrWDBYTFV2dU4=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A51
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg8N4zteXdOEPj44jeJmFhNUj_lavbS0cKrbha0pB0frNAojX7w-PSLP6ir85XU8C7IOs5OsCQA2MVdLTbYZw...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8N4zteXdOEPj44jeJmFhNUj_lavbS0cKrbha0pB0frNAojX7w-PSLP6ir85XU8C7IOs5OsCQA2MVdLTbYZwsFejmcpC3LkFw&google_hm=FeZUrGZHXc5_8-PeT_qN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8N4zteXdOEPj44jeJmFhNUj_lavbS0cKrbha0pB0frNAojX7w-PSLP6ir85XU8C7IOs5OsCQA2MVdLTbYZwsFejmcpC3LkFw&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 13 Oct 2022 16:20:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8N4zteXdOEPj44jeJmFhNUj_lavbS0cKrbha0pB0frNAojX7w-PSLP6ir85XU8C7IOs5OsCQA2MVdLTbYZwsFejmcpC3LkFw&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1A51
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHD-SjqxHZGJ6SOOzL0W2wM&google_cver=1&google_push=AZmPxg8pJskx3UYtv1_C6jFGo-T9cz8DwXKvYGBw0wxO11P7ICtGqYtHKR0WDpsZkJNWTnY6F-ViKR7yOXl_XJikpH9Xt9pPn...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&mn_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8pJskx3UYtv1_C6jFGo-T9cz8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&mn_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8pJskx3UYtv1_C6jFGo-T9cz8DwXKvYGBw0wxO11P7ICtGqYtHKR0WDpsZkJNWTnY6F-ViKR7yOXl_XJikpH9Xt9pPndlDJw&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:20 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&mn_hm=MzA4Njc5NjIwMTQ5MjM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8pJskx3UYtv1_C6jFGo-T9cz8DwXKvYGBw0wxO11P7ICtGqYtHKR0WDpsZkJNWTnY6F-ViKR7yOXl_XJikpH9Xt9pPndlDJw&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 13 Oct 2022 16:20:20 GMT
pub
cs.chocolateplatform.com/ Frame 1A51 		0
0
pixel
cm.g.doubleclick.net/ Frame 1A51
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELNpAqlHQGS9T5b61okBeN0&google_cver=1&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6T...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6TMaC-jdz68r3Zj5f4X7zq7Mr1A&google_hm=WTBnNnhNQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6TMaC-jdz68r3Zj5f4X7zq7Mr1A&google_hm=WTBnNnhNQ281c0VBQUF5ZU1XVUFBQUFB
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
9
Date
Thu, 13 Oct 2022 16:20:20 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESELNpAqlHQGS9T5b61okBeN0&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6TMaC-jdz68r3Zj5f4X7zq7Mr1A&proto=google_ebda","cluster_id":9,"gdpr":true,"ipv4":"0.0.0.0","key":"Y0g6xMCo5sEAAAyeMWUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad329"}
X-SO-Key
Y0g6xMCo5sEAAAyeMWUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad329
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg_Yo-YLGYizrumcyiHAfybYyXMlnHAcx8yITf2tvdrd1qcnUuBSGXTXokSNOCQGyErXctX6TMaC-jdz68r3Zj5f4X7zq7Mr1A&google_hm=WTBnNnhNQ281c0VBQUF5ZU1XVUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad329.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-IP
178.162.209.139
um
cs.emxdgt.com/ Frame 1A51 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFM335CmCP1UHLQn_kDMcA0&google_cver=1&google_push=AZmPxg-jGy9VhU7_kYEDwIlyuI85Jh1sNBY6RWtDe8c2miOpGfuNygpvx7_ki0I7enzoDj65x3ETO2369Z5Nr4QzumEVPaVdrzbOuyo
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 1A51 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXOBJWjcPoJgwiMw1uKCedAJkGzw_Vwe9Ld_1xBntF23j350L0YAmbLu8iljScC4jje7feCQ
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 5449 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEILCMOTAkl8PVDoIj8Ys0JQ&google_cver=1&google_push=AZmPxg8o2dVlCOOHSptnwc0qCnxnYylnGC6D9tZS5xBm2O3eZ8yvHqRd9QSwRy2iVCYuEWgZa_iEmy3UNIZ8tLzbInkJ_LDugzE
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESED1WQfRBER_giESuAl7Rxr0&google_cver=1&google_push=AZmPxg8NJTCpBxx4G3c0w_5gHQz9r_pu9hRYOcgwjio6fhB_QW7SMBu3kNFDaL-EP9sbWmYAzwyHDLP0jOT14vSwst6Wr6Gn6Hk
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0U5MUYyQUZENDZDRDkxMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0U5MUYyQUZENDZDRDkxMQ==
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0U5MUYyQUZENDZDRDkxMQ==
date
Thu, 13 Oct 2022 16:20:20 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEK_W118EK-3n22N5JVkLkwU&google_cver=1&google_push=AZmPxg-eCBnVRrDRFUjOGWOGNqXOBFvvu6TwnyKsdzf96hHO75_HK_-IVR2859zssmvh6Eyl95_f24G65WRpN5tc...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_3IJ94dkR-q8UA29bKJYhg2&google_push=AZmPxg-eCBnVRrDRFUjOGWOGNqXOBFvvu6TwnyKsdzf96hHO75_HK_-IVR2859zssmvh6Eyl95_f24G65WRpN5tcT0LTuwO-Fg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_3IJ94dkR-q8UA29bKJYhg2&google_push=AZmPxg-eCBnVRrDRFUjOGWOGNqXOBFvvu6TwnyKsdzf96hHO75_HK_-IVR2859zssmvh6Eyl95_f24G65WRpN5tcT0LTuwO-Fg
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 13 Oct 2022 16:20:20 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_3IJ94dkR-q8UA29bKJYhg2&google_push=AZmPxg-eCBnVRrDRFUjOGWOGNqXOBFvvu6TwnyKsdzf96hHO75_HK_-IVR2859zssmvh6Eyl95_f24G65WRpN5tcT0LTuwO-Fg
x-host
tde-deliveryengine-production-9df4ffd5c-qx8t8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRPcl7wsY7TdaztTKaWWbg&google_cver=1&google_push=AZmPxg-R0pRbM8iGBBkejls4XpkLIuN1xm1UgQ8YUX7JfxFTss6B5Mq3ISxM08Slw9Y-Xq8fxoWhYjQm...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg-R0pRbM8iGBBkejls4XpkLIuN1xm1UgQ8YUX7JfxFTss6B5Mq3ISxM08Slw9Y-Xq8fxoWhYj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg-R0pRbM8iGBBkejls4XpkLIuN1xm1UgQ8YUX7JfxFTss6B5Mq3ISxM08Slw9Y-Xq8fxoWhYjQmKZHYAF-ilU3u-FuPiPI
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI2MjMzMDI4MjM4MzU0MjQ1Mw&google_push=AZmPxg-R0pRbM8iGBBkejls4XpkLIuN1xm1UgQ8YUX7JfxFTss6B5Mq3ISxM08Slw9Y-Xq8fxoWhYjQmKZHYAF-ilU3u-FuPiPI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
dsp.adkernel.com/ Frame 5449 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPrz5xt3fmMmvve1-ttR7jo&google_cver=1&google_push=AZmPxg9DMe-sxG9ked0TxNQP5jJ88RKlPn5Ln2CNA_xPhIKmuo4UYjFXiYqSOXkXg4ahaJK1f-oiJHYUR54juk2qME-QtBU8JSU
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:20 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 5449
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECmqqhUHdMNz8KUB7ftVX_U&google_cver=1&google_push=AZmPxg8pTumbSc21-u-YbuNG5u38sd0pdzI28wRml39PnbGxWeBrAJmYeBPCqNQlKDUp2z52YFbWpjvmLErderyMe...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8pTumbSc21-u-YbuNG5u38sd0pdzI28wRml39PnbGxWeBrAJmYeBPCqNQlKDUp2z52YFbWpjvmLErderyMe_M3QJXqr74&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8pTumbSc21-u-YbuNG5u38sd0pdzI28wRml39PnbGxWeBrAJmYeBPCqNQlKDUp2z52YFbWpjvmLErderyMe_M3QJXqr74&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 13 Oct 2022 16:20:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8pTumbSc21-u-YbuNG5u38sd0pdzI28wRml39PnbGxWeBrAJmYeBPCqNQlKDUp2z52YFbWpjvmLErderyMe_M3QJXqr74&google_hm=FeZUrGZHXc5_8-PeT_qNEOKU
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
match.sharethrough.com/E4rooAtA/ Frame 5449 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAdvDy6feXx5qldcONiSwJw&google_cver=1&google_push=AZmPxg9fNX5j6eWmWJCkFgqa3AsJrr9_dQ2eGdtVbv9Q_P7x3YUlqty2BFgYmgR8KRVPNRTYuo4AYiX6WuJP9fqd0wGQAEOFGqM
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.205.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-205-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5449 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-ndwUHJYD6eXo9CzO4w_f6SGY3E859kRIVSmPWexfhboVe88D6bgPwC6bhcsmZR6vNuautA
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame F007 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: sebaba002.xyz
URL: http://sebaba002.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 07:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 07:54:04 GMT
GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
