simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.capitalone.global/
Effective URL:
https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Submission: On December 28 via api (December 28th 2021, 2:19:57 am UTC) from US — Scanned from DE

Summary HTTP 294 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 68 IPs in 10 countries across 72 domains to perform 294 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2021. Valid for: a year.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	72.52.178.23 72.52.178.23	32244 (LIQUIDWEB) (LIQUIDWEB)
9	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3030::6815:631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2600:3c02::f0... 2600:3c02::f03c:91ff:fee2:5b0f	63949 (LINODE-AP...) (LINODE-AP Linode)
5	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	50.17.208.58 50.17.208.58	14618 (AMAZON-AES) (AMAZON-AES)
26	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
12	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.139.38 18.66.139.38	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.215.211.56 52.215.211.56	16509 (AMAZON-02) (AMAZON-02)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	169.63.109.126 169.63.109.126	36351 (SOFTLAYER) (SOFTLAYER)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
8	18.193.58.151 18.193.58.151	16509 (AMAZON-02) (AMAZON-02)
12	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
22	18.66.97.25 18.66.97.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	54.82.234.18 54.82.234.18	14618 (AMAZON-AES) (AMAZON-AES)
1	3.219.152.16 3.219.152.16	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.75.146.200 51.75.146.200	16276 (OVH) (OVH)
1	52.86.156.15 52.86.156.15	14618 (AMAZON-AES) (AMAZON-AES)
1	54.229.233.249 54.229.233.249	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	54.204.0.108 54.204.0.108	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
42	2606:4700:303... 2606:4700:3039::6815:c09b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	18.157.95.55 18.157.95.55	16509 (AMAZON-02) (AMAZON-02)
2	199.187.193.182 199.187.193.182	47043 (SMARTADSE...) (SMARTADSERVER)
3 3	18.192.154.98 18.192.154.98	16509 (AMAZON-02) (AMAZON-02)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a05:d018:24:... 2a05:d018:24:b001:f805:e2b8:13cc:7378	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1 1	2600:9000:223... 2600:9000:223f:f400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	52.58.94.171 52.58.94.171	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1 1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1 1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	147.135.143.66 147.135.143.66	16276 (OVH) (OVH)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 1	213.133.107.215 213.133.107.215	24940 (HETZNER-AS) (HETZNER-AS)
1 2	159.69.159.132 159.69.159.132	24940 (HETZNER-AS) (HETZNER-AS)
1 1	51.77.94.3 51.77.94.3	16276 (OVH) (OVH)
1 2	18.185.175.74 18.185.175.74	16509 (AMAZON-02) (AMAZON-02)
1	54.37.204.178 54.37.204.178	16276 (OVH) (OVH)
2	34.242.207.34 34.242.207.34	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.99.90 13.32.99.90	() ()
294	68

2 72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

www.capitalone.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:631 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

parking2.parklogic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.208.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-208-58.compute-1.amazonaws.com

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-38.fra60.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.211.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-211-56.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com

in-appadvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.193.58.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 18.66.97.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-25.fra56.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.82.234.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-234-18.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.152.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-152-16.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.200 (France)

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.156.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-156-15.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.233.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.204.0.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-0-108.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:3039::6815:c09b (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.95.55 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-95-55.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.154.98 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-154-98.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:f805:e2b8:13cc:7378 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:f400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.94.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-94-171.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.143.66 (France)

ASN16276 (OVH, FR)

netzwerk.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.133.107.215 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dedi1115.your-server.de

campaign.mobility-ads.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.159.132 (Hobstin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.132.159.69.159.clients.your-server.de

www.autohaus-koenig.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.94.3 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip3.ip-51-77-94.eu

trck.lekker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.175.74 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-175-74.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.204.178 (France)

ASN16276 (OVH, FR)
PTR: 178.ip-54-37-204.eu

ht.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (None, ) 1 redirects

ASN- ()

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	1 MB
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com	342 KB
28	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	192 KB
26	akamaized.net img-s-msn-com.akamaized.net	223 KB
21	cloudfront.net d29xw9s9x32j3w.cloudfront.net	258 KB
16	yahoo.com 4 redirects c2shb.ssp.yahoo.com ups.analytics.yahoo.com	3 KB
14	sendtonews.com embed.sendtonews.com player.sendtonews.com s2l.sendtonews.com timber.sendtonews.com	105 KB
9	simcast.com simcast.com	102 KB
8	sharethrough.com btlr.sharethrough.com	873 B
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	11 KB
6	ampproject.org cdn.ampproject.org	119 KB
6	google.com adservice.google.com www.google.com	2 KB
5	googleapis.com imasdk.googleapis.com fonts.googleapis.com	320 KB
5	cloudflare.com cdnjs.cloudflare.com	143 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	awin1.com www.awin1.com	2 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	adsrvr.org match.adsrvr.org	1 KB
3	google-analytics.com www.google-analytics.com	40 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	autohaus-koenig.de 1 redirects www.autohaus-koenig.de	532 B
2	webgains.com track.webgains.com	42 KB
2	uppr.de netzwerk.uppr.de ht.uppr.de	165 KB
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	o2online.de 1 redirects partner.o2online.de portal.o2online.de	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	1 KB
2	telefonica-partner.de 2 redirects www.telefonica-partner.de	577 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	3lift.com 2 redirects eb2.3lift.com	939 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	829 B
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	smartadserver.com ssbsync.smartadserver.com	150 B
2	bidswitch.net 2 redirects x.bidswitch.net	2 KB
2	gstatic.com fonts.gstatic.com	88 KB
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	753 B
2	adnxs.com prebid.adnxs.com ib.adnxs.com	1 KB
2	google.de adservice.google.de	914 B
2	googletagmanager.com www.googletagmanager.com	71 KB
2	capitalone.global www.capitalone.global	3 KB
1	lekker.de 1 redirects trck.lekker.de	1 KB
1	mobility-ads.de 1 redirects campaign.mobility-ads.de	468 B
1	adcell.com t.adcell.com	482 B
1	openx.net rtb.openx.net	351 B
1	smaato.net 1 redirects s.ad.smaato.net	440 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	537 B
1	2mdn.net s0.2mdn.net	17 KB
1	resonate.com cdn.resonate.com	169 B
1	crwdcntrl.net id.crwdcntrl.net	333 B
1	liadm.com idx.liadm.com	432 B
1	id5-sync.com id5-sync.com	529 B
1	rlcdn.com api.rlcdn.com	324 B
1	rkdms.com id.sv.rkdms.com	163 B
1	indexww.com js-sec.indexww.com	13 KB
1	media.net prebid.media.net	848 B
1	a-mo.net prebid.a-mo.net	342 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	145 B
1	onetag-sys.com onetag-sys.com	358 B
1	in-appadvertising.com in-appadvertising.com	547 B
1	360yield.com ice.360yield.com	458 B
1	googleadservices.com partner.googleadservices.com	447 B
1	hbwrapper.com cat.hbwrapper.com	256 B
1	parklogic.com parking2.parklogic.com	955 B
1	adapex.io cdn.adapex.io	130 KB
1	jquery.com code.jquery.com	30 KB
0	netmng.com Failed google2waycm.netmng.com Failed
294	72