pagead2.googlesyndication.com/bg/ Frame C95C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 12:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 12:36:09 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E104 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2295599&us_privacy=false&cust_params=sessionKey%3D214589498-asGEx-He1pnPjBf7%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.1%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D3%26iris_id%3Diris_42eb674e1eb2764f%26iris_context%3Dic_2453406%2Cic_7095941%26us_privacy%3Dfalse&sdkv=h.3.539.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.539.0&sid=116F2DA2-C831-440B-B0FE-8AD988EA533A&a3p=EhwKDWNyd2RjbnRybC5uZXQYzZeWkb0wSABSAghkEhkKCnB1YmNpZC5vcmcYzZeWkb0wSABSAghkEtYBCg5lc3AuY3JpdGVvLmNvbRK6AWFNOEQ5VjlPYzJGNVMyVjNSVWd5V21wMldXTXlWeVV5Um5wMlZXVlhSMlJpYzJsalpDVXlSak5SWjJkNGFHZHZZbFZQTkVoeFZUbFhSak5PU0RoMFlXVk1hMHhhTkUxQ1RURTBSa1l3Y1ZSNk1VMUNPSFo0YkRsTGIySTJXWE52UzBSSFlrNVFhMGQwVERrNFRYWnlkR3RRVGpWNlJWa3hibGM0V0hCWmFDVXlSa3B3ZVRWdVNFOWhlURjAmZaRvTBIABIZCgp1aWRhcGkuY29tGM2XlpG9MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y95mWkb0wSABSAghq&nel=0&eid=44748969%2C44760950%2C44765701&ref=http%3A%2F%2Fsebaba002.xyz%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1665678016635&idt=2822&dt=1665678020407&cookie=ID%3D3fa94a9018f8196e%3AT%3D1665678018%3AS%3DALNI_MZqSlk_WfTuvReeOLo_-WzIdqZRJQ&gpic=UID%3D00000b7265b90f16%3AT%3D1665678018%3ART%3D1665678018%3AS%3DALNI_MayVL4SRRa00r6671Tsj2hF22hDVA&correlator=2047738842760732&scor=2430525129561420&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
aad4112817c2cbb74082752d421a230305954cf0dfb9298d68019bb729d86abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1287
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame C57A 		1 KB
499 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6298c3b513f2c4653a5ecd25fab7ffb5c74a8ce3c63b176f91621b77a7bc6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:51:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 16:20:20 GMT
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame 2860 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: 4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 07:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 07:54:04 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Oct 2022 16:20:20 GMT
16n4ro2o2143508506q267p89qpn2093-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		551 KB
552 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/16n4ro2o2143508506q267p89qpn2093-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d59a5e804b2483189a42840e6da9c2b59db08da73dfdf2b196bd79b324df7e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:53:55 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
66385
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
564000
last-modified
Wed, 12 Oct 2022 21:41:46 GMT
server
AmazonS3
etag
"2f00d3285d15a37c32944ad4648ccfc9"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
wGN9LxhVI8YRpThb4gyx_TEFO_VBb--_qkRPosQyUFBd4aZrkvwx3w==
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ Frame C57A 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 21:17:25 GMT
x-content-type-options
nosniff
age
241375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19860
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 21:17:25 GMT
d886e39c-9287-419f-a596-4e496efd2672
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/d886e39c-9287-419f-a596-4e496efd2672
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6752a6f20aeb0539a6a6001e577f04a3ecb7883cc16213259198bd1486e4551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=4895.2&relativeTime=1651.1&alt=0&sC_ID=8783&sm_id=2295599&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=Cbf9U3V0YW&USR_ID=214589498&ST_usrKey=asGEx-He1pnPjBf7&SM_ID=2295599&C_ID=12018&C_companyName=Adapex&version=70080010&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=sebaba002.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.96.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-96-88.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 16:20:20 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Thu, 13 Oct 2022 16:20:21 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E104 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214589498-asGEx-He1pnPjBf7%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.8.1%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D3%26iris_id%3Diris_42eb674e1eb2764f%26iris_context%3Dic_2453406%2Cic_7095941%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=116F2DA2-C831-440B-B0FE-8AD988EA533A&adk=2458199627&correlator=2047738842760732&ctv=0&dlt=1665678016635&dt=1665678020679&ged=ve4_td4_tt2_pd4_la4000_er563.20.718.320_vi0.0.1200.1600_vp100_ts1_eb24171&idt=2822&is_amp=0&omid_p=Google1%2Fh.3.539.0&osd=2&ptt=20&ref=http%3A%2F%2Fsebaba002.xyz%2F&scor=2430525129561420&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44760950%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.539.0&sdr=1&vconp=2&video_doc_id=2295599&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&a3p=EhwKDWNyd2RjbnRybC5uZXQYzZeWkb0wSABSAghkEhkKCnB1YmNpZC5vcmcYzZeWkb0wSABSAghkEtYBCg5lc3AuY3JpdGVvLmNvbRK6AWFNOEQ5VjlPYzJGNVMyVjNSVWd5V21wMldXTXlWeVV5Um5wMlZXVlhSMlJpYzJsalpDVXlSak5SWjJkNGFHZHZZbFZQTkVoeFZUbFhSak5PU0RoMFlXVk1hMHhhTkUxQ1RURTBSa1l3Y1ZSNk1VMUNPSFo0YkRsTGIySTJXWE52UzBSSFlrNVFhMGQwVERrNFRYWnlkR3RRVGpWNlJWa3hibGM0V0hCWmFDVXlSa3B3ZVRWdVNFOWhlURjAmZaRvTBIABIZCgp1aWRhcGkuY29tGM2XlpG9MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y95mWkb0wSABSAghq&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&loc=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&cookie=ID%3D3fa94a9018f8196e%3AT%3D1665678018%3AS%3DALNI_MZqSlk_WfTuvReeOLo_-WzIdqZRJQ&gpic=UID%3D00000b7265b90f16%3AT%3D1665678018%3ART%3D1665678018%3AS%3DALNI_MayVL4SRRa00r6671Tsj2hF22hDVA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
301b2116ebe155babb58983c9a1bb977b27a42d759b0ae9e0d8f1549ed292d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6829
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame C95C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?efvI6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
16n4ro2o2143508506q267p89qpn2093.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		377 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/16n4ro2o2143508506q267p89qpn2093.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4ef26ae9d68ebe884f1435bbd71377a3adf5d8bb1dcbeb49f9c573fe2d4fed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:53:57 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
66384
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
377
last-modified
Wed, 12 Oct 2022 21:41:56 GMT
server
AmazonS3
etag
"dc60c0e0b24729c99a783e4b9bd0a8aa"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
8nLFDZjq2cT2mMxcoAQyh3grU1RyOgUNKUDJswZERcisDSMtviqo2A==
vast