	Domain	Requested by
26	img-s-msn-com.akamaized.net	simcast.com
21	d29xw9s9x32j3w.cloudfront.net	player.sendtonews.com simcast.com cdnjs.cloudflare.com
18	assets.ad4m.at	as.ad4m.at
15	cm.g.doubleclick.net	1 redirects c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
15	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com simcast.com c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
15	pagead2.googlesyndication.com	simcast.com pagead2.googlesyndication.com tpc.googlesyndication.com srcdoc c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com www.googletagservices.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com as.ad4m.at ad4m.at
12	c2shb.ssp.yahoo.com	cdn.adapex.io
9	simcast.com	www.capitalone.global simcast.com code.jquery.com
8	btlr.sharethrough.com	cdn.adapex.io
8	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net simcast.com www.capitalone.global
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	s2l.sendtonews.com	simcast.com
5	cdnjs.cloudflare.com	simcast.com player.sendtonews.com
4	ups.analytics.yahoo.com	4 redirects
4	timber.sendtonews.com	player.sendtonews.com
4	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	pubads.g.doubleclick.net	player.sendtonews.com imasdk.googleapis.com
3	www.awin1.com	as.ad4m.at
3	static-de.ad4mat.net	as.ad4m.at
3	pixel.advertising.com	3 redirects
3	www.googletagservices.com	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
3	prod-rtb.ad4mat.net	www.capitalone.global
3	www.google.com	tpc.googlesyndication.com c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
3	match.adsrvr.org	js-sec.indexww.com c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
3	fonts.googleapis.com	player.sendtonews.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
2	sb.scorecardresearch.com	1 redirects simcast.com
2	api.webgains.io	analytics.webgains.io
2	d.adtriba.com	1 redirects netzwerk.uppr.de
2	www.autohaus-koenig.de	1 redirects as.ad4m.at
2	track.webgains.com	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	ssbsync.smartadserver.com	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
2	x.bidswitch.net	2 redirects
2	s.tribalfusion.com	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
2	a.tribalfusion.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	imasdk.googleapis.com	player.sendtonews.com imasdk.googleapis.com
2	player.sendtonews.com	embed.sendtonews.com player.sendtonews.com
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.googletagmanager.com	simcast.com www.autohaus-koenig.de
2	embed.sendtonews.com	simcast.com player.sendtonews.com
2	www.capitalone.global	www.capitalone.global
1	analytics.webgains.io	track.webgains.com
1	ht.uppr.de	as.ad4m.at
1	trck.lekker.de	1 redirects
1	campaign.mobility-ads.de	1 redirects
1	netzwerk.uppr.de	as.ad4m.at
1	t.adcell.com	as.ad4m.at
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	portal.o2online.de	as.ad4m.at
1	partner.o2online.de	1 redirects
1	rtb.openx.net	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	r.turn.com	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.resonate.com	player.sendtonews.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	id5-sync.com	cdn.adapex.io
1	api.rlcdn.com	js-sec.indexww.com cdn.adapex.io
1	id.sv.rkdms.com	js-sec.indexww.com
1	js-sec.indexww.com	player.sendtonews.com
1	prebid.media.net	cdn.adapex.io
1	prebid.a-mo.net	cdn.adapex.io
1	htlb.casalemedia.com	cdn.adapex.io
1	web.hb.ad.cpe.dotomi.com	cdn.adapex.io
1	onetag-sys.com	cdn.adapex.io
1	in-appadvertising.com	cdn.adapex.io
1	ib.adnxs.com	cdn.adapex.io
1	ice.360yield.com	cdn.adapex.io
1	prebid.adnxs.com	cdn.adapex.io
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cat.hbwrapper.com	cdn.adapex.io
1	parking2.parklogic.com	simcast.com
1	cdn.adapex.io	simcast.com
1	code.jquery.com	simcast.com
0	google2waycm.netmng.com Failed	c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
294	95

This site contains links to these domains. Also see Links.

Domain
www.afternic.com

Subject Issuer	Validity	Valid
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-05-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-03` - `2023-01-03`	a year	crt.sh
*.sendtonews.com Amazon	`2021-06-17` - `2022-07-16`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cat.hbwrapper.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.in-appadvertising.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-29` - `2022-07-30`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.a-mo.net R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2021-09-20` - `2022-09-20`	a year	crt.sh
netzwerk.uppr.de R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
autohaus-koenig.de R3	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.adtriba.com Amazon	`2021-05-31` - `2022-06-29`	a year	crt.sh
ht.uppr.de R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Frame ID: 7690FA7847426B85F1FA7D8D0B022161
Requests: 97 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 6ACE3D5EA948EE08FE58CE74A67707DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1640657990&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640657990531&bpp=4&bdt=552&idt=81&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5683734008960&frm=20&pv=2&ga_vid=495401102.1640657991&ga_sid=1640657991&ga_hid=1014584063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1059668687705242&pem=943&tmod=924&ref=http%3A%2F%2Fwww.capitalone.global%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96
Frame ID: CABFE39E96000A6D743E4D06D3BB4F2F
Requests: 1 HTTP requests in this frame

Frame: https://player.sendtonews.com/player7/player/65.21.10/player.js
Frame ID: 52AC289BE74CE221DB538BB1B468B8F3
Requests: 56 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBC4CC07E1E4BC8B137E292BF4D7D01A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9E6F95AF9F0622DFA1FEB6830248F20
Requests: 2 HTTP requests in this frame

Frame: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0BA8951D092C0731CF8B9BECF5206D3E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 9729D4AE4E3C469B25B7CD6DFF342EE2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E8DBB0D1BFE9B3B2CD8EBA43E448C105
Requests: 1 HTTP requests in this frame

Frame: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B2D11E740176E8602679EE8EA3C96348
Requests: 9 HTTP requests in this frame

Frame: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A071D852F676E7BD0CE0242696E12077
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: CAFD1159ACFEB78DD0237A3DE1B6F0E2
Requests: 15 HTTP requests in this frame

Frame: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BA23312BFAF8D509F28C49FE574B12C
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gyaggfb7p8b2gfsw4sze4e8m6ehwmka9tmdy5qbxatk2abd1yqsbgvpmx6jpnd7wvyxmhv56ra2n67w20ek2f2ckr69t1mtg0wfzcmjej2k7dd9yz8he46170dbdjj378csjz7vx0kyb9jft2g257x9gcmk97zc22j7jf9gk4bahezr70qh076abb781nbrhx16pvxez78dnsjtzbt94sjkc1srsv22gewv8j3r32vmvsjmn24cfya23eaqvjqze8h615twj2y07h2azmetcgk2br65h90149entertc58y217gq12cgz1qx4jdx05rqnvet3vcp5qcrfzs505fqzzjtbcgrs19smd3s12tj91wmja1g82m2csg0zbkh1aawss1b386bnrp53ewkq4wtsr37zdqk13t8mqjweg3kwdv7sxpn82yt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: AC7916A1362FA1B8B7C8F1FA56B464AD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8A72828D8C1A3F7DCC79B3C3F6FA41C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hnatg5cpt366hpmkr2s9dkzvfms660vrh9hvy4723pg9nj5jzt73hxfqej5phd42v4v2bbskv555rnj2wsec7277tp72shhx89d0sn73vfyehmjssvqx8mz2whqmtbhpts2vrkhjdek8zg0p0h3f49y207r1gq1s4n40knk2kdpstxc7xv10x0xvdege5sz1amygsvz5dq4xgbjfdfft1gpna39y2kvzn5at94544atths1vka10ja91wpex6x7eq8zsgsy1j462x7kbcz4hsft95jf5szqbhjbhr8va9sp6hpbzs9110231qbkz8hy9hrhnyerg810fh01yzkfc0g678kvqnv0ta97a6fq3ay92nernv6ahf9n8296ntggv09f2sbrhx0drp9scqpew2fnt0h0t7zrrygjy2kbp7rh998hq8r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 242E45EC4D890CDD68C2FDEDFD5DB0F4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6AF5F10959D24AFED5BCC1FB8EF8D54B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gqqbcer56fj220a9kbjdwdza74eq101kmvjyz04xawzw9ny2b8kh7886qn7s400ya06j7cz4wn77f0zn0hd324nbmaa11tjcdfbpvwwqah6bm49663v83rb64960wmek6krzxj41sbs9hdks33xnz1cjez69vcnj9wnkhjnb5x7apx52gqc04aw4vhgapf50akt4qdzc20jqfgc5vaxxz3e31w6zzv2n22fd2j6ckpr87g9323qvwrcza0sskcjkq88kca9rsm6d0n03n8tw949nv79z8e8spz1w4ngb024fmm6mnypmb006myan502ck9mv6861gefdv7abkm9gyxzxvfks86av11zbja9aww6qpkw6h352kae06eg8ytdpsn82q6tdy4ntchj5hr70jjn5yk0znygbz5ef7kymby46rrypktg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 4E1D20126EE3CF21729CFFBC9696EC96
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 191D8FEE59553712EC16750EE2A97A4F
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C845F47B1FEA1C1BBDBC9D356FDA1851
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CECDD4102409747AB3A0291196D6EC16
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AEAF9530E9EA3D069A1FAA3D9D55129C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Frame ID: AED563D55212130BBD1F62E858C62306
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Frame ID: 52DA57629436988E9E3D0F17FBB6AE22
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Frame ID: AFAB338B2067C2DF0A4588551669E8A1
Requests: 12 HTTP requests in this frame

Frame: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=470927724
Frame ID: 4204278F3D3819DE5FF617A2101BB2A7
Requests: 3 HTTP requests in this frame

Frame: https://d.adtriba.com/px.gif
Frame ID: 266B8B9A2017CDE87EB11D0A9E968D89
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

http://www.capitalone.global/ Page URL
http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBAKX70XNLDczdtfX840%2Fpv14nR9DdVRqv... Page URL
https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

294
Requests

90 %
HTTPS

34 %
IPv6

72
Domains

95
Subdomains

68
IPs

10
Countries

3664 kB
Transfer

8207 kB
Size

66
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.afternic.com/forsale/capitalone.global?utm_campaign=TDFS_Site&traffic_id=gddy&traffic_type=gddy
Title: Click here to find out or call +1-866-284-4125

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.capitalone.global/ Page URL
http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBAKX70XNLDczdtfX840%2Fpv14nR9DdVRqv%2FUV0iFNXFRSa2%2FFC5GZK99U9PMqA%2FCJ8d2d9yOCoV%2FlxOydP0jUbqobTb9EzPUJHWOv3to8s7SDGAK3RTFiEi%2FgzvJFY6cBE22fNKkamwUValj5KLOzEdWYDzqo6z7cYv9cuqSjZKc6qJudkPpcg2VVLNrR3wtHGqg2ciTOK56dRHenwtAbyLuuVMitRsW5Q9UkEt4IpwtOWkSOD6r2SrCEQ5V1xx3ix4UmDNTHfHZ1udtyFOuFB3BB%2B9%2BExcZhRcU9NL7jMfCLrZtLBOWRRiXErPcmbUTV2mb%2FamkEok7e9Qb6NqgnYqafLpgicA3BMxQB5WuP%2BgkHmuVdunc8ecnN3xlkrU9qEOUuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=aKR5g3xPREZ5RlN5c1pncWZOMDZEdlZaa1laN25HK2JEUHdUckdlSUd2U200QnpYenM5aWcyS0VIZi80ZkVOOWZ1ZHl5Q0ZQUVZjMVVSUVFCYmFrbThqQkxadXlpMHdlSURocnRKUkNpSVBaRkswdEhFL3ZuVHFMeWtWSThFaFpHMDhJbG44eEZsMDlRcHVtM1lUOUlSRVYzZ2V0S2tSSmw4S1E2Y211T3Qrc2lhcGorb1Qxb3ptZTIwdmlBd252REJ1d0VyZ1lqcThMcWZDb0VhNCtPZTE1djlRYnZSdE5YRSt0Y1VkeEZZZEpsWVg0PXw&cppv=2

Request Chain 192

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 193

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPk6Rr_ME9oCJJeD4NooZ3M&google_cver=1&google_push=AYg5qPLNiDwa6S0lNX0u4h_1FEvQz7M8lVt-dUHJUB9BvXXb-AB_0VoqN4QuXNQgCRNPC_NnqKAQwiB3lAZ5yp_pRHbNmRyrPXY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPk6Rr_ME9oCJJeD4NooZ3M&google_push=AYg5qPLNiDwa6S0lNX0u4h_1FEvQz7M8lVt-dUHJUB9BvXXb-AB_0VoqN4QuXNQgCRNPC_NnqKAQwiB3lAZ5yp_pRHbNmRyrPXY

Request Chain 195

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGAVIZz_DiOj_hid7PSq_XY&google_cver=1&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGAVIZz_DiOj_hid7PSq_XY&google_cver=1&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ&google_hm=W0wnQ4tzRqS3skaV_BIfFA==

Request Chain 197

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w&apid=UPa420803e-6784-11ec-95cd-0299307c0b66 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w&apid=UPa420803e-6784-11ec-95cd-0299307c0b66&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w

Request Chain 200

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJNQlvf4NrmsyTNmTMxXwcI&google_cver=1&google_push=AYg5qPIMH0ZnJc-cHBxwrnpuZzs7QPbsAmWuBs0fxw8nXNzvkkZv9POv7b_LHiQUfS-ikdsGCUfQoGgFDCTNVp-0DfLhA4MO5LJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAyNTgzNjk4NDc4NDg1NzIxNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJNQlvf4NrmsyTNmTMxXwcI&google_cver=1

Request Chain 201

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOy13QVgUvhmwZgfmlgBbYo&google_cver=1&google_push=AYg5qPLLnK4a01FIuavb1eopJAefj5A7njj6ejCOlN_AwWDFlv9QJKwpDt4zqy-oGfw2PjCJhpCleWkuJ0XP1r7a2YghPQwdlaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjU3MjQxOTU3MjQ5NjUyNg%3D%3D&google_push=AYg5qPLLnK4a01FIuavb1eopJAefj5A7njj6ejCOlN_AwWDFlv9QJKwpDt4zqy-oGfw2PjCJhpCleWkuJ0XP1r7a2YghPQwdlaQ

Request Chain 202

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKuH0h0JGDzK78L2Sr7I4Dg&google_cver=1&google_push=AYg5qPJFhxFqaGrsd313JnRYqdm_rvBW3yLaWgCjqMHxCRIPN-stHZ8_GRXpWsOKS9mTTGqM423rj95zMzvWEzjd9Ojgyca9U528 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKuH0h0JGDzK78L2Sr7I4Dg&google_cver=1&google_push=AYg5qPJFhxFqaGrsd313JnRYqdm_rvBW3yLaWgCjqMHxCRIPN-stHZ8_GRXpWsOKS9mTTGqM423rj95zMzvWEzjd9Ojgyca9U528&s_h=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=vzpVdyPtRXWaQK0TUbXc3w&gdpr=1&gdpr_consent=

Request Chain 203

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjTEXBRrqRMeZUreLuGSSI&google_cver=1&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KWIWRZrPdAvbcBxRn64VbcHS HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHjTEXBRrqRMeZUreLuGSSI&google_cver=1&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KWIWRZrPdAvbcBxRn64VbcHS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4ODgxNDUzNjA5NTQ5NjUxMg&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KWIWRZrPdAvbcBxRn64VbcHS

Request Chain 204

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENlcbwDnwLuXijM04XWIg78&google_cver=1&google_push=AYg5qPLejNNA7fGAprSYXejfx4V_i6YtwOWAYdeQfPL7Z5DXxm3p-54d0wU_baJQHOVB_QAVO_lJ2iHw6THrlcZuWzc1FWyIE78 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLejNNA7fGAprSYXejfx4V_i6YtwOWAYdeQfPL7Z5DXxm3p-54d0wU_baJQHOVB_QAVO_lJ2iHw6THrlcZuWzc1FWyIE78

Request Chain 205

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKM0hx1F3qg3jLh-Blw2Hgs&google_cver=1&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03&google_gid=CAESEKM0hx1F3qg3jLh-Blw2Hgs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTY5ODc3MTc5MDQxMDg4NDA0MA%3D%3D&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03

Request Chain 207

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cver=1&google_push=AYg5qPIStAuxCbp6YUSd2IHYrjWRWSfwvrdL6w9T38LcUOH78IZN2kkRNJXu_y75qUOd7WTS84VIW8rOMNad0Qn7QZoSW0SS4FWK HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cver=1&google_push=AYg5qPIStAuxCbp6YUSd2IHYrjWRWSfwvrdL6w9T38LcUOH78IZN2kkRNJXu_y75qUOd7WTS84VIW8rOMNad0Qn7QZoSW0SS4FWK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGlFVFhWRG0xTjIyNUc1&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cver=1&google_push=AYg5qPIStAuxCbp6YUSd2IHYrjWRWSfwvrdL6w9T38LcUOH78IZN2kkRNJXu_y75qUOd7WTS84VIW8rOMNad0Qn7QZoSW0SS4FWK

Request Chain 208

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 211

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN3QFwDpcD84ysnyaAkQt0M&google_cver=1&google_push=AYg5qPKX6jVSkaMeswIjMBCflcL35IlzAhns6Znyovp-0ftu83u4WJyYzctp4o9SsSFm-iVzP3xApp9WAfEgMfj7iko3dQgKpAm1 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN3QFwDpcD84ysnyaAkQt0M&google_cver=1&google_push=AYg5qPKX6jVSkaMeswIjMBCflcL35IlzAhns6Znyovp-0ftu83u4WJyYzctp4o9SsSFm-iVzP3xApp9WAfEgMfj7iko3dQgKpAm1&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsdV4VizTSW55eSqtUt0AA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKX6jVSkaMeswIjMBCflcL35IlzAhns6Znyovp-0ftu83u4WJyYzctp4o9SsSFm-iVzP3xApp9WAfEgMfj7iko3dQgKpAm1

Request Chain 213

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKzJ24b8_vUpJu37fhPcZwnVPAizg8XuxIrCy HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKzJ24b8_vUpJu37fhPcZwnVPAizg8XuxIrCy&apid=UPa420803e-6784-11ec-95cd-0299307c0b66 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKzJ24b8_vUpJu37fhPcZwnVPAizg8XuxIrCy&apid=UPa420803e-6784-11ec-95cd-0299307c0b66&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKzJ24b8_vUpJu37fhPcZwnVPAizg8XuxIrCy

Request Chain 242

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24

Request Chain 245

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752

Request Chain 268

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHKoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.autohaus-koenig.de/htlp?coyotetrackingid=470927724 HTTP 301
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=470927724

Request Chain 269

https://trck.lekker.de/trck/htlp/htlp.html?em_source=uppr&utm_source=uppr&host=lekker.de&pvid=61ca744963db1f2eff1e75f5&url=https%3A%2F%2Fd.adtriba.com%2Fcollect%3Fatb_ptid%3D0316c55c%26atb_dpuid%3Dadvancedstore%26atb_dcaid%3Dcpo-native.strom.preis%26atb_dcrid%3Dstecker-geld%26atb_dcrsi%3D HTTP 301
https://d.adtriba.com/collect?atb_ptid=0316c55c&atb_dpuid=advancedstore&atb_dcaid=cpo-native.strom.preis&atb_dcrid=stecker-geld&atb_dcrsi= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 297

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1640657991907&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2688&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=1697128&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1640657997206&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5299&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=DraftKings&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1640657991907&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2688&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=1697128&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1640657997206&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5299&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=DraftKings&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=