bid.g.doubleclick.net/dbm/ Frame E104 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AmYsfPn7RgQvqyJsHTXU6f-biRqEdmgdAaaYAEbDtC4M4xNXQDQ-56o7At0SxNX7UGvqkfac1g1-VK9ukZpvn9gyx1kw&cry=1&dbm_d=AKAmf-AYf_YX8M0CmtpMrUnj_W-DNc6oJzEMCkVknVZfnGPOTMbtcqqm9Wc2WpVAKQFoGkuvyiDJRafoEMGbKiKJNzZJemx7OF4n_BzkxBVZtnMKWqaIpicDsFXJ898kbzTMWQdGwPa3iyYYhDG4n5RGPDSVJQ_JapYuWrCjqlQkMXhlGnJ22UUdmHH1wK0y6SxcaIQ4KpXiXDnPtGIrdtRp5ePCYcYgANpAhEzjivu-hY7nNnB0xitBO_g79C4Bpx_yx9riUNCJGgrsYD2dA20TfePpUG6q0FjZge03ISN1_qHq4BjAOY9ICg9zSCNr-fvhW4MjGfMq0x6H_90HvH1Abq7SkO8m4d2i8toVqWu53PZIkt6sBNHrAmDhW6n4k74LZrLQ1uaI2fdoc96-jBAPASmf5_lHlk31TTO26TJWBNZ8bY8TB3UVk1R851I5DQMzeunh6nfqx4rsvsxlCs3X5Usqck566VVaAGKhoeRdt_zbrSp94msVQ78kNI_mmZKQFVKLhjES4V0OfmXNZxyz1MfmKFzvNEX95AYBOeqyI3ZJGNHh3Q8d8Dk_ZB39D03n6lgYN2fQJfS5jqRJ-Gusd04hUKM5kmI5n4tgGAudzj68R4eBdv3Xr0VjeNcp_6ZAiZgcxQsRi9BfZokx9j3hDMYpBaDx_KhqhrJWfKgWkJhstH_M9XA1XfMkOvlg7VK3KgMUXOUbxDPiwtRYa4QpbYJ8WVrB_Fcn0nOJRXrbhZGmQ9g4Kg1kgvzw7KtjNo3cphrRgAJ40a_xiNGYb6Agjd_mNgYphqmSEN9dBo9rwxDyDs0JITxG_MH_2ur40-Jawmq-vpe9xCqcNBKO6C4_xRikA0SDEPAagU2tW-R8zF6eCtcr88Wv6CaSWHwgJNKRYdAatWfw7S8EHdQ-zWWYJDM8vVf6KE87ZbC0C34USzf_1XMD_825trtgDLxsHPHI08fT9YnDN8Es3hAKv3Q1cZKlUqBtwsQ72GOTsMTEkRplwZtsG8viJP1F6CQIkR1lZWqw0TYlM9Ivx4HovStuN9Np_n1zZ0IWb67I9ogvXpyq1uEA8CU--qxDejC7fO4KPwhYcCXapa5EJ6v7SBc-PC7y4zBSlt-hsu_bmzCcqOt_iNlrIuCa5R2Tvasaz2lj4Z3oaF8GlJTLdg8BZHYv6FjOlXzo-5BMYuZHphLj0T0XXZ5fhLnQdcDyTWFUqRaO6R14Gowa-zHFtg8K9TjeGGSi0HlLLD7f4Lbme482mK612Jz2FAdmjfR5ghjDjaaQLEYgB2MEfHjgRr-k99M6Lk8-dzPluInCr9xFAemFR9nfwtBV_JQNMWaqX5gA8YuxmpcmBQJ4EPSIn0UAYRgXonYaEfoJKVdfc-8fnXngsu38l2X6IVPMCDuon_aB7Po6UHDoohjngxQ9qbw0Gh5EjBbRJmYIt18nmbqu-AYwuBTRrKKgjxjQKOOBNr4DRzr40LmYBRAG0cj8NkFIbcZGbtpH_aGNahmqYadzCXUtA239INPTVpthaeCU7Zo1D_9t0kvvqy902Q1j5o7BEOlJ-qnH3DhGtT3ju8qNCYxMV0NXpL1Dw_ikjutc93Lh-0FWG-FOwruZAqKFLQz1bNaOUbVIHSqV0FHbzr8ytfXwf8V7hB2vPRGujPKEHe684DLZFqU2vQWQNdDAw8utBZtmv5x7B3G-TvvOjftcYuCSUA2iD8L_TaCbMsgghPvDmi5qABinBGlpyZ_VKBoD80UVbhiLjn1qYsDZbYWLNeHgKBU8yCVsI6tn4ZDmUQoFJySAPnLH3pFcMjrFxmnC67zg1TSnMkAeOJ-OBV_f0Jc_w7g9QlBwKUW0m3gtkcoNzzus9KGObqoNfxTF16mpNhjpj3brVxS6RkpOpE8vY2dkxAocXWmNIjTKuJJpZ2eoyVHBaw59HwptlLfbV3qNdsucOuGRCW8AVRS-GoVo3TkSZDT9f2fKEp10qI0yhdRObF6WbbwzX7P-Sp9PE5dSBxoYT0KSQwSfzardRcVL1Scr5KBMVObjBmpmM8Pg6RifARIxio9C8z9eCfd04f1U6cdKWCIBfiTNokaAoIiclxZwyu8aZwx4uanFiWVxztittFyC_hXhbe8cexEoAj0iLf3Nsh_0p21GKwCdF2YkQfBqPGCKS_iu8R8wSEQ_ydeW7L7kiRwgwkx5ga8WUnsy3VQixxcKw20G2UH_RnHXK3WE0i7glmoKKNltfXOSMWUmC9Heh-QX8pM3508QbCoqlGtH8jQ5GBeXqq70pIqpFXTSC7NVr-UUhzZXXSOUMIJ7QDT9PnLbFvg4rd9jDlKda79wQ8ti27S54eMfaUIWsvDBwi-rw5-hSuE_YGcWgOX9-AUmjKbePh0szKC8NHLBqJ1UtwD1Djm6X-_3fR8mKSNL-j-SftcixP2MZgYGd88VJrKr6imD_lySwpb5SU46sJlnSjYBNqCiUR7gn4AOcES78kYSkirzcUxSqy5nyd7HwPhc8SDLJUtIHXDYuVy0EEnEHMhSJGBWQ1brzBmcBpqC3OL-EcWHEYPKKQF4r31vybuY9M2VBED3vyyVamomoAU59Mq18tQ2jkgCiCvnZkqrp41i7NtSEt-mEWhCfHigklaAVCLUlhj1SKZoofW_RaZYSOca5Kfiu24ypFHVk_zC7VNiE64ysuWCNiN482fU2_gP_QZX59Vq3w4mcz4EGAMUtkUCiUTAXEohPvQvY97ByQ8b32YsljK7F-fDAIwVe_USoAkkasD2fD_xsDEPcvk0y4xjESe0hKT9RTStcWR6Fx5UEc4gcQzggziiSyXY2L8igLkxdipnjaXH89x58UGaneEtSNhH87ANjbsysr7hZjh8tCanyBH3QJF_tsT5t1yf2ce5FslHzDso_EdZ--yBXH9X1ZSPuRt5vo_gAo_dba5XR2Y-BiiNQ_QXXYRP0GS2-MmgHz0g1cDSCiYe1I_ttaETuctajpCWp-4D3AwK8ksEFLrTGLk7ekRetwHWhmacOzdnxrvT3IAKfY16Tg3dXGm6FdGN4zRS2AtvFZ4-O2GN3MXelklhSxYuFRJgksKeXP7B2O_I6V20fjX84hzyRrsK6cuS_OztAf1PvtZDJy3C6HGIB_8oK9X3nAUc2jxf0da96NsNjTVcQ-MjWQ4qSfbaaga-UCJ9c79zWQyrt4hwJrWs0dtQBHuSOnUNe_launkm0Wb60E94yKnXo3emRfLS6ZigX8Wa3Kt8ACQa4L9uwpdtZ5Q4AQ0QW3GP2OARlwtXvqiGzXQCY8O4kJV6MSKR339o7eiflJQQrnkpN4xIxhgp34W_c7StGPw7NsTDyfEAXkjTm-2HWQUWdqoslgJOo4KVdWPfVJa1p9EY29KquC5N2WFYhn8pFpeOleHL9d40YR2DRGzh9mlIEGfNK1r-dqiCE9OayRTyJ5NYR4Q8zsNKs9iHcemFa7Xt4KnSclJBAUbK&cid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg&vpa=auto&vpmute=1&vconp=2&sdkv=h.3.539.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=false&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.539.0&sid=116F2DA2-C831-440B-B0FE-8AD988EA533A&a3p=EhwKDWNyd2RjbnRybC5uZXQYzZeWkb0wSABSAghkEhkKCnB1YmNpZC5vcmcYzZeWkb0wSABSAghkEtYBCg5lc3AuY3JpdGVvLmNvbRK6AWFNOEQ5VjlPYzJGNVMyVjNSVWd5V21wMldXTXlWeVV5Um5wMlZXVlhSMlJpYzJsalpDVXlSak5SWjJkNGFHZHZZbFZQTkVoeFZUbFhSak5PU0RoMFlXVk1hMHhhTkUxQ1RURTBSa1l3Y1ZSNk1VMUNPSFo0YkRsTGIySTJXWE52UzBSSFlrNVFhMGQwVERrNFRYWnlkR3RRVGpWNlJWa3hibGM0V0hCWmFDVXlSa3B3ZVRWdVNFOWhlURjAmZaRvTBIABIZCgp1aWRhcGkuY29tGM2XlpG9MEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y95mWkb0wSABSAghq&nel=0&eid=44748969%2C44760950%2C44765701&ref=http%3A%2F%2Fsebaba002.xyz%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1665678016635&idt=2822&dt=1665678020998&ged=ve4_td4_tt2_pd4_la4000_er563.20.991.781_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
cafe /
Resource Hash
3c1ffeed9aac375d9f4a9b4ae5db72e75435dcc877fdb28113a1371ffea38d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16266
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E104 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l979opcx&c=8590730301527&slotId=4295365150763.5&qqid=CLuG9JXO3foCFQib3godtwsClg&gqid=xDpIY4-tLJf27gP79JX4Ag&fb=ima_html5-lima&sdkv=h.3.539.0&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44748969%2C44760950%2C44765701&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2YrPxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMByAMTmAQAqgTfAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurIPftGBvXF3X_OwXFIZyCIh7iuf-uxGH1IQXK141QHMWb5D1e5Y-FAY_5bBzbisZEIWgMzXahthlv-GN5xLPABNS-yOGhBOAEA5AGAaAGdoAHrc7A0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=1Q4rf18XVuA&label=show_ad&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjMIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame E104 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C4xecxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMBmAQAqgTcAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurePZPBBPtgUdt7v4gZnRnZpk1ynh5i6wkHMgzoa9av8-y_NWwLLJI8lrRQgQPKQk3pp2r5Vq5YdeSv4vABNS-yOGhBOAEA4gFufXEqkSSBQYIAxACGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB63OwNIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQt-8LGK2DydIB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUBgBcBshceChwIABIUcHViLTk1MDU4MjM3NDM5NzgzMzcYueIo&sigh=-K_LVOt8cSA&cmd=Ch1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwCsnQUxfCqHYDCIv4KK7U1iv_Hqjy5YGIMDwA90C0ejBz0ZtwBWu41Tg4OdJ-YUmnn91QPMymkEyZHGIBM&vt=10&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjMIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l979op55&c=8590730301527&slotId=4295365150763.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
44
r3---sn-5hne6nzd.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-5hne6nzd.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/acao,ctier,expire,id,ip,ipbits,ita...
2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-5hne6nzd.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50972F6170FADFE71A8EC9490CABB9B875ABFB7A.36373C01ED4B185D2DB7954383963538FAAB2D78/key/cms1/cms_redirect/yes/mh/JX/mip/2a00:c98:2050:a007:2::4/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1665677584/mv/m/mvi/3/pl/44?cpn=eaBqRSs_Fp3qxs3k&file=file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400e:13::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 16:20:21 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 01 Sep 2022 12:26:51 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2603715/2603716
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2603716
Expires
Thu, 13 Oct 2022 16:20:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-5hne6nzd.c.2mdn.net/videoplayback/id/11bad0466d5a38bd/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697214021/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50972F6170FADFE71A8EC9490CABB9B875ABFB7A.36373C01ED4B185D2DB7954383963538FAAB2D78/key/cms1/cms_redirect/yes/mh/JX/mip/2a00:c98:2050:a007:2::4/mm/42/mn/sn-5hne6nzd/ms/onc/mt/1665677584/mv/m/mvi/3/pl/44?cpn=eaBqRSs_Fp3qxs3k&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
678
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4FEC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCYDtCvTh19ENkLMdszpq0BFGmFui_zAQkTQkz8zzU-TAf-kFWEsPIyMyO3LzDxDhtZDHn6AlatXYoZkvgjsJ3ny6nf6E-A6xuwhrvbVW_47PVxx4nv2ZW1KcsxaQ1hN4Ye6iSvg&sai=AMfl-YRVGyyEnzq9cjKtigws3bViYXnwujsEOgmtMZqa42WOAEqpBmLLUbp-_RqWFJnvM7ctJCRRgpiBNbCV_SPB01vka_ZNyJyhzvmoW9OAdaQhMiAW_sqzmO4YiXsmpA&sig=Cg0ArKJSzMUs7uJ0vI_QEAE&cid=CAASF-RogPmV-fBw_soDEUQeHpCwqlBFgwJN&id=ampim&o=315,193&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=716&tls=1716&g=100&h=100&tt=1716&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221011&jk=1135657953840125&bg=!7e6l7qrNAAYqRg79CkY7ACkAdvg8WsWtovJ5OhPxBneC0SqMlymk9T2m5IE7FoYiIOr34sOOzr9_1gIAAAD9UgAAAAJoAQcKALdJPtXMZeEutzv5fbGnA1DfY3ee1_mUf2E5CyfiQldW6cOvPs3H2yYzVwK-oTsXIKZHXFWn-Xqh6DA3s1udi21ouCVzhwj71_5PVINih-eYlVZlCYt8UyMcTriuykvHb5wr3WS67qVYZBNg7bzwUFnWkL1Bf6dvBht6O56VuUnj0drNQJdpykla9UD4unXTKvV8iciZ05uYlpgZBx8De7D8Xqiprm7WG2gIyJhSXDyR8CjGoUeyE_mZAqSu-76FxsSKEWrPEin2HF4CYIVTqmjJ3duAoiHbeS6WfE4nj8_1Fu4KksnedaPYDpWVdXB_ql0YUCh_T69m7FXRQDPoUHa33fOiWxJElo1aZmMbR9kWKkWgOioAFw098YBdpFthyEpIjY57e4Ry1QmoiBa5ELHw3irD6bdLsGdP0yigyxhDgRijxpe6U_qoImyXgPwaKg36YE2jlJ2uxlJ6pSeF2zwh7cq8NN0-PRCNASqxnca4dpZ4oLpSE79w94_QxunA_jQS-JtY68ltSpxZKaGI7aI8izECF0bgg-Ci81SRNSq3yl5eEXquw3rffFKYyh3Mw1u33BW68lvPs-Pi9FGv-Kv2xPz4PtO7d-Yg1yjY2d-hD5qfAn6lmweFJJxKiMG5aHfT5sRxWniscHImGEZyIJGioVOLq_uXx2PQ_lUz95RPvCtCK-2UnOpU49wrSPdmSj6Eb6ysiiPKktzc-zknI6gt8nZrsAda18rm2liJSmsCHxBgp6sz1YGbPgK98gRd8ir5k14fXcibqz_gi3NRf4aJNQTi0941DrgqKDWk1BQiZwG3wqs8n2mubR2-KA_VmnJWs1qMCK2P33DcEvPgjdgsAccdO9903U0hm3dy-ADi6AVm6QJBFLjLzEiZOpywOn7kb8YNfMhLygdFUhPh7f_8oBPQnhwcvfaB_L2ffPtEVvbyaaruyXaS9I3c_FUenfLq5z98LvC7EcP9O-wHEyQgoyCtXxN8sCJmKEXTqePw36DiBK-953KWS9eBPuagmMPjgjqZWSXAP_gA8DYJWiGINJ890rZ_ctbANr6aCktSBzTXoC7l2OeA4TVohQvIIeAbiT3By_JmQmSWxdUNV5ysN1h2fdahC4wTg6Jn1vZrv9OPX77k5QkodBz9nfOa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6DF0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsCSsfO9G06rNG5TTbihS1w6uc0eLCbdB752qrXbG5hXfBwZ84SgpHsUbPDmLkeXfPCHso5CUcBUJrFGqVHZIKSc84lah53xjRhPqoiE9U7MSxqH9TWxoaQFl1m8D70P9cq1LS_GhdRHGBn_J2kGNaICP3NdKPDuLSOri7_x4ex7Z3i4rgv1hzAVHvv0UQCpFD9_szsBRZ1my3_Ce2eG8mvParcWNdQA8WAwctlqJDnT7ESCfqs9BlcurELT0_R3DpGCLpDo3Oyia4Wcd1P9RxP7tNDJp8bc5yAGWeUog0b23rHLT1URR66OFCOyW3paKZFQnJL1XYQE2vemttGWxEaa1v7srw8Kp7UVPRHTNiVUB07Wckr7k1IRBTP7JeuEvetDl64ES0vNZCDaD79oWemSZz-LtuJ22WQNXutOormDdP41EgNy4IxCfs7uZl48ZfY9zldMinvYq3o5YEfSDI1dizXeeu1BAUmDTx5wcCTKSTGUHEwAZivEJKalCOCtdmOxQ0WOScLRuJHpbJGj6eMorS3EwouDcTEFb-MuFHdqLlaKSYTktwa-_iSL7hSNCjYWkW7I0lWQSTrOo6FTuFeAxnAtsrTAEOtLfX-WahscvzKIG-WJb1uF_DzD8eT2B7cLNA0kOTtJ8kk2WM_vZO-uKu9Ix7FW8mnYYaZpyXyuwxIyBwZwcDTrAP_6FcQ0wehaTHsHU3za0Qqw9AeyaHwSuLFh2r6TLCJQTRDSNX2GTlW2_iiSuaxHdisg0Slh2dX9cFuEg0939OhGAgctmpREH7cQuOX9T4vvqhFxn9wdvs7QcVdUeGUyevKc1hS7Ty7XNBqeFcTpJe4QtYL2UAwuvMsOsQIomKgWPwqMVEDe0K_jtmvnoYurH2XdmviSLyz1tM8osyGSDk7ft_yRKMSLDUyupfaFXuqZPkOW70xObVTWMaUQrNVdSBORCtLs7P59ZpgYhvYG2Lpk8rogs9yzBId1PLYFhT5TXkxKz5QrMll76TzV9o5j0dbgelZBv5Zhb89wh82Fp1HdwS65sfowG_K0Wh-gxSlvWe0ltHp4zrCNZT6EPLkY0iXxt1Y5PbdYTARgZ2cUCH4fNrC_yfuxrx3vbkARwJmfdhdQkhGyeNT_P2&sai=AMfl-YTD9bESE0cy-YntfDJ-UwPk_fSoSGz3x5ZrScV_RJiXxZFzxtdxuZvVS4vKjZ-evYue6Cbucs9lsU5a1VK5R2Zpqw841sV9WbDJ5CYWimn938Eld4r9mpoLKCTFKVlVqZwJo7epkmgQmcI&sig=Cg0ArKJSzMb7Lfbgsye9EAE&cid=CAASF-RoowE4Au49gQeUyKyHgUx8xJinXt_o&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4043537373&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665678019579&rpt=732&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2YrPxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMByAMTmAQAqgTfAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurIPftGBvXF3X_OwXFIZyCIh7iuf-uxGH1IQXK141QHMWb5D1e5Y-FAY_5bBzbisZEIWgMzXahthlv-GN5xLPABNS-yOGhBOAEA5AGAaAGdoAHrc7A0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=1Q4rf18XVuA&label=video_ad_loaded&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjMIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame E104 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 11:28:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E104 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E104 		0
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNMg25611FBNWk0_oavT--FPc-QbHAvAsbRXaIShzf6ubXnyZcEQ_sCafeMMMtidLR-3w_RfJU3c_3-vPDRpbNZdXFNk1K9VfrwNCv3pX7KT0370iu-u1AgzmZNFPjxhNZx45j82aViLd29ftA1q9P8IPXPJPMeHgwHfIqYG0V32h6W3MJfUQxkgUNZN5rqU3hjVjd5q3lJY8ZssirCCq50STEgdjZL4G35oVBU1W_A4IlNplo3mfcBFXWmBRp8M4rY1j-MtcScGI_B4BVuAL9M_9dgPdWWR6InBa3E-s2STQi8-WZTIHMul8_jxzr-WBtdldrVnjHncFfojC2o8gteVH3VqEvIrYuRlPXRs2FBYYRevtwNwuJSk9t4evQ4SVnVKqzbN4H-p0Xy_qh6YccTaSwpgjMMn_q_mwn0S28tFqHEPajCXHw3G0oNTWZ6nyj7JUpzohltrkBWjuFQr28RyZm2Zn6kYMMN3UKmtO0ooMZYOyYjWeMsyM3OmeaPoOu2LEpWUvgw63sC8GbFL_DFt355XAdPOrQXQCTd9vCADyMTbmRg4MFnAdLYQuia2tfE3VjYty5atKFUCtiJvRzyK-M5VCSeYj79ZcvA7CCeBxPRwe4MeFbZIeIDwscATyEUo64_0VKB0uLNcmJ8kXS_UO4MUBPoV_3ouOb4yqZuHVhX9KB46WyNC4N6JVmpIs6GKKonRaRhRTadGxDFF4TybMzclIwYKFRgR7EjhlnZSuZ5LqQiFkN0nZ6RdEssFRtq_9op5j6BZQJwmZL5BVHn-75mjTCujwijPWRbRxZ8vAg274HlCwINxhU3ObANHXYm2F9wHW1ZPrLsn9T_C7__Pm-CY5zu-0aLsw8hMrB78BtbPaO6neYyX7MPyZb6T3UoaB1762IqOOGcp1lNGkD1HS4O3XIZS6vMlfu4yE4BJM48BFCu7klnVNFyJzoA0jMamYXC0G4PUmild8ENJdmhcff6MYfPUOHXQoMestZ8HAgGoNQiJg9AHnvWipwohLsMD5g9hRT8ruN6SSePMFwSM-h4anB6OkilgU9dk7stKxDM85GzgCc7_XUaqRtfcGu_CBq_rUFDnyEBumTmColhuuXRqA7FyhxiJDKF9oav6DeP-BdOkTGOlnz9RKF8JDg6Asp9jM6&sai=AMfl-YTUo-Xr3v4Jw9TdpYu_ZQALWvqkh5YhE4cxJXSUSbX9SBGqlmHpu2pMf9YZchnS_Qrs8P8nEeMKwMuj2J3SH1po3rtXhKW6pIdgzePn-h_trmQUblwNcAE1zyMcaCb24IbFW4Q2Qq8IYcJNL4HbxIyhuZ5VtxLGZQM1wSnehiDnAYMb9CR0XNdqH-_PeSNb6IcSZQLbnyJ8VbK4_tLqdWedNdM&sig=Cg0ArKJSzA_1ku3LompVEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.539.0&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E104 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQx5yF-AMYrYPJ0gEgATAB&v=APEucNXGepSnV20u9FlmHNPTNsVHEJNnMRHz6W8DiM8RUAFsvbNVYixGs5Rp-cKxDCnzMRY4b7TeFru8rwnroUXqB0erqveyzg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2YrPxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMByAMTmAQAqgTfAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurIPftGBvXF3X_OwXFIZyCIh7iuf-uxGH1IQXK141QHMWb5D1e5Y-FAY_5bBzbisZEIWgMzXahthlv-GN5xLPABNS-yOGhBOAEA5AGAaAGdoAHrc7A0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=1Q4rf18XVuA&label=vast_creativeview&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021366%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.16%26t%3D1665678021135&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjYIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNSOYBUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKq...
ade.googlesyndication.com/ddm/activity/ Frame E104 		42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021367%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1665678021135;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0DB4J0LJ5nopk6B1whenShw5buvGpSsRkjXykjZk5PDsdCfs3HKwjbUXpxokPSUbtrxjbGIzYfa7FLHJd6DASdLqy9Az9hpm3z2LvHIxu_dQRF93Q4xREtgQU9TVZwOg4Es39fg&sai=AMfl-YQwtSnuv9bIfPpz7Ya6Br_sMVJO-u4i6zXakauRjiUuDaEQ-YBWUCJ_pYYhqDkST6rNT7wjxSMMzUH9b21yi-5McFDEDOQvLP1c2R92GyygNPOEQXccZs3KigsSKA&sig=Cg0ArKJSzJQpg89cQ6DjEAE&cid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021367%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1665678021135&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKq...
ade.googlesyndication.com/ddm/activity/ Frame E104 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021368%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1665678021135;dc_rfl=0,https%253A%252F%252Fsimcast.com%252F%253Fd%253Dsebaba002.xyz%2526pcid%253D802%2526rid%253D152%2526a%253D0%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2YrPxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMByAMTmAQAqgTfAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurIPftGBvXF3X_OwXFIZyCIh7iuf-uxGH1IQXK141QHMWb5D1e5Y-FAY_5bBzbisZEIWgMzXahthlv-GN5xLPABNS-yOGhBOAEA5AGAaAGdoAHrc7A0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=1Q4rf18XVuA&label=part2viewed&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021368%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1665678021135&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjYIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNSOYBUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKq...