294 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
www.capitalone.global/ 2 KB
2 KB 1407ms
1283ms Document
text/html 72.52.178.23
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.capitalone.global/
Protocol: HTTP/1.1
Server: 72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 28 Dec 2021 02:19:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bouncy.php
www.capitalone.global/page/ 709 B
993 B 129ms
129ms Document
text/html 72.52.178.23
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBAKX70XNLDczdtfX840%2Fpv14nR9DdVRqv%2FUV0iFNXFRSa2%2FFC5GZK99U9PMqA%2FCJ8d2d9yOCoV%2FlxOydP0jUbqobTb9EzPUJHWOv3to8s7SDGAK3RTFiEi%2FgzvJFY6cBE22fNKkamwUValj5KLOzEdWYDzqo6z7cYv9cuqSjZKc6qJudkPpcg2VVLNrR3wtHGqg2ciTOK56dRHenwtAbyLuuVMitRsW5Q9UkEt4IpwtOWkSOD6r2SrCEQ5V1xx3ix4UmDNTHfHZ1udtyFOuFB3BB%2B9%2BExcZhRcU9NL7jMfCLrZtLBOWRRiXErPcmbUTV2mb%2FamkEok7e9Qb6NqgnYqafLpgicA3BMxQB5WuP%2BgkHmuVdunc8ecnN3xlkrU9qEOUuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: HTTP/1.1
Server: 72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.capitalone.global/

Response headers

Date: Tue, 28 Dec 2021 02:19:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request / Show response
simcast.com/ 38 KB
8 KB 733ms
457ms Document
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBAKX70XNLDczdtfX840%2Fpv14nR9DdVRqv%2FUV0iFNXFRSa2%2FFC5GZK99U9PMqA%2FCJ8d2d9yOCoV%2FlxOydP0jUbqobTb9EzPUJHWOv3to8s7SDGAK3RTFiEi%2FgzvJFY6cBE22fNKkamwUValj5KLOzEdWYDzqo6z7cYv9cuqSjZKc6qJudkPpcg2VVLNrR3wtHGqg2ciTOK56dRHenwtAbyLuuVMitRsW5Q9UkEt4IpwtOWkSOD6r2SrCEQ5V1xx3ix4UmDNTHfHZ1udtyFOuFB3BB%2B9%2BExcZhRcU9NL7jMfCLrZtLBOWRRiXErPcmbUTV2mb%2FamkEok7e9Qb6NqgnYqafLpgicA3BMxQB5WuP%2BgkHmuVdunc8ecnN3xlkrU9qEOUuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7df6959672808cc6eb967052740a270a5803d82d727aafc952ebedb93a1592b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.capitalone.global/

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
server: Apache/2.4.38 (Debian)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
content-encoding: gzip
content-length: 7264
content-type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 78ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1640657990.dop207.ml1.t,1640657990.cds014.ml1.hn,1640657990.cds019.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 20 KB
4 KB 324ms
109ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 00:43:56 GMT
server: Apache/2.4.38 (Debian)
etag: "5101-5d2abe6bdeb00-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 4273

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 330ms
113ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 21:31:18 GMT
server: Apache/2.4.38 (Debian)
etag: "daa3-5d2a935d4d580-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 12209

GET
H/1.1 200
OK lib.js Show response
simcast.com/templates/simcast/js/ 856 B
787 B 339ms
115ms Script
application/javascript 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/js/lib.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 03:31:19 GMT
server: Apache/2.4.38 (Debian)
etag: "358-5d39fa3726fc0-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: application/javascript
content-length: 459

GET
H2 200 aaw.smc.js Show response
cdn.adapex.io/hb/ 477 KB
130 KB 69ms
31ms Script
application/javascript 2606:4700:3030::6815:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.smc.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71351b729bfc7c206bd80a001801bca3317ed54a28830dce9903cca1cc1e4490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 21 Dec 2021 07:51:08 GMT
server: cloudflare
etag: W/"61c1876c-774da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fAlUL9CsVvhAvpunfXywD%2FuikE8a2pwyGxxgj07EoPk2HNhK4MVkj9a5xFdWO6%2F8bnOs%2FQeDRUjpUaiE%2B8fiVDVJCXo8bS5NSJRPj0MelrWgHtwnCHLm8GfLoRAdlv%2FAo1YQ5y75mQINnAP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6c474e59684f3128-FRA
expires: Tue, 28 Dec 2021 07:55:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 68ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b66726b62250765d0d8eaca7c0a748330debceaed154bd27829125b80a9ee189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51761
x-xss-protection: 0
server: cafe
etag: 6575366215542074271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H/1.1 200
OK enhance.js Show response
parking2.parklogic.com/page/ 670 B
955 B 461ms
110ms Script
text/javascript 2600:3c02::f03c:91ff:fee2:5b0f
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=capitalone.global
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash: fcc29249ad70bf65d0ea27cb0152aaa575120262c15d6aaca0c5d17c0c57b18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection: Keep-Alive
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Keep-Alive: timeout=5, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 386ms
113ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Thu, 09 Dec 2021 00:46:50 GMT
server: Apache/2.4.38 (Debian)
etag: "527-5d2abf11cf280"
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: image/png
content-length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 67ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3050056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1399
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekvLjxwyzKxZ%2Fqr599l%2BrvPKcKFzgfs%2BAAOoHMlzgDC306XIeQsWEXyFdAAgSBTE5cCLhkmMt51Tno6Qw%2FV8tmj6nFPdncivTPZU5F01OWMCJ1QMnprHemI98XlAwRqDYnBzjqIw%2BjdBJPfDtFd745PC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c474e5baa3b59dd-MXP
expires: Sun, 18 Dec 2022 02:19:50 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 25ms
20ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1579523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1541
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDBm%2FCC4qQNN3%2BBVjdY%2B6w4DTZfw3j240mUMKLSMVyckzg24%2BEdmn9GXPF8K9094sUZ0duOQEMcRFoUD6fCzMSIfw7puqbdAtGCGSL%2FM9ExYZfKr%2BXl48ki6iuvSGK%2BIzjPGgeXjAAARiEBck7%2Bz8QCC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c474e5bea7e59dd-MXP
expires: Sun, 18 Dec 2022 02:19:51 GMT

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 992 B
666 B 330ms
111ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:52:56 GMT
server: Apache/2.4.38 (Debian)
etag: "3e0-5d2ab305a0600-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 352

GET
H/1.1 200
OK embedcode.js Show response
embed.sendtonews.com/player3/ 81 KB
26 KB 516ms
205ms Script
application/javascript 50.17.208.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-208-58.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 26300
Expires: Tue, 28 Dec 2021 03:19:51 GMT

GET
H2 200 AASaFiP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 5 KB
5 KB 55ms
8ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASaFiP.img?h=100&w=100&x=960&y=540&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6070ffe90a649717f66c041d932e7d6d6e9b5ed5cd557d39e6ec9df82bb12719

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 22:57:16 GMT
x-datacenter: northeu
x-source-length: 270038
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=419850
x-activityid: 497f1c13-01ce-4111-a3bd-38b450468e55
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASaFiP?h=100&w=100&x=960&y=540&m=5
content-length: 4798
expires: Sat, 01 Jan 2022 22:57:21 GMT

GET
H2 200 AAzjSw3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 61ms
13ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Fri, 24 Dec 2021 05:51:36 GMT
x-datacenter: northeu
x-source-length: 3247
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=99229
x-activityid: 46d41d5a-6656-4726-a044-2eff624f404c
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3
content-length: 3247
expires: Wed, 29 Dec 2021 05:53:40 GMT

GET
H2 200 AASbyyT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
5 KB 62ms
14ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbyyT.img?h=100&w=100&x=600&y=337.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4754fb14feda76d4a7efdec8d96a49b6dd1f9971263adf11a6ac81a6f1520f82

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 22:54:38 GMT
x-datacenter: northeu
x-source-length: 93134
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=419702
x-activityid: 1e01b7b8-5935-4f1f-a604-6b92039b966a
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbyyT?h=100&w=100&x=600&y=337.5&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 4508
expires: Sat, 01 Jan 2022 22:54:53 GMT

GET
H2 200 AA3e6zI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 412 B
717 B 55ms
8ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3e6zI.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd08a87c0d61e7eecc5c1896111ffaa3c716558173bc4ab0b4176d88565f58d6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Fri, 24 Dec 2021 13:03:56 GMT
x-datacenter: northeu
x-source-length: 412
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=124936
x-activityid: 81a7173d-6b70-417f-b2ee-9316aa02354d
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AA3e6zI
content-length: 412
expires: Wed, 29 Dec 2021 13:02:07 GMT

GET
H2 200 AASbVo7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 56ms
9ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbVo7.img?h=100&w=100&x=1024&y=682.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

678ba891eeb3ab28bf3974cce5c91e9459a090185631bdb6b163c635a5492d77

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Tue, 28 Dec 2021 01:52:31 GMT
x-datacenter: northeu
x-source-length: 190599
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430416
x-activityid: 89c483af-319c-47b6-bdb4-698b1a7ba5a9
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbVo7?h=100&w=100&x=1024&y=682.5&m=5
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 3035
expires: Sun, 02 Jan 2022 01:53:27 GMT

GET
H2 200 AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 417 B
760 B 10ms
7ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Sun, 26 Dec 2021 21:40:55 GMT
x-datacenter: northeu
x-source-length: 417
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=328965
x-activityid: 184ecdae-ff0f-4afd-a05a-ca01fbb08561
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length: 417
expires: Fri, 31 Dec 2021 21:42:36 GMT

GET
H2 200 AASbl4i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 10ms
8ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbl4i.img?h=100&w=100&x=619.5&y=255.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b2be8c6569ba725c54f79247df718bc55d40c369ecf748cc7545ca27eeaddf9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 22:54:58 GMT
x-datacenter: northeu
x-source-length: 128231
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=419654
x-activityid: 7828be19-3ae2-4abd-837c-5d3ed8b5431e
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbl4i?h=100&w=100&x=619.5&y=255.5&m=5
content-length: 3220
expires: Sat, 01 Jan 2022 22:54:05 GMT

GET
H2 200 AASbyVG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 11ms
9ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbyVG.img?h=100&w=100&x=384&y=261&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2435dc50b3a4b36e1f744d963b4d17a4866583d188cb6d6a5a698b4d866c5278

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 19:48:37 GMT
x-datacenter: northeu
x-source-length: 187194
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=408569
x-activityid: b53a7b46-30ff-4fdc-b8c0-00da89354038
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbyVG?h=100&w=100&x=384&y=261&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 4140
expires: Sat, 01 Jan 2022 19:49:20 GMT

GET
H2 200 BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 142 B
519 B 12ms
9ms Image
image/gif 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB18qTPD
date: Tue, 28 Dec 2021 02:19:51 GMT
x-source-length: 142
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD
x-activityid: 0e788297-7d2b-46b0-a747-8477ac1a0342
last-modified: Mon, 27 Dec 2021 19:16:31 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 142
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=406640
timing-allow-origin: *
expires: Sat, 01 Jan 2022 19:17:11 GMT

GET
H2 200 AASblzz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 88 KB
88 KB 14ms
11ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASblzz.img?h=500&w=1000&x=960&y=540&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

239d61a9957bcec1798da01c5701c5b3170693a1205f336890ae4d750b7ed0c1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 23:12:20 GMT
x-datacenter: northeu
x-source-length: 261567
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=420796
x-activityid: 0ccb2ead-849c-4928-8f86-0a6a8842cbd8
content-location: https://img.s-msn.com/tenant/amp/entityid/AASblzz?h=500&w=1000&x=960&y=540&m=2
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 89962
expires: Sat, 01 Jan 2022 23:13:07 GMT

GET
H2 200 AASbl4i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 25ms
22ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbl4i.img?h=70&w=95&x=619.5&y=255.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

825cc043e05a1b39247ae024b78d4e3772a5766754e1e3f982ea780d782b89b1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 22:56:00 GMT
x-datacenter: northeu
x-source-length: 128231
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=419801
x-activityid: 6f4433a1-f95f-48a9-8f80-921c6f357034
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbl4i?h=70&w=95&x=619.5&y=255.5&m=5
content-length: 2223
expires: Sat, 01 Jan 2022 22:56:32 GMT

GET
H2 200 AASbvBC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 26ms
23ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbvBC.img?h=70&w=95&x=400&y=300.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37c7ab38c84462e9e99855e3e9375f5fb66f3c1daca2b13367369f1f17b8091a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 19:49:33 GMT
x-datacenter: northeu
x-source-length: 67713
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=408611
x-activityid: 38d7eba5-950c-49cc-bb0b-30e7ae124c7a
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbvBC?h=70&w=95&x=400&y=300.5&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 2391
expires: Sat, 01 Jan 2022 19:50:02 GMT

GET
H2 200 BB10ea2p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
1 KB 26ms
23ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10ea2p.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Sat, 25 Dec 2021 21:56:56 GMT
x-datacenter: northeu
x-source-length: 1105
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=243432
x-activityid: 2d822139-86d1-4683-aa41-202672cdcd60
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10ea2p
content-length: 1105
expires: Thu, 30 Dec 2021 21:57:03 GMT

GET
H2 200 AASbVo7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 26ms
24ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbVo7.img?h=70&w=95&x=1024&y=682.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

11485dfcc676cb4d7e1a91ba485e799dc45e2854ef657372dbdaa7c602db0adf

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Tue, 28 Dec 2021 01:52:48 GMT
x-datacenter: northeu
x-source-length: 190599
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=430332
x-activityid: ad8a2122-a8a6-4047-a5a1-b564d0405c74
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbVo7?h=70&w=95&x=1024&y=682.5&m=5
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 2509
expires: Sun, 02 Jan 2022 01:52:03 GMT

GET
H2 200 AARmU2L.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 27ms
24ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARmU2L.img?h=70&w=95&x=512&y=383&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

94e783ab4010731f31fb390946934db8d4271de7d970d61af658d89778d03183

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 12:38:48 GMT
x-datacenter: northeu
x-source-length: 229889
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=382745
x-activityid: 6df9c793-1467-4a1d-9e70-f1c436f1e64d
content-location: https://img.s-msn.com/tenant/amp/entityid/AARmU2L?h=70&w=95&x=512&y=383&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 2363
expires: Sat, 01 Jan 2022 12:38:56 GMT

GET
H2 200 AAHxwMU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 27ms
25ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAHxwMU
date: Tue, 28 Dec 2021 02:19:51 GMT
x-source-length: 19380
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU
x-activityid: 185be4e0-b18b-4a10-817f-c32a4054eddc
last-modified: Thu, 23 Dec 2021 20:26:18 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 19380
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=65156
timing-allow-origin: *
expires: Tue, 28 Dec 2021 20:25:47 GMT

GET
H2 200 AASbEO0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 28ms
25ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbEO0.img?h=70&w=95&x=1024&y=682.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6de1eb8f0c4b9230bb9901f5d915fa6ca1a0b040b03e6766faebeeea83c20aa5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 20:06:24 GMT
x-datacenter: northeu
x-source-length: 345838
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=409609
x-activityid: 65ec81f9-9520-4160-8910-275a4dc8a3fd
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbEO0?h=70&w=95&x=1024&y=682.5&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 2289
expires: Sat, 01 Jan 2022 20:06:40 GMT

GET
H2 200 AAzl6aj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 28ms
25ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzl6aj.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8266b9e45c14a4aaa67f859d2960a06a7f38295e2f408c77f89a907dddc8e6e6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Sat, 25 Dec 2021 04:53:12 GMT
x-datacenter: northeu
x-source-length: 2530
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=181862
x-activityid: dc511fbc-f44b-4835-aaa4-2f729cae6557
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img.s-msn.com/tenant/amp/entityid/AAzl6aj
content-length: 2530
expires: Thu, 30 Dec 2021 04:50:53 GMT

GET
H2 200 AAS8YmG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 28ms
26ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAS8YmG.img?h=70&w=95&x=600&y=337.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a80fac76ee277acd2ac394529c7eacd9c4d837244dab26f6c2f58e7381090fb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 17:37:27 GMT
x-datacenter: northeu
x-source-length: 89727
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=400625
x-activityid: 27e33908-0ae5-4cb1-9338-f10eb4ed295d
content-location: https://img.s-msn.com/tenant/amp/entityid/AAS8YmG?h=70&w=95&x=600&y=337.5&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 2604
expires: Sat, 01 Jan 2022 17:36:56 GMT

GET
H2 200 AASbKin.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 29ms
26ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbKin.img?h=70&w=95&x=1024&y=710&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbe75b409dfdf7f8e015e7dc8e6bbdba642548e8206070f0c2ba2dbca06f3bd6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 21:35:07 GMT
x-datacenter: northeu
x-source-length: 183779
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=414839
x-activityid: 352c4dd8-e715-43c2-bc6e-dec7792f9d45
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbKin?h=70&w=95&x=1024&y=710&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 3095
expires: Sat, 01 Jan 2022 21:33:50 GMT

GET
H2 200 AARWp4w.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 29ms
26ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARWp4w.img?h=70&w=95&x=624&y=294&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

50b624e5e4ddd670cc95d4eef015e4ee8566b752edb565f945e0ca0ede692dc7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 17:06:04 GMT
x-datacenter: northeu
x-source-length: 243642
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=398666
x-activityid: 0e5e5ed8-9aae-451f-878b-7ef17b4f3e50
content-location: https://img.s-msn.com/tenant/amp/entityid/AARWp4w?h=70&w=95&x=624&y=294&m=5
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 2638
expires: Sat, 01 Jan 2022 17:04:17 GMT