ade.googlesyndication.com/ddm/activity/ Frame E104 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021371%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,9,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1665678021135;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2YrPxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMByAMTmAQAqgTfAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurIPftGBvXF3X_OwXFIZyCIh7iuf-uxGH1IQXK141QHMWb5D1e5Y-FAY_5bBzbisZEIWgMzXahthlv-GN5xLPABNS-yOGhBOAEA5AGAaAGdoAHrc7A0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=1Q4rf18XVuA&label=admute&ad_mt=0&acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D20010%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678021371%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,9,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1665678021135&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjYIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNSOYBUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=AD_IMP&key=eKVKXbhX&seq=1&order=7&absoluteTime=5624.9&relativeTime=2380.8&sm_id=2295599&visiblestatecd=I&soundcd=OFF&adX=true&lineItem=619147813650&adSystem=AdSense/AdX&firstLineItem=619147813650&firstAdSystem=AdSense/AdX&lineItemsGDFP=&adIndex=0&advertiser=&cid=12018&pposition=home&adServer=gam&iu=/92056281,22632072816/simcast.com-premium&logAssertiveYield=false&rand=3&rmt=ns
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:21 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 0C0A 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1665678019289&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=20000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2295599&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1665678021382&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2093&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dsebaba002.xyz%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:21 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
xVyGTCSBnHPUqRh00exkvkMjGJ90ANPcCmAM5E9MLQ_SeR6gyLqK-g==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=8&absoluteTime=5641.6&relativeTime=2397.5&sm_id=2295599&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=0&technique=IntersectionObserver&viewable=false&viewportWidth=1600&viewportHeight=2097&elementWidth=-1&elementHeight=-1&iframeContext=on%20page&focus=true&type=change&counter=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:21 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=9&absoluteTime=5642.6&relativeTime=2398.5&sm_id=2295599&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=1&technique=IntersectionObserver&viewable=true&viewportWidth=1600&viewportHeight=2097&elementWidth=761&elementHeight=428&iframeContext=on%20page&focus=true&type=start&counter=2
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:21 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=10&absoluteTime=5643.3&relativeTime=2399.2&sm_id=2295599&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=1&technique=IntersectionObserver&viewable=true&viewportWidth=1600&viewportHeight=2097&elementWidth=761&elementHeight=428&iframeContext=on%20page&focus=true&type=change&counter=3
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:21 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 418F 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
574614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Oct 2022 00:43:27 GMT
expires
Sat, 07 Oct 2023 00:43:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B233 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZ2lCNtOxqfmQ-44Wr_7XYbz67Mynddef4TzFEbHUOQzK2rp1ovW2us0XhXk-jfX3Dw1cTQrkDMlklFSh1e_9PKB0HGsIkyfahGZBVshE0lQoXbLSKYXiQstmoP4Iqx7yeoRvw0acAcZ1-omxXx64yv-7ttpz8KUjZHoFngBiZUAiQe9-7ACwG24DvkXQeNHUb1fayDW5KpTmPuwLJYusHWChCTBe5KYEDRRdiSHOCNjf6DhWJw9QQmREeXgx2zHHuzgTUCYZXhrkxI3Qx8WvssX5Hn9_uWVcOHT8Ef0wOTMNAfxTPd_bUVoA7zHgkv3-1zdWQZcYP3CBJP5GEc4G6oNifWtFNTtJiof8GOzexWpQ3-hHIzIIXD2oyeRQCUAORNDbdI43WSMMdPEsQE4pFrJlbXeM3iFe8snpbXLDJrMR1pZALfT1T5luUVwfZiLFo5rf9WtIiyStN0Gsrnvs1YdNu7mOvpUAeYNX_wHkgjtVm73ePUhR0qp_KSs2zyc_dQ9f67AzfkEM1Uc42WcS8q-uKx03DhbsNL3e1W3LreHGFJnYKkNE6KDayHoQsQ0sgGBaf-QBC9g6IvnHjwUPw096yoZIkvXv7hkPNJazcK7gGNzrYoB2AlaDtdbvMU3IBQmweGA-p1hCb1ihKQ31FbF27m4Gj32NqnhrlH2Iu0cWfq8CIgPAMTlF217-AbPQkrx70PPJ6huGNvR_THBrY-MjUoKzzNSBUBL8ir0MB8Pmf8i8gami63xM8mrDgDh3OUyjPtqVY20rOS7cnrnwGGmrO8sy9Qy_HME9CtczutvtMD81VoeGwrabPxf6AJebXWVO8fuJRu_aah959FKmbJ88UCTyHt1E7HUIfxXYGQOZUkmfG_56KbADoKlPRzI6l5DztCtfrHD-nUnYxuOyHNGwc3yGkfVMWhitfir6MR_vakOho9OkdNwDuZ5ptLAw3xeabp1nf25mQvMjzWX_WNSdzMFqFzA3j1op2nDIXCTvwpc31nuX7lqz4GldWoSsiKum0BT8NvAaIhdQqe3XE9qj8mf4RcJtZSXYcfqjJcwTdrxCMOIZbtnmeO1o9wufXqBBcHnwe9dvt8AvZ0UbiA8DcADFdWX31SqnIX9VIWV8qwj-Zd0m8&sai=AMfl-YShdhccLf4ej6UFcY9MAr1crWUlU5dEvAa7d-hfeAo_MZ6Mr9QZdS7nE51DZxLgJn0skX_9pY4M4fgNIpY7jwIkLSWeqs-rKJe7Ms7NnhOLo6Ic3SM5EVq0hkL_d_F9oXTMcwDL9hdoJHk&sig=Cg0ArKJSzBZbP0-ykMLaEAE&cid=CAASF-RoGmYRDodlL7rJyPNizGFgRRmi4m_y&id=lidar2&mcvt=1013&p=538,1250,788,1550&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1737771876&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665678019573&rpt=823&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame 418F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 07:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 07:54:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 418F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.539.0&bgai=B_pCmxTpIY_KsBIW2nsEP5a-A2AgAAAAAOAHgBAI&bg=!sLOls_fNAAYqRg79CkY7ACkAdvg8Wr_02n6A87BEmpdoGUranN5VmK1ypZLA_0ob5Lm826tgi8Mc9AIAAABeUgAAAAFoAQcKAF3Y5SW6rHi4OaenhLzFLdnu_jlSkw2gtlhiYh-dO3khyeLP5JHRlJ8kGJpL0z_yj3fRmwDY6gPisNFkIFyMKfUWkT7DCIcltNpeCGofQFaY-k1NmJjts9bNlD0thQCZAsWOUQRGI4aFuzzoLZDCmgnxE-I75-J-hY8wlYoCzfeUV3jeL6tzGPWsyeFHnFdFsXnOI71Iw51e0lh_nLY7AgMu6EF65cFA0x6SCtZD6XeoYFOdCwW4or0oSaawARIz3H2ZMIvUisFm730UtxyEcvKPo2_Mts7yTLvjPkt47lem8FsgOJIV6I8CM9MQ1wuCLpK36l3zzH-BgebEj4TqBfj-p0h5DVSh9-dDg-6yTetLoccdSvmfu7vCnW16t8NAI5K7wUCrL-sGj0aWu_sNy5WC5xF2fl-Vz-RSIDovcIi3ZeSOsuabr7bs0PvW11yo4EeOYnBd1GkEq-BKYHd1E06ud8u7fvF6ud4s2MtUjtLC30k315GKZRc3Upr1M22O01mPMG61FwTbmwB7tRcI8d-yuGA5pO7_cJOTW_GAjusaj96LpV4L-bA6q0GM7osruO1o9sfNyR9M1czfJ5_reA4-XXEMTyBxBfC_LRwh1u9s1m1Q5LvGTaRH3pA7rfsZWbIonxRyEVfNkYdWLX-3wLozHSJem5VeGGa4Lxj3JmC5xJOyfxSUfHoxhzWD1maM5K321di9rsjkDt1K0MyRDWN101J8BESZjyrya55Y8c-RU7f2Nlrq7IfvWlqNCKlxRkwi4Yj2L3g8jd-MXltCbjBakMt2SZf_g6erGtfmlfqxbJY2Pz5YZ-41OQNInXWoWjWzBmSfKiuJ9hIhHg-EAWIoBnan3_6nzkH0B1595GbWiWZjzo-QyWcxQmWlgg4hw4X225Sqyf7TIksFhKu3PvaKOKjrE9yBGUlcTuDxASiH0ctdBCf3n-W93KotKQkYjDIXnM1n4wu-eWO60x-ioTuQMZEoML0LgXa4h_nciYxgKVCVo6jrzLPvhULW27WPV-4hvTB4d_6pA2IuShQcP8__Z2n5U_bA2vXQcVTpMNU1YduY64W3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
crum
dsum.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a2761c1f-5527-838b-26f52a47
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a2761c1f-5527-838b-26f52a47
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 16:20:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Thu, 13 Oct 2022 16:20:21 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a2761c1f-5527-838b-26f52a47
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4&google_hm=YTQ1Y2RlZjAtZDVkNy00ZDJkLTkzYzgtYTMzYzEzNGU...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECYOXaHKJa8tURuqUnO5pHY&google_cver=1&ssp=themediagrid&bsw_param=a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECYOXaHKJa8tURuqUnO5pHY&google_cver=1&ssp=themediagrid&bsw_param=a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4
Protocol
HTTP/1.1
Server
3.121.65.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-65-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 16:20:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECYOXaHKJa8tURuqUnO5pHY&google_cver=1&ssp=themediagrid&bsw_param=a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1665678021858
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7596231150
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7596231150
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:21 GMT
etag
RXa72516a551844ac9bed7fd62438de8e1003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7596231150
cache-control
no-store, no-cache, must-revalidate
expires
0
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
all
csm.eu.criteo.net/ Frame C57A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6nF0bTp5CfamwuW5efsu7k9RbyWo6MQEKz0thCa9BczrqmN51EvycoLTsF7X8fEXyRzE6aPI_6TMr3kY7JnLbN_PRKYQNW2wo6JDfZoXgKU8hRqu3ChKFot4Rc6TTAhfCLrTjWsIloqGDa1KQIRK88HXAfXe5svEfkz-yxnIBfLiQweY-eo8enIpLAdkZ-worWAO97694iZeExmcAZZOVnosLWa7cjDvhcuJ9PJ56c5nhEd898kF8SP0sorBOj36edEv5g&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 16:20:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
usync.html
eus.rubiconproject.com/ Frame C975 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 16:20:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame C975 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 16:20:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29707
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 00:35:30 GMT
khaos.jpg
token.rubiconproject.com/ Frame C975 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKq...
ade.googlesyndication.com/ddm/activity/ Frame E104 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D2015,0,0,0,0%26mtos%3D2015,2015,2015,2015,2015%26amtos%3D0,0,0,0,0%26mcvt%3D2015%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2015%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D611%26pst%3D411%26dur%3D20010%26vmtime%3D1809%26dtos%3D2015%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2006%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678023378%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2015,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1665678021135;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0DB4J0LJ5nopk6B1whenShw5buvGpSsRkjXykjZk5PDsdCfs3HKwjbUXpxokPSUbtrxjbGIzYfa7FLHJd6DASdLqy9Az9hpm3z2LvHIxu_dQRF93Q4xREtgQU9TVZwOg4Es39fg&sai=AMfl-YQwtSnuv9bIfPpz7Ya6Br_sMVJO-u4i6zXakauRjiUuDaEQ-YBWUCJ_pYYhqDkST6rNT7wjxSMMzUH9b21yi-5McFDEDOQvLP1c2R92GyygNPOEQXccZs3KigsSKA&sig=Cg0ArKJSzJQpg89cQ6DjEAE&cid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D2015,0,0,0,0%26mtos%3D2015,2015,2015,2015,2015%26amtos%3D0,0,0,0,0%26mcvt%3D2015%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2015%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D611%26pst%3D411%26dur%3D20010%26vmtime%3D1809%26dtos%3D2015%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2006%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678023378%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2015,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1665678021135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=11&absoluteTime=7642.9&relativeTime=4398.8&sm_id=2295599&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=1&technique=IntersectionObserver&viewable=true&viewportWidth=1600&viewportHeight=2097&elementWidth=761&elementHeight=428&iframeContext=on%20page&focus=true&type=complete&counter=4
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:23 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B233 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcthDwjpIY7nLN8WP9u8PoM6SoATn3fX0bNGAx8LqEIXdo6fZAhABIIb3hiZgleKQgqAHoAHZ0uTPA8gBCakCgh6_BJtDsD7gAgCoAwHIA0iqBIMCT9DsYLNeT5nP9utShS4codNruWBuJcYCK6tIsRZcWaHDyI7A9nHYlt5D3E3knhOiBS-Iy5aTXeSuVTNMPo08PQXg07EXX7-dd3xPkf2VpOW3hIpacuiLGC8DmINdSV_f1vBMVq4sRyXY2vyuhzMED55XI3s1EW9118sWl73eOuLuNKJRk2l_zw6KZicL_OySEFEWHswkTq8IfBW_7aERFAVjX3_LeXBmW3w5GYvBTS_Aq2Xa0BxxNlTqhGEGG-iZ9N-c8pmZ5IKi8w3LbOW7JW-nS8uWj-45M_OFWQ_HL42fRtcz9O7TTzYFn_JKtCQvx3eaSJKjL2g6OtSKR2dikJwXNcAE_4a9nJ4E4AQBoAYu0gYPEMDV8r0BGO6WlNmeBygugAf4sa01qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwCoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJRGh0dHBzOi8vZGUucGFuZG9yYS5uZXQvZGUvY29sbGVjdGlvbnMvcGFuZG9yYS1tb21lbnRzL2NoYXJtLWNhcnJpZXIvsQl4BJe-wtSy-oAKA8gLAeALAYAMAZgM6_CbgI8EuAwBuBOlBNgTDtAVAfgWAYAXAQ&sigh=ff2kSQZ7wU4&label=local_product_ad_view_product_thumbnail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B233 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C6jfrwjpIY7nLN8WP9u8PoM6SoATn3fX0bNGAx8LqEIXdo6fZAhABIIb3hiZgleKQgqAHoAHZ0uTPA8gBCakCgh6_BJtDsD7gAgCoAwHIA0iqBIMCT9DsYLNeT5nP9utShS4codNruWBuJcYCK6tIsRZcWaHDyI7A9nHYlt5D3E3knhOiBS-Iy5aTXeSuVTNMPo08PQXg07EXX7-dd3xPkf2VpOW3hIpacuiLGC8DmINdSV_f1vBMVq4sRyXY2vyuhzMED55XI3s1EW9118sWl73eOuLuNKJRk2l_zw6KZicL_OySEFEWHswkTq8IfBW_7aERFAVjX3_LeXBmW3w5GYvBTS_Aq2Xa0BxxNlTqhGEGG-iZ9N-c8pmZ5IKi8w3LbOW7JW-nS8uWj-45M_OFWQ_HL42fRtcz9O7TTzYFn_JKtCQvx3eaSJKjL2g6OtSKR2dikJwXNcAE_4a9nJ4E4AQBoAYu0gYPEMDV8r0BGPjilNmeBygugAf4sa01qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwCoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJRGh0dHBzOi8vZGUucGFuZG9yYS5uZXQvZGUvY29sbGVjdGlvbnMvcGFuZG9yYS1tb21lbnRzL2NoYXJtLWNhcnJpZXIvsQl4BJe-wtSy-oAKA8gLAeALAYAMAZgM6_CbgI8EuAwBuBOlBNgTDtAVAfgWAYAXAQ&sigh=N0nO9WW8sN4&label=local_product_ad_view_product_thumbnail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B233 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCIXiwjpIY7nLN8WP9u8PoM6SoATn3fX0bNGAx8LqEIXdo6fZAhABIIb3hiZgleKQgqAHoAHZ0uTPA8gBCakCgh6_BJtDsD7gAgCoAwHIA0iqBIMCT9DsYLNeT5nP9utShS4codNruWBuJcYCK6tIsRZcWaHDyI7A9nHYlt5D3E3knhOiBS-Iy5aTXeSuVTNMPo08PQXg07EXX7-dd3xPkf2VpOW3hIpacuiLGC8DmINdSV_f1vBMVq4sRyXY2vyuhzMED55XI3s1EW9118sWl73eOuLuNKJRk2l_zw6KZicL_OySEFEWHswkTq8IfBW_7aERFAVjX3_LeXBmW3w5GYvBTS_Aq2Xa0BxxNlTqhGEGG-iZ9N-c8pmZ5IKi8w3LbOW7JW-nS8uWj-45M_OFWQ_HL42fRtcz9O7TTzYFn_JKtCQvx3eaSJKjL2g6OtSKR2dikJwXNcAE_4a9nJ4E4AQBoAYu0gYPEMDV8r0BGOzBw9CeBygugAf4sa01qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwCoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJRGh0dHBzOi8vZGUucGFuZG9yYS5uZXQvZGUvY29sbGVjdGlvbnMvcGFuZG9yYS1tb21lbnRzL2NoYXJtLWNhcnJpZXIvsQl4BJe-wtSy-oAKA8gLAeALAYAMAZgM6_CbgI8EuAwBuBOlBNgTDtAVAfgWAYAXAQ&sigh=dseVJAEyR0o&label=local_product_ad_view_product_thumbnail
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKq...