GET
H2 200 BBZbaoj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 351 B
727 B 29ms
27ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBZbaoj
date: Tue, 28 Dec 2021 02:19:51 GMT
x-source-length: 351
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj
x-activityid: 736c002f-ee1f-41a9-a9b0-1fdfaf30aa6f
last-modified: Thu, 23 Dec 2021 21:39:25 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 351
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=69605
timing-allow-origin: *
expires: Tue, 28 Dec 2021 21:39:56 GMT

GET
H2 200 AASbFOa.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 30ms
27ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbFOa.img?h=70&w=95&x=318.5&y=171.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7c786bacc1bc396b76849a7ef83d7c3f3a4fa9690f9294757a3a2c12ebb63825

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 22:55:41 GMT
x-datacenter: northeu
x-source-length: 93687
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=419756
x-activityid: bd88b7d8-4b1d-46b9-ae8d-fb26e21c2aca
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbFOa?h=70&w=95&x=318.5&y=171.5&m=5
content-length: 3601
expires: Sat, 01 Jan 2022 22:55:47 GMT

GET
H2 200 BBMQmHU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 321 B
628 B 30ms
28ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBMQmHU.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d18a18eb8f2b492c1494557caff4047e403c7312782e664b6517479e5bb2e47

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 20:55:49 GMT
x-datacenter: northeu
x-source-length: 321
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=412563
x-activityid: 6c5a7393-2cdf-496d-b059-30d188d353df
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBMQmHU
content-length: 321
expires: Sat, 01 Jan 2022 20:55:54 GMT

GET
H2 200 AASbyVG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 37 KB
37 KB 31ms
28ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbyVG.img?h=300&w=400&x=384&y=261&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8bf11a33a4674683eee1518815ac28eb1576da4dd1518796160dab1ace23ba63

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 19:53:30 GMT
x-datacenter: northeu
x-source-length: 187194
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=408844
x-activityid: f026f49c-bec3-4533-a923-12148fecfdef
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbyVG?h=300&w=400&x=384&y=261&m=2
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 37613
expires: Sat, 01 Jan 2022 19:53:55 GMT

GET
H2 200 AASb1yi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
20 KB 30ms
28ms Image
image/jpeg 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASb1yi.img?h=300&w=400&x=475&y=475&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62ecaf1ae384bc98ce95a06225c6f25dda29d5a26eed4c5eb16750872cf221f6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Mon, 27 Dec 2021 15:12:40 GMT
x-datacenter: northeu
x-source-length: 96609
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=392041
x-activityid: ef7f2994-3c0c-4ee8-99d1-5f07fa19fe56
content-location: https://img.s-msn.com/tenant/amp/entityid/AASb1yi?h=300&w=400&x=475&y=475&m=2
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 19880
expires: Sat, 01 Jan 2022 15:13:52 GMT

GET
H/1.1 200
OK gdpr.css
simcast.com/widgets/gdpr/ 799 B
665 B 333ms
113ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/gdpr/gdpr.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:52:06 GMT
server: Apache/2.4.38 (Debian)
etag: "31f-5d2ab2d5f1580-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 351

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 57ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f17b748919141d930da96aa8bce5e431d9e8d9f0d5c531e3bd0143e41dc25ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36172
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 02:19:51 GMT

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
256 B 307ms
98ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Tue, 28 Dec 2021 02:19:51 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 52ms
23ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1084 / 380 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 46ms
30ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 63 B
92 B 40ms
25ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5857138def6703a65c3b907b9d85c15c3ed7d2a4025fbd006a32e0e010e09863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 379ms
214ms Font
font/woff2 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
last-modified: Wed, 08 Dec 2021 21:32:06 GMT
server: Apache/2.4.38 (Debian)
etag: "126b0-5d2a938b14180"
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: font/woff2
content-length: 75440

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 51ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9565037823771164&plah=simcast.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 6ACE 11 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Dec 2021 18:37:20 GMT
expires: Mon, 10 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 27751
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
447 B 31ms
15ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9565037823771164&plah=simcast.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7a2fed49b1f119f67e5550ecb58df3ff1de9d694a400b10458cb133371efd876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 75ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=simcast.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 74ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CABF 603 B
68 B 49ms
34ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1640657990&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640657990531&bpp=4&bdt=552&idt=81&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5683734008960&frm=20&pv=2&ga_vid=495401102.1640657991&ga_sid=1640657991&ga_hid=1014584063&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752&oid=2&pvsid=1059668687705242&pem=943&tmod=924&ref=http%3A%2F%2Fwww.capitalone.global%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=96

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 02:19:51 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Dec 2021 02:19:51 GMT
cache-control: private

GET
H2 200 / Show response
player.sendtonews.com/version/ 208 B
557 B 36ms
7ms Script
application/javascript 18.66.139.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/version/?jsonp
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: ba1d4c816a3afc381c8b2883571e8cbdc8c982ccba7e977072722c881b69b40d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:12:55 GMT
content-encoding: gzip
server: Apache
age: 416
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P4
content-length: 180
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-id: 97GIXustCJX5w3BIjvML3AAN7d6MT7_ThySrtolA3E_IVdYzOO0bhw==
expires: Tue, 28 Dec 2021 02:22:55 GMT

GET
H/1.1 200
OK ajaxjs.php Show response
simcast.com/widgets/ms/ 4 B
363 B 353ms
127ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding
upgrade: h2
cache-control: no-store, no-cache, must-revalidate
connection: Upgrade
content-type: text/html; charset=UTF-8
content-length: 24
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 player.js Show response
player.sendtonews.com/player7/player/65.21.10/ Frame 52AC 240 KB
72 KB 25ms
9ms Script
application/javascript 18.66.139.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-38.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: e8ba6c25e1483b376da5f911cb5a9cda1cf892b3e3b6a6d193e564636343bf47

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:12:37 GMT
content-encoding: gzip
age: 434
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 23:19:56 GMT
server: Apache
etag: "3bfc5-5d2aaba559f00-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: X8Ro1K4xuJ5OnNVHauL77mpKGy3dIbCL98pEAa3tYDTqsZ9mHiFEHQ==
expires: Tue, 28 Dec 2021 03:12:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4725
date: Tue, 28 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Dec 2021 03:01:06 GMT

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 290 B
647 B 142ms
94ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: a83c517e8e5453953e319cadc5f4edb4e3020fc924bda9b6b57142294288eb24

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:51 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 hb Show response
ice.360yield.com/ 245 B
458 B 125ms
34ms XHR
application/json 52.215.211.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2296ac018a1d6997b%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fe5655d4-a1c6-42ab-af73-6aa4f06483ea%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222716d0971d8eb58%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597743%2C%22tid%22%3A%222f03113f-ff1f-4225-b2f8-52968996e876%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22281abdb8d8e0ac2%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597746%2C%22tid%22%3A%227472b743-e3c9-480b-a73f-7723716980a3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%5D%7D%7D%2C%7B%22id%22%3A%2229b8b52f69b00d3%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597745%2C%22tid%22%3A%228288de91-8f1a-4dfa-bc3e-948923f17074%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22303e11d53832274%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597747%2C%22tid%22%3A%226f5cef9d-2761-41e5-924f-3987203d1573%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.211.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-211-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0d357ce7103733b982eda21117799c12a16653261020f75a1cc17cfd1645edfc

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 245
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
695 B 37ms
12ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:51 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6114cf91-98d9-46e9-9ca1-818e3b1dcf33
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
in-appadvertising.com/api/ 55 B
547 B 408ms
102ms XHR
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/api/bidRequest?bidId=37c891b7fa6bc2b&pubId=30557&sectionId=10399&vers=5.17.0&url=https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 7e.6d.3fa9.ip4.static.sl-reverse.com
Software: nginx/1.16.1 /
Resource Hash: 9840ddd897e21cfd008af700fe2ca1c617b6592a4f95efbd9a571bd86b936b5a

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:52 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: https://simcast.com
Cache-control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 39ms
10ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://simcast.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
145 B 72ms
16ms XHR
text/plain 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
327 B 152ms
105ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2248d79dee302cc9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249edd01bcd53294%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22533c3ecc190875f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22320x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2257cf1d34bc49d58%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2259ad4418e036d34%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 001a77c561db4b1a4e031c9b938c294055652536a500f31b41aaec6ca9d3ce1b

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://simcast.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 28 Dec 2021 02:19:51 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
342 B 294ms
96ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
848 B 159ms
131ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 36b621914f8e4360ee2a598f15f0a2c8429042574a864946b26b745da958d042

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
110 B 56ms
14ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 58ms
16ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 89ms
47ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 115ms
73ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 61ms
19ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 114ms
72ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 88ms
47ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 60ms
20ms XHR
text/plain 18.193.58.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.58.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-58-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:51 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
288 B 103ms
57ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0c81e90009&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f982388a3683116e93e767439763a2440c1c1ecb2c5d9ba9f8889d6ef10d72a5

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
69ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a9698e5017c7c7ef8927f0d2e49000c&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: b6abb0f7ec25ab3fa9fb8fdc9f82c73a60fb81f6286dc6d39d735b6451f08af6

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
70ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969958017c7c9d2d8a9e224dbe0036&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: bc457317d8051bbf32261557e413004e0fffd22cfa873d1eaf0f3cc5045d8deb