ade.googlesyndication.com/ddm/activity/ Frame E104 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsqOGls7d-gIVBZsnAh3lFwCLEAAYACCf5N1UOhoIx5yF-AMQ1L7I4aEEGNuoj-EDIJTR_rKWEEITCLuG9JXO3foCFQib3godtwsClg;dc_rmcid=CAASJORobhYzrMfF26hOFriawHpAmyC8cpWjjSw0NTdbs0yfGuNfQg;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D940%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D5304,0,0,0,0%26mtos%3D5304,5304,5304,5304,5304%26amtos%3D0,0,0,0,0%26mcvt%3D5304%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5304%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1413%26pst%3D411%26dur%3D20010%26vmtime%3D5262%26dtos%3D3289%26dtoss%3D2%26dvs%3D3289%26dfvs%3D3289%26dvpt%3D3289%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5304,5304,5304,5304,5304%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678026667%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,5304,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1665678021135;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E104 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2YrPxDpIY7uUL4i2-ga3l4iwCe7uj7hslNH-spYQ8C4QASDx6_tGYJW6rIK0B6ABrZbw8ijIAQWpAny7JdCPULA-qAMByAMTmAQAqgTfAU_Q3TOh9VCgDXpHTiIf81425srYok_bapxdgkg1r_8GomFYQDdHl8Gz-STB-xWlVPQzvcl6YWqKnHYz1xnFFAlmndSzI3jyBFzerTDTEzUbzkh02j6Tx3z-__SDANkMogRfKukQ9zvP7xpNon1z8WerjHyRdtztVxuUV4so_eos5Dl9kve7hs9mtws9GKncgmUx2lx1Z6tMjQWoYUOemxurIPftGBvXF3X_OwXFIZyCIh7iuf-uxGH1IQXK141QHMWb5D1e5Y-FAY_5bBzbisZEIWgMzXahthlv-GN5xLPABNS-yOGhBOAEA5AGAaAGdoAHrc7A0gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE-3C7BDIE9uoj-ED0BMA2BMKiBQE2BQB0BUB-BYBgBcB&sigh=1Q4rf18XVuA&label=videoplaytime25&ad_mt=5262&acvw=sv%3D940%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D5304,0,0,0,0%26mtos%3D5304,5304,5304,5304,5304%26amtos%3D0,0,0,0,0%26mcvt%3D5304%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5304%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1413%26pst%3D411%26dur%3D20010%26vmtime%3D5262%26dtos%3D3289%26dtoss%3D2%26dvs%3D3289%26dfvs%3D3289%26dvpt%3D3289%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5304,5304,5304,5304,5304%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1736%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D545579044%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1665678019147%26ptlt%3D1665678026667%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,5304,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1665678021135&sdkv=h.3.539.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MTkxNDc4MTM2NTBAtAIKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MzY2ODI4MjcyCTE3NzY5NzMxMUB0UjYIzAYQDyUAAKBBKAE6CzQ0MTU5ODM4MS0xQgRHREJNSOYBUABaEGVhQnFSU3NfRnAzcXhzM2sYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 16:20:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=asGEx-He1pnPjBf7&instance=214589498&version=7.8.1&age=221013&ldt=AD_QUARTILE&key=eKVKXbhX&seq=1&order=12&absoluteTime=10917.2&relativeTime=7673.1&sm_id=2295599&visiblestatecd=I&soundcd=OFF&quartile=1&adIndex=0&pposition=home&rand=3
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20220923/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.60.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-60-169.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:20:26 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
all
csm.eu.criteo.net/ Frame C57A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6nF0bTp5CfamwuW5efsu7k9RbyWo6MQEKz0thCa9BczrqmN51EvycoLTsF7X8fEXyRzE6aPI_6TMr3kY7JnLbN_PRKYQNW2wo6JDfZoXgKU8hRqu3ChKFot4Rc6TTAhfCLrTjWsIloqGDa1KQIRK88HXAfXe5svEfkz-yxnIBfLiQweY-eo8enIpLAdkZ-worWAO97694iZeExmcAZZOVnosLWa7cjDvhcuJ9PJ56c5nhEd898kF8SP0sorBOj36edEv5g&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0g6wgAN5bgH_YfFAASnIMj9C5uMb1rqFG78Aw&u=%7C%2BEwe15HwVK%2FGtO2KIhkcWnjtY1qQBPbsJLrX4CQMFG4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wBaEAjMn81BxVMEhD-TVNB9HA6Sm5ffHoam4sMvHxY_u_DRTC8G_ugnVLxLAeCT9RHXER8hFNlrSo_ASGC2LddTrop1_JQMHcNe3f37xlANyPRIy6zC1NFWSNtIKUELy3qasP0v4agfE3Q1AiavBlUq9CQzlLwVfH_dJEKXoXENiOKUyAXHGwtPpZDvFAC5n_EOG_501QHXmMqw1yLlH3o0ioR5xD8F5MGJUYEsf8BqZRHH-eRRtSqbzUrZAx1PNG139txXkLkAKo4MrgR_BTLjxEIJsb3VCFUWv-L-lBjXAod5s6m9Nl7kUxCCiCnaDb_2Gb5UhwktKwT5DS7BaG1WQ054NGzXSGg56wgl9TWA21z9LFP9aVZVhXQjwYHgsS9T4eO6TQ6nYafG9i6vjSwwTUzrXgCW79RJ-6J7AlkM7u2i08qUxoEzwttfFIh3OsaLAMy8bbz4bKXcA7ssQ6rj28lw7CV3vM0fDEojP130tw3qetvFQOtAQu6dg55usKXBY0oeRSvU-BzTXnlM1lmA1XBbCu6UqESKuNPMBCYeTQjesK7QJc6s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUVIVwjpIY7jLN8WP9u8PoM6SoATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAoIevwSbQ7A-4AIAqAMBqgT4AU_QGf9eIHivRfMcJuD7LKqzTx7W6gzC2q7JDGo6tp1dWuaiVy2cprMkj4Zg9iA90u8Z8lRSiECaTJ0-7j9EWmdbdYOeDvdtKyCfym381aU1e6tS7VPqvZFKUCmAaC0WbZdedIkNMcPHPKr1Yh_1_V_NaE4omfKmbuNRJoXA1zqPxFhPBCd4rT23GjJdMikARwUh8JMgEUtEZ7CLvE0UvZ7Zvuhh5PGhH3Fu-VZaqNrXTlKtDNgMCiXZq6UZL9WvEz3Bkvs77Dy4t5fxvIwVT5O4OSpb45bgcJGh8fOa4BVdy2iegDtotB-p8KpfMvOq_J6hjyGmE1fm4AQBgAa3gIXS3N7-mx2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1G5UkC0zaJpLbyCNgfjm_SlMJ-tw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 16:20:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEL0C4Spr0Zsx_O_qKV9wFVY&google_cver=1&google_push=AZmPxg-G_2R8KfTTuGWP79BM4Z_7g997hVSntQVeQqQRaJ0fjTCDghS5Js5ZDO9-QQKH9Ngj3XZV-iyUiR7QY5-MypG-_-tbgHhU5g

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet object| liQ function| myConfirm function| myFunction object| plBanner function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| Criteo object| gaplugins object| gaData number| __mobxInstanceCount undefined| __mobxGlobals object| headertag string| p1865655696 string| p1865655751 number| p1865655752 undefined| p1865655781 undefined| p1865655776 undefined| p1865655773 undefined| oDeleteHardcodeRefresh_ undefined| oRefreshHardcode_ undefined| p1865655770 undefined| p1865655753 undefined| p1865655749 undefined| p1865655747 undefined| p1865655759 undefined| p1865655756 undefined| p1865655754 undefined| p1865655730 undefined| p1865655735 undefined| p1865655721 undefined| p1865655720 undefined| p1865655718 undefined| p1865655711 undefined| oEnableNullChecklistener_ undefined| p1865655763 undefined| p1865655702 undefined| oPageUnload undefined| p1865655631 undefined| p1865655636 undefined| p1865655755 undefined| p1865655621 undefined| p1865655622 undefined| p1865655623 undefined| p1865655624 undefined| p1865655625 undefined| p1865655627 undefined| p1865655628 undefined| p1865655649 undefined| p1865655691 undefined| p1865655632 undefined| p1865655699 undefined| p1865655667 undefined| p1865655668 undefined| p1865655705 undefined| p1865655706 undefined| p1865655710 undefined| p1865655712 undefined| p1865655714 undefined| p1865655764 undefined| p1865655739 undefined| p1865655766 undefined| oObserverChanges_ undefined| p1865655765 undefined| p1865655767 undefined| oAudienceListenerEnabled_ undefined| p1865655716 undefined| oDevice undefined| oParentHostname_ undefined| oParentPathname_ undefined| p1865655717 undefined| p1865655719 undefined| p1865655734 undefined| p1865655736 undefined| p1865655737 undefined| p1865655726 undefined| oAdSlots_ object| otkjs undefined| p1865655757 undefined| p1865655758 undefined| optimeraInsights undefined| p1865655768 undefined| oLoadedAdImpressionDivs_ undefined| oTrackSlots_ undefined| p1865655779 undefined| p1865655780 undefined| oEnableInfiniteScrollUrls_ undefined| p1865655775 undefined| p1865655778 undefined| p1865655782 undefined| p1865655676 undefined| p1865655629 undefined| p1865655630 undefined| p1865655698 undefined| p1865655678 undefined| p1865655677 undefined| p1865655680 object| opbjs object| oaudLibjs object| ovpjs object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_499617 object| closure_lm_66930 object| GoogleGcLKhOms function| lotameIsCompatible function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_131 object| Criteo_identitytag_131 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| __esp_getUID2Async object| __uid2

45 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: 0193pk79el2msegjffj9lnpmlr
simcast.com/ Name: uidinfer
Value: 49647087
simcast.com/ Name: _uc_referrer
Value: http://sebaba002.xyz/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
embed.sendtonews.com/ Name: AWSALBCORS
Value: FywmU/axyVji2sA5gVQRmEN5CZpdIP5V4lO7Uk9coJQwlarivVdEsDuL2UcUV3IKZ3L9UJ/P6+pdcuLkuayHqVGV9CvEebnZrbusLwWsOIU6D7MXwmPszMebQ2W6
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: _ga
Value: GA1.2.446408386.1665678018
.simcast.com/ Name: _gid
Value: GA1.2.1043018305.1665678018
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEwwvWgmgY4AUABSAEQwvWgmgYYAA..
.adnxs.com/ Name: uuid2
Value: 6490117432324857459
simcast.com/ Name: _lr_retry_request
Value: true
simcast.com/ Name: _lr_env_src_ats
Value: false
.simcast.com/ Name: panoramaId_expiry
Value: 1665764419456
.doubleclick.net/ Name: IDE
Value: AHWqTUkUwqQb3SKepKyQe2hG2v-d15HDtxbh7IoCDnksmW5AdjFxfAxKSE3AaL2yf5U
.simcast.com/ Name: __gads
Value: ID=3fa94a9018f8196e:T=1665678018:S=ALNI_MZqSlk_WfTuvReeOLo_-WzIdqZRJQ
.simcast.com/ Name: __gpi
Value: UID=00000b7265b90f16:T=1665678018:RT=1665678018:S=ALNI_MayVL4SRRa00r6671Tsj2hF22hDVA
.simcast.com/ Name: cto_bidid
Value: GGtqtl9TUmxOZ0xYRndOcFAwdkMzaTcwenBiWUNrUVlBRHRXSlhLJTJGaG1CT2w3djRtejFBUFJYQjclMkJ3eXIyY0ZGSzNSU0hRWENPJTJGODNRTGczbGR4c3NUdlM0QSUzRCUzRA
.liadm.com/ Name: lidid
Value: 0e018594-f6e2-42c1-b7fd-0916d24dfe06
simcast.com/ Name: pbjs_li_nonid
Value: %7B%7D
.criteo.com/ Name: uid
Value: 6fe9fb11-275f-419a-a9f8-5df06d2e63c6
.quantserve.com/ Name: d
Value: EBYBCQGpJ4EA
.quantserve.com/ Name: mc
Value: 63483ac3-df1c1-b86bd-6eb5a
.lijit.com/ Name: ljt_reader
Value: FeZUrGZHXc5_8-PeT_qNEOKU
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.6987063064295579566
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adform.net/ Name: uid
Value: 8262330282383542453
.adsby.bidtheatre.com/ Name: __kuid
Value: 00674a61-eeae-4e1d-af50-971002e9fbef.434892020
.simcast.com/ Name: cto_bundle
Value: ZzvooV9Oc2F5S2V3RUgyWmp2WWMyVyUyRnp2VWZ0RnpNZ0VJS3pKczBIcERBQ2dJUWpVOXZVQkRqMkEycFprS1pjNkJobHY0UjE4cjQlMkZwWGgzdFRocWlVQm5WM1ZvdmRWN0Z1bkJFb05Ma3IlMkYlMkZKNFVnajhuVjNBcWp3ZmZDM2Fna2x5eDBWTEpjWk5jUmt6SSUyRkJBZE5wWkhGTXp3JTNEJTNE
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22FF7209F7-8764-47EA-BC50-0DBD6CA25886%22%7D
.media.net/ Name: visitor-id
Value: 3086796201492370000V10
.media.net/ Name: data-g
Value: CAESEHD-SjqxHZGJ6SOOzL0W2wM~~3
fksnk.com/ Name: AWSALBCORS
Value: Q+aRTLGJ8G8rSMoF2apjYIOl0JEa5Je024WU1c9zwIuS7E/VfffpJF71wg1QC6wxutJqaah7Cyv0F3vOhA/q1UefVniqdMG5h5Z6yLbDK1BpqThfZ80mjuGp1vHv
.fksnk.com/ Name: f_001
Value: 7E91F2AFD46CD911
.fksnk.com/ Name: g_001
Value: 1
.zemanta.com/ Name: zuid
Value: QAsMSs1RAaKkX0XLUvuN
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a72516a5-5184-4ac9-bed7-fd62438de8e1-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.casalemedia.com/ Name: CMID
Value: Y0g6xQekKr01HPEnueQnswAA
.casalemedia.com/ Name: CMPS
Value: 5207
.casalemedia.com/ Name: CMPRO
Value: 5207
.bidswitch.net/ Name: tuuid
Value: a45cdef0-d5d7-4d2d-93c8-a33c134e2cb4
.bidswitch.net/ Name: c
Value: 1665678021
.bidswitch.net/ Name: tuuid_lu
Value: 1665678021
.brand-display.com/ Name: _knxq_
Value: a2761c1f-5527-838b-26f52a47.1665678021.0.1665678021.1665678021

14 Console Messages

Source Level URL
Text
javascript error URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://simcast.com/?d=sebaba002.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEL0C4Spr0Zsx_O_qKV9wFVY&google_cver=1&google_push=AZmPxg-G_2R8KfTTuGWP79BM4Z_7g997hVSntQVeQqQRaJ0fjTCDghS5Js5ZDO9-QQKH9Ngj3XZV-iyUiR7QY5-MypG-_-tbgHhU5g
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4505ac420986d00be1fa3d0b7b39956a.safeframe.googlesyndication.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
ad.360yield.com
ade.googlesyndication.com
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
b1sync.zemanta.com
bid.g.doubleclick.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.fr.eu.criteo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.ampproject.org
cdn.id5-sync.com
cdn.resonate.com
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csm.eu.criteo.net
d15kdpgjg3unno.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dmp.brand-display.com
dsp.adkernel.com
dsum.casalemedia.com
embed.sendtonews.com
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
player.sendtonews.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
prod.uidapi.com
pubads.g.doubleclick.net
r3---sn-5hne6nzd.c.2mdn.net
rtb.nl.eu.criteo.com
rtb.openx.net
s.seedtag.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
sebaba002.xyz
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simcast.com
static.criteo.net
sync.1rx.io
sync.go.sonobi.com
tags.crwdcntrl.net
tg.socdm.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
cs.chocolateplatform.com
prebid.smilewanted.com
104.18.12.242
104.18.18.126
104.18.19.126
108.138.4.10
108.138.4.150
108.177.15.154
13.32.121.21
141.95.98.64
141.95.98.69
142.250.184.194
142.250.185.98
147.75.85.234
169.63.109.126
172.217.16.130
174.137.133.49
178.250.0.139
178.250.0.160
178.250.0.165
178.250.2.146
178.250.2.150
178.62.202.251
18.158.8.202
18.192.39.116
18.193.226.223
18.213.96.88
18.66.147.24
18.66.97.68
18.66.97.88
185.80.39.216
185.89.208.11
185.89.210.212
185.94.180.123
192.241.157.60
198.47.127.22
2001:4de0:ac18::1:a:2b
202.241.208.54
213.155.156.183
213.19.147.45
216.58.212.162
23.205.235.133
23.206.210.112
23.35.224.23
23.35.228.247
23.35.229.56
23.35.237.56
2600:3c02::f03c:91ff:fee2:5b0f
2600:9000:2490:9400:11:b309:9100:21
2606:4700:10::6816:3456
2606:4700::6810:85e5
2606:4700::6811:180e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:400e:13::8
2a00:1450:400f:805::2003
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::1c
2a02:2638::b
2a02:26f0:3500:16::215:1486
2a02:fa8:8806:12::1460
2a02:fa8:8806:20::2010
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.120.69.93
3.121.205.163
3.121.65.152
3.141.155.221
3.66.51.54
34.107.148.139
34.111.151.213
34.120.133.55
34.149.50.64
34.199.145.188
34.208.243.53
34.239.63.36
34.254.133.1
35.190.0.66
35.227.252.103
35.244.159.8
37.157.4.25
45.79.244.12
50.31.142.159
51.89.9.251
52.206.60.169
52.223.40.198
52.28.203.152
52.4.99.227
52.50.55.155
54.174.184.87
66.155.71.149
69.173.144.138
72.251.249.9
72.34.250.75
72.52.179.174
007e822b7306a0fb36f3c795dc682a12c8e3a68682a0310cc8cdc00fcb23ff9d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0426240a2dd325e204255da9b28103658b625ab3c43c66fefe60b4eca680d29d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
089519d57709ae55c20e3c480bc73d23f891021e3a44fb7a34aa408745abf51e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a56969d6373599becf5b0483abf7a727528e4d57901cd8fc477d52106f967a3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cedcb1c3893d013167866b58735d4bdc88ed18c567bd2caf74417493e5c7ac0
0d13935ca0339315e1970c3e57b3c94f48a5393e1f83a4cdbcaebf6a5ac0367d
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
1283a2549e74067146b3efe54e4ea0eba241fdea9fe919c25ece71264588261f
12e7b7106a582a6c8df78a4d1ef15f13c4892f87ac9595f107b3c3d62cdd3208
144f36daa0c794f3bad3286bfeb58c92c27b888483a97332d1a72fafe730351f
180c519c618274a63de6d72126b7ee669340b697eaa90c3d6a08750c5cc8d2d5
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1b5ebe1a3973c1c067a4233b62f6a06581ee1d364f9de68a561a890bc84a7bbc
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e03a09d9b7e42b597b7c7d1a543523709cc669d7ed0e397ec1d5323239cbcc1
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
24329a6304f33e66046a3ab23f4f9f5051966bdca5842089f7cde348a0d99de2
28d8607e42e9b3852954be9b1ed78c265148cd7055e2c6aa04f21d20414ca02e
293c0759f28a7c7c87ee2551994bb3f956ce544da2ba978a49cffdec05403dbc
2a36889b9a30595916b0873ee414f9b0968db3c860a7be6acdb891523563a1fd
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
301b2116ebe155babb58983c9a1bb977b27a42d759b0ae9e0d8f1549ed292d3c
30db511a47e14b5ff61bf269c967932fdda26a4ff349e763ca2404390cbe0176
31019c9d45fc559bd5b7d56caea9eb3d56a7fb8b1f5794b6f5fdf99af6c0af0f
3111747631baa821a8db91dbc4b6e37726eec687ff446411a4c141d9adc13db3
31f125fbcf28ddef2443e9d6aacd752b29e78a7f1dbddfa31d137d1b5fc1fdbe
3254b0c4685110561aece33f604a07923b63e4dfd91ea9bd691a65ca85455691
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
33ccd222e6de6eb9498f8362a359a0d34be82056e0c471e611f5953e3c4d32aa
35e6f053568062b1e748bbe1e6eefd8b3646594f45095c6341dbfcb383f8da09
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c1ffeed9aac375d9f4a9b4ae5db72e75435dcc877fdb28113a1371ffea38d86
3fdce65c59d8d48e267e996153af14ff83be1af70d6e37c59c6dbdd635a8fbe3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449e77bd7d7575bb2ea9c06098a31f34706cc00578b91d274987f91527f8fdb1