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
67ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969449017c7c9d384d9e23a1c90033&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6af0ec51966107e98ef76c325737a080fede0c2cfbc2876a02dd5d382a05bcf9

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 107ms
62ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0eea6c000c&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7416b2a04597713c7a348694c6096aaa15e37c4c923268fc4d5758cd8046abf8

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 120ms
76ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0f3c9f000d&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 194515ae6f82835ab02b70c9fbe1eb3ffb59fc83d62c4e9b8fb4075df27d7647

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 104ms
60ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969449017c7c9d384d9e2b7eab0038&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4d353705266a94118b5cc5bc05487420d4a6f6cb800649ec2e0a89adb4a60b91

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 109ms
66ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969958017c7c9d2d8a9e2be84b003e&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 80ebcc293f24faae7c9625d0d1eafde9747e2149891a62326a1e8280bb36c15f

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 104ms
61ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969449017c7c9d384d9e2dd206003b&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 38c3a7aab75223c564750abfd463925d7ea782dba37e56b5610399c4684e8da8

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 116ms
73ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a9698e5017c7c7ef8927f0e2b5a000d&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5aeaa75700fd15079d6d93f1178fdddf62410a6bc04c4493c2fa532dcc9f1c4d

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 101ms
58ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0e8629000b&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 865dc7de8769f7700847492856a9621f7bfd96ccd2fafa9958101a48096c285e

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
68ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969564017c7c7f00a47f0f85bc0008&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9c0b1a4d9ee7fb1485210ce9bb46251593e2454ee063204d01f5d9b1c4842cce

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ Frame 52AC 39 KB
13 KB 73ms
21ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Dec 2021 01:51:09 GMT
Server: Apache
ETag: "764b16-9a4f-5d42b0e2b29be"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2132
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13270
Expires: Tue, 28 Dec 2021 02:55:23 GMT

GET
H/1.1 200
OK data_read.php Show response
embed.sendtonews.com/player4/ Frame 52AC 28 KB
5 KB 465ms
164ms XHR
text/html 50.17.208.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=_R_pKs2J5Qd7HZdG&instance=791876&version=65.21.10&age=211228&ESG_key=eKVKXbhX&type=float&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.208.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-208-58.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 33c2c303b8634b539eb1ca57951a4b42ce87944ae32e9d6fe6cc63c8596ccb27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 4162
Expires: Tue, 28 Dec 2021 02:19:53 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 52AC 375 KB
124 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H3 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 52AC 524 KB
122 KB 45ms
43ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1580954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 123688
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-8304e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnZmSupK4O8%2BhPuqvuiRwxk75CYBhvF3rXAJRP%2B64UoeVMsRmEBgrg5XoTPhgroGwV0XQU1V81YCIW00%2FlR4seUrctWoQHvOPOYO%2FZWW6956BQqVy3hpxKS6eKHAI4wDrsQyJzxjMRdtyLBlKpJIZmKI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c474e60ae83e907-MXP
expires: Sun, 18 Dec 2022 02:19:51 GMT

GET
H3 200 iscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ Frame 52AC 32 KB
8 KB 28ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3486560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7559
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-80dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XST%2F0NEHCm3mzDMZF3V6HssjX%2F2MSNxCAxkmXYanzIv8qB9KYbUqnPZg8t9AQnCuqwh38Ctriic9JHeAYBPKb0nwet0CGB3XfARojOKMUBw6ymLA%2FVrqabnGlihx8N7J%2Bjcrqd3TqsPW516Pi3i2eF%2Fb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c474e60ae84e907-MXP
expires: Sun, 18 Dec 2022 02:19:51 GMT

GET
H2 200 comScore.gt.min.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 52AC 335 KB
59 KB 50ms
13ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 15:42:48 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 23:25:25 GMT
server: AmazonS3
age: 38224
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: rBC36CJI7R3FHAhQuliI-UydPh6XVhjaZpFefCIZkL0VPGBRO0bC5w==

GET
H2 200 prebid.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/ Frame 52AC 230 KB
73 KB 58ms
21ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 15:26:35 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 16:52:33 GMT
server: AmazonS3
age: 39197
etag: W/"0d9ef44ff3701f373f18205e7e1bc16a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: vJ8TYMlE6fY2HvHT_2zI-UWKbrl_makRk34dA-6ibe0MvLmL8hBWOA==

GET
H2 200 css
fonts.googleapis.com/ Frame 52AC 5 KB
1 KB 47ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 00:24:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 02:19:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
H3 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 52AC 39 KB
10 KB 29ms
28ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3557560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9062
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-9c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnI49dDval9ah6ffPXo%2BC4D%2FnYvh%2FpMF%2FWh8MO0aft27lacnlF6DHxAfebDfoVxMMjR2%2BOuKdXUlWI3ec3er5%2FO3xJ8Vi%2BHjoxyywyCswtrzHkTQJxOcg0hqcD51p4RheTjIe%2BlAsRi7%2BUAP1CXL9SDV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c474e60ae86e907-MXP
expires: Sun, 18 Dec 2022 02:19:51 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 52AC 26 B
187 B 306ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=_R_pKs2J5Qd7HZdG&instance=791876&version=65.21.10&age=211228&cmd=PRE_INIT&key=eKVKXbhX&order=1&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&canonical=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 33ms
18ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1014584063&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fwww.capitalone.global%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1697999387&gjid=1414523746&cid=495401102.1640657991&tid=UA-205158314-1&_gid=2703985.1640657991&_r=1&gtm=2ouc10&z=355646472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 37ms
22ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ddbfa3c5afcd5fbccb49cd6e85944b5321ab0db6ad908b87870452ad3715d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8561
x-xss-protection: 0

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ Frame 52AC 2 B
163 B 332ms
119ms XHR
application/json 3.219.152.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.152.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-152-16.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://simcast.com
date: Tue, 28 Dec 2021 02:19:52 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 52AC 44 B
324 B 43ms
16ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 52AC 109 B
539 B 112ms
33ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 681627d6e87f89fc1728ee378349f12e6f29149c0bf062a45f5c41c70093358c

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 27 Jan 2022 02:19:51 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 28 Dec 2021 02:19:51 GMT

GET
BLOB 200
OK cdef5f0f-9a66-461a-b967-80421b2a9e27
https://simcast.com/ Frame 52AC 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/cdef5f0f-9a66-461a-b967-80421b2a9e27
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBC4 13 KB
5 KB 25ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 27 Dec 2021 21:58:18 GMT
expires: Tue, 27 Dec 2022 21:58:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B9E6 783 B
1 KB 43ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd353d3db55134cf07c1a1d86292cfebb2de50407e7f1b2974a40985f154222e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yI/YbckGMWNtSCPjeoEvxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Dec 2021 02:19:52 GMT
date: Tue, 28 Dec 2021 02:19:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-yI/YbckGMWNtSCPjeoEvxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame EBC4 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 11:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 11:58:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B9E6 0
0 43ms
43ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=1059668687705242&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=1059668687705242&bg=!Tk2lTQnNAAZKWFskSlg7ACkAdvg8Ws1qquas0_KzUvlxZPCNyos7Ttb-5BYKN0gowjkKJQwVFMB2pwIAAABaUgAAAAZoAQeZArjwYBEQu-YhVKlqlDKFAnOo7bc8jgx-te4jlo3d_BP_1_E1A0TClxJ4XgoSo4nUIpFiOEXBLeo8j5r2hb_rac2xhhvcDTgbN9HqhCNBzp9Mp6UYDdfTbChLrRoJM2neffirOrzw5ugbQNOjkRChKDlOd3GKSun9ef2PtmvfWRV2QkwDs9gZz86Ak8EytpbXge1yB3zA2X813HgFGCMYTL8gZlIaBr-13ZXTLyx68W9ZYBq8lBLa2fiw-7ZS8P6MheOLFr_H73XJZrONX1f8cCALHUJqZaeRdXgz8vxy-GzFMyAL7WekvZxktu0jXf9QwxEgsoYcvpX5dYzCklBEJO57jDuT9dsqXD5tI-Dp6_oXwkl_4NrEgtGyXYIT3ruzeiC0dwBCOp8MYanI-UvpqWaQQrQLVVnrou9qJKjLzn4DyG6wFOcCutBRT6x-vJ8dqz3OXdBVFZh2ARHNUgR_VcQTLgJwBd2fQMeFSHaN_4jXooNytaHBD0a7rLAbrAFJ5ZKKmBeXku0mjArFG0LEaY6vWu5ovpt_QX9B2nbGSi1yhE4wuQJSy9kX2qQxnJCqnASTxLjlAIGvUopy0vZAKhIRQih8IkSa4nDz7gwWsPeelayU48ptksdRVgJnUuvZ0eCGpMT4eOWeTc3mp9T5NALJhNORaVNKmkg9QflwxWnFUOXXiOb9d2eDTp8ZF8ThSNnlFOU0YmSeS3xHxMiaWBsg1o1mWjgWBr8O2_96IzlpBpWDS9pe0Yj0srtY2k0S5XjLy7xOUzCtsELxR8tWZ6N2Nc7FqBqD72AVkNuMePxtZKKzJQ9opOW-cRo_4m3LNCiC7DXhqNYmYqtDr0aRZSHQOpmC7dkruCBq78bH9YHTpST-WdaQRyiKu3z3WxqSqDGr4qneRnJqmXR0W1SEvaHDjU3ZuRUCBkg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 77ms
22ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://simcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://simcast.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1256
date: Tue, 28 Dec 2021 02:19:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=aKR5g3xPREZ5RlN5c1pncWZOMDZEdlZaa1laN25HK2JEUHdUckdlSUd2U200QnpYenM5aWcyS0VIZi80ZkVOOWZ1ZHl5Q0ZQUVZjMVVSUVFCYmFrbThqQkxadXlpMHdlSURocnRKUkNpSVBaRkswdEhFL3ZuVHFMeWtWST...