4683908a1b902c2f0800d2a25163dd4ac29e01786a9853426827d393050814fe
47060c63eb696ba0703f940afefc057ec694c40aa52e0c10c2585ebade89884b
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a56af82ac0fb8ad6bd8cfde5405434134999f5bee4bd0b9fd670a5ec9b48a25
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4beffd3dadb07b0fdbdab51a8a1f03bbb95f3dd7c64ba7bea56f9fd8d189493b
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb5de8d4f1b81b3018ecf2cc38464ba0eb4ca11dcf48894d0de56d04ebbd9e0
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554a19db650b6965d78bf789a13639a617550e86c66f60c7cf10481d8dbb7012
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b3b5056e215c527846e60d3c1244f74b9ad5435f41bda47d354e027f29df49
5783636d7b3cdb204704d62e327c7b97f1ca0ca22e901e7ca8da45190f7e783c
57aa05b8f011b7072cd7e9032df2eb0642f6e1755ec01f7a3ed9c96776fb76ba
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58c8bbb3eb04584d91a26c76da8d60f417f3838079add50a51dbaef531b8bd44
59709f2b66a447017938bdf12374d50ca65d99eccc9bd37a3217194f61fb93f9
5a96c87a8c0cbfeda03c1d3ddc775a85a39c67a9a3afa73adadeb2cc3fbdbd24
5bbb19e540e3ca964d3807307718e5e8de4565bebc6e46cf72a61f4f10b1f2f9
5cf8f2e17ca87ead5ae512b3ae7fedb46ee97af0ec2930ac614366f8e3af5445
5dfdd91f5fe2324755bb830ca572ca5f0d02f08aab27b9412e8305e0becc7c92
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625e16893b9fa85b2cb666eb1ec4d07d22a5d1fdffcbcddbcde69b5e65013f65
62b7a509e2a4f7b995d71fa183c05b429a4b418afc83163740b407ffa978c3aa
65e983d0b74cab16e03ea1ff4f8ace773f4d28b9aaeed22dbb66c252943d8061
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6690c943dc6916f073007014274995c4b63a8c3342c9f0e38a2d5f6f553b70c6
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
6867018d6ad63f52506884c687d0e2c18b6c8d5c77cc6beb854c7a6e32e13e5a
6a012abe85faec6d0070dce4af8ddb138e5f3f685992e0cd03572052ae13d5b3
6b54a69845622512752c75619dd297c790663ac7024c92dd2bcb405dedb61478
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6d7e84dbe1a19aa1ebadd92d04ec0dec54cdd2345811f21aaf064150fba02068
70a81e5c39cf8f203f39ad1bc6765629d5f518935813e9f6a6d1d8db39f4a12d
7178cd7f2ac564d92e6486cee7c86008830049312a55558cd7517673605a7f59
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7314ea15cd6fc259bd5c26b4554aa5391182c6ca3fe6fd4c919f63c49e545564
7329ad5a6f84ea75a98d28b23c15072529467822a597557330714581d73e3578
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
7389cd2d5790e13447a71c21d5c66161b38f7a5375b3f503329e829d011a3cee
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c01749b764c10419e12a4b81b4348946c943eb36ad84d2c21ea23d1d82455c0
7c038bc32c2be1608df1d03adbce7b2d56d7fe154c2098f70cc024a4f366025e
7e118104cf39541ea173ddb39ae0bdcdb0702c6e647a92b3ce2220919dc0d584
7e72f7b38ac1a9a336b5fec2e0dc150dc214c3972e323dfbd043cdd082e2575d
7f4e942b89543c917fca335351a2bd1d968c5415f04b2054d01348bed12dd644
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81e72d9bfc25d0eb85fe466fa94dcf2cfbd00ee6f9380621ef3623d987c04e3c
82099de34016e1a9695203f3df4828f9c0e5affa5c174e2f4f29dbf5720ae7ac
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
866ec07e284a89d42cc73ccc006e11e7914dad672ed25792bbb8be044e71b5f6
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
881e13705638e1b6efd7c844ab37ccb7253214b7d085b38fd81dbc94223fef5e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aa3079ee2cd7d3c827b9f0f510b6f77b9b3ae749301c0e46b8a35f588a5bc86
8c71215f6306d9dc3e6e025b7baee854e6b0fbf7ef5f1b2add50c68ab030e41e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed00777646f5265afc85a7960967b7aa542745c05b2e3bf0b1f1a119a11b817
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
954390a1e90eb0c7a942634bb470bd44c387ff203559a8cfcfca77d391b8ebdd
974351381ac6aac628c5020a74f4cab1120180ae0d0c02c36f5f5dae9d0edab4
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9a1ef6235ec7b883c904136a8bdc4b9e505f4a9508baf410b9817ab806f34bce
9a360d92d9084610217bbc9228381fc071268b72659333f62d7351a221660efa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad14c5c21e254646369f9b8d5900141dd8a9ec1d0869235d15e2c50f3d9f593
9d59a5e804b2483189a42840e6da9c2b59db08da73dfdf2b196bd79b324df7e3
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a02411b4b5c128043fc7c9e73c0da1739e09cc3cd67ff8ca378ff2c5f9c581d6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2c838b49f06df939d22ef87643893553af16aa2c21720aedef3319a1b616f4d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4782a455e432220d22825cc2a24357d24b3e6add3df6c57a028ad88eb393286
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57f54273d8fa1944e2244d31bb035037e3cc21d73f9bfc9d95b60832c5d9f09
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aad4112817c2cbb74082752d421a230305954cf0dfb9298d68019bb729d86abb
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b50dd11c701a28d37710d29f90fd6ec60f5cc20556035657842cfc7d71534513
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b63402b63b0f1d97b0dc728f332ebcbf65d4ecbb5c9a5b6be9196b8ca522a184
b6752a6f20aeb0539a6a6001e577f04a3ecb7883cc16213259198bd1486e4551
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b88744f30808eb551e9bcfc83cf2be738ed3026a8106569bb263eb492ae49140
bc4fb74c76371d71da54ce28ce2edfb7ec95f0ad41367b43c37ef4f8be36dd58
bd759af6fe54aaea81f0a6518fba9f79167fd8b1985fc6eecf8d71d6f9e5b578
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf6f8ce71ba0c329dd6d1b0eb8c5fa64ca2b55f1e08fdcf0ed89dffa332cc02a
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
c431c5ed2922d87151e13c7fa39c35d5c309ba71a3e4dbbce6e1beea3c2ef2d8
c451bd8a33213edae9154c6af23596d73e1ced2a9fcaed41e4c15912ecefd35f
c4a0110871088355ed458d77c93360275e339fb0d9798ddac8a0819033b1c622
c8396e78225d19edcb000b8601bfd429217230f2d23eadf9dbca94cc47c416e7
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cd4ef058b25b1329ba6dfe146cd8c5e29d55821d7b3f7b6cb489421c1f8d9616
cdf8d3c6500e896332fb34e27af40c37e94b80d57c63b57ff3cb99c9f8732ceb
ce33b97d10be813db4e94a5b8a664568a0fb4ff75b6a4dac0b22124ca19ea4a1
cf211f387bb0a8c58d1b835297388fe0b6ed5810e1f957ba5dadcc1857af5adb
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1372b8e93b2564430b5d25a73adcb314332c3ef8987b54835ec1126dd273e82
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d43a78c0afdaab62e85c43f804e0f994d57679d9a959a40686498c5ef6b4e6e2
d52ed5675328c4342c48b0f4af7ebba03a3aec5f5195bdf9ef19067e6328262a
d5c7a4f9911dc5b1b82b8d83b2eccf2f928c8f9be551c81f43ebe5e2c205f8b6
d6298c3b513f2c4653a5ecd25fab7ffb5c74a8ce3c63b176f91621b77a7bc6ab
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423
d8f3bccb5c39fc0d00ed1c79e3b7b36ea24906758491e8954e4f1dd1da099d03
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
d9c25362d77ed9e7fc9b09c4f90f1cd5f7e63a779553ea96db425b33aa0f90e2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daf841aaf65ad2f21dfd49a9136b4b0a59bb2630194a7fad282ba22bede65471
dc3b86e8d27691fc7ce7c7d4f7362293e70a12b9e40ec6b62afb6c8945ff35d7
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
df0058c3af6569aacf1c15401e9607ac797013d89d45876c86c817cd426d2793
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aadb2562ca721cfd827a843b4f98758939082377413f3b915114e1a4753922
e4ef26ae9d68ebe884f1435bbd71377a3adf5d8bb1dcbeb49f9c573fe2d4fed3
e58c1bb99970d1d4bbf5614712ae63677a3dab93372581149ca2a51e72ed27ca
e8a34feef57f0bae61f4bdfeb69279d83404dbbdc4f24f0c5dd1410b19e06697
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb962ec184e9a967d0ab0dba0da677601b5f573f4537e3e2de2952514f97f543
ee0a84bb1976ab1960cf8d40b526067942fc9264e9d166f8b9291cc33965e3d9
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17783ab8ef9f72da28ba858faa3ec4067a0c6a54abbd4707cfc5f547e5487ff
f36a5656d2efae628cb7d580137807708e3bec1dbf211e6b8b394c22ce8b57d0
f423d583e250bc3970a2185611b730b372970f276fa1bc72ff8dc8394963cfff
f4e5b72a51c75114d4695ed31bca68f26ff2f07fcd16f590affcae13101c39ad
f59f9b83821ed8f0a2c1947881a1d7734ea6bdc1ce1d28afc7feac167838e8e2
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f8a9db811a1ca811fab7b4808dcd4be46701690d2145b3e20c60590c1224c80f
f8dbc2d5612573014af1406039e69f1f5fb7762820efe4c0550d700dcbd7da6e
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
fc9b484398de21fd715e7b9b0b20f67b8b796543abd3f3f5f9de53b78df2b018