355 B
615 B

45ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aKR5g3xPREZ5RlN5c1pncWZOMDZEdlZaa1laN25HK2JEUHdUckdlSUd2U200QnpYenM5aWcyS0VIZi80ZkVOOWZ1ZHl5Q0ZQUVZjMVVSUVFCYmFrbThqQkxadXlpMHdlSURocnRKUkNpSVBaRkswdEhFL3ZuVHFMeWtWSThFaFpHMDhJbG44eEZsMDlRcHVtM1lUOUlSRVYzZ2V0S2tSSmw4S1E2Y211T3Qrc2lhcGorb1Qxb3ptZTIwdmlBd252REJ1d0VyZ1lqcThMcWZDb0VhNCtPZTE1djlRYnZSdE5YRSt0Y1VkeEZZZEpsWVg0PXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

897b2b06d42a625b9c7f4783bd30fe25c400cc03ce67f239d30e244115357b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2292
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:51 GMT
location: https://mug.criteo.com/sid?cpp=aKR5g3xPREZ5RlN5c1pncWZOMDZEdlZaa1laN25HK2JEUHdUckdlSUd2U200QnpYenM5aWcyS0VIZi80ZkVOOWZ1ZHl5Q0ZQUVZjMVVSUVFCYmFrbThqQkxadXlpMHdlSURocnRKUkNpSVBaRkswdEhFL3ZuVHFMeWtWSThFaFpHMDhJbG44eEZsMDlRcHVtM1lUOUlSRVYzZ2V0S2tSSmw4S1E2Y211T3Qrc2lhcGorb1Qxb3ptZTIwdmlBd252REJ1d0VyZ1lqcThMcWZDb0VhNCtPZTE1djlRYnZSdE5YRSt0Y1VkeEZZZEpsWVg0PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1583
content-length: 482
expires: 0

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 213 B
529 B 48ms
10ms XHR
application/json 51.75.146.200
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.200 , France, ASN16276 (OVH, FR),

Reverse DNS

p11.id5-sync.com

Software

Resource Hash

0d6131dbe81f863436de83a176d94fd9a1515fb7698a34303f5a69fbcaed3c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Tue, 28 Dec 2021 02:19:51 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 204
No Content any Show response
idx.liadm.com/idex/prebid/ 0
432 B 408ms
99ms XHR
text/plain 52.86.156.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.156.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-156-15.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Tue, 28 Dec 2021 02:19:51 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 66beabd4df6e5df1
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
333 B 117ms
46ms XHR
application/json 54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a8ec919f21007202c5155233e609013e47d9b195a395e59a12db62e9c903937d

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://simcast.com
cache-control: no-cache
x-server: 10.45.8.116
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 215 KB
38 KB 419ms
419ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1059668687705242&correlator=2342347000826912&output=ldjh&impl=fifs&eid=31063898%2C44752540&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211228&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D200%26wrap_l%3D1100%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D700%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D700%26waae%3D400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&cookie=ID%3D355c87e360314add-22c8ff5c10cd00e6%3AT%3D1640657991%3ART%3D1640657991%3AS%3DALNI_MbKGmQIzLxMvM5qguEygcOaGrTU4A&bc=31&abxe=1&lmt=1640657991&dt=1640657991587&dlt=1640657989979&idt=587&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C791%2C1230%2C0&adys=80%2C948%2C175%2C1373&adks=3739094439%2C2074380467%2C2722687999%2C3722003645&ucis=1%7C2%7C3%7C4&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fwww.capitalone.global%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C417x0%7C339x0%7C1600x1373&msz=1600x0%7C417x0%7C339x0%7C728x0&ga_vid=495401102.1640657991&ga_sid=1640657991&ga_hid=1014584063&ga_fc=true&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

98ea3adfd1d8613d93d72969cb6e00f4f48114884fc77aed1b027ecbce95c408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39330
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://simcast.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0BA8 6 KB
4 KB 89ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 02:19:52 GMT
expires: Wed, 28 Dec 2022 02:19:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 52AC 0
426 B 82ms
29ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:52 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://simcast.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Tue, 28 Dec 2021 02:19:52 GMT

GET 0.js
player.sendtonews.com/bidderFiles/ Frame 52AC 0
0

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame 52AC 0
169 B 98ms
29ms Script
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 6c474e641d333b91-CDG
date: Tue, 28 Dec 2021 02:19:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 52AC 44 KB
44 KB 41ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 525918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 00:14:34 GMT

GET
H2 200 1-56o64r73022o536onp6qp1qpsr869110.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 9ms
5ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-56o64r73022o536onp6qp1qpsr869110.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:24 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:23:04 GMT
server: AmazonS3
age: 64409
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: rk58f21lfbgIA4lPWE_Iup5n7PVyIS_pwBylwXcseQ23Lu5XHvWAAQ==

GET
H2 200 1-0s4r4r7q52rs3qs1n2o8188q942o274p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 11ms
5ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-0s4r4r7q52rs3qs1n2o8188q942o274p.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:24 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:22:04 GMT
server: AmazonS3
age: 64409
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: djBLLKOrlC2Vq6PjzxFJgwD62EU8EZfze9kIZeRZbsWMmh_sBViReQ==

GET
H2 200 1-0073o5r9o992q88sqr3n918n74872492.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 12ms
4ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-0073o5r9o992q88sqr3n918n74872492.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:22:33 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:21:04 GMT
server: AmazonS3
age: 64640
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: ltaG0Y-T29GByCOTDv9n1zux67D5YRyoz4bDyoH7F5y2xgHm6DyIiA==

GET
H2 200 1-006qno69pnrpo1sr5r75prs7soso6s49.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 14ms
7ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-006qno69pnrpo1sr5r75prs7soso6s49.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:20:47 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:20:06 GMT
server: AmazonS3
age: 64746
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: ivvR6dd_M3GTuWLBg0jVtHr3GQWMjYme1cqTIIM4PGpQQsMb_djSyA==

GET
H2 200 1-qo60q0n4q6qrn4664805s1q6or95rr6r.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 15ms
7ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-qo60q0n4q6qrn4664805s1q6or95rr6r.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:24 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:19:03 GMT
server: AmazonS3
age: 64409
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: NxTrUKoQ9TqJ3jVdLPq943wmv9Lgj1ZgjoKi6SsI9SFtIsRrm0YWJA==

GET
H2 200 1-98no0q37p4ops1o6q09qnpo9q8o4r1o5.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 15ms
8ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-98no0q37p4ops1o6q09qnpo9q8o4r1o5.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:18:37 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:18:04 GMT
server: AmazonS3
age: 64876
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: tV0UpxEH3hrH-AoWIZRE-I21PihL-GUsAR51ZRAcFkiPlJXg4bs7Ow==

GET
H2 200 1-pr84p2nr40066qs898sppss2qp941722.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 15ms
8ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-pr84p2nr40066qs898sppss2qp941722.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:18:37 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:17:04 GMT
server: AmazonS3
age: 64876
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: Q-x6yWhaTeehBYhlBwgoWoAqWcRA9bLmcjvP-nHh4wi3kTGP26is2g==

GET
H2 200 1-3r383sq981q9p2r885r2p327644856pr.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 15ms
7ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-3r383sq981q9p2r885r2p327644856pr.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:24 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:16:04 GMT
server: AmazonS3
age: 64409
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: U9vcmbSxrW7pTFmAUTMWQerC7h-RU1_djaFxpENiOaIkbNTLVDWfIA==

GET
H2 200 1-s6p0r50r02q52759n52q7n0035389317.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 15ms
8ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-s6p0r50r02q52759n52q7n0035389317.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:15:09 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:15:04 GMT
server: AmazonS3
age: 65084
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: u9yTR7yJPuOJy1ckMiuNX8FhpmbUzRxkSaWlgKOOn-pO1b_JpxDDJA==

GET
H2 200 1-8n0np04roo98nn43s080p62772344q1r.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 52AC 1002 B
1 KB 14ms
9ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-8n0np04roo98nn43s080p62772344q1r.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:14:33 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:14:04 GMT
server: AmazonS3
age: 65120
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: 69JzwucIw48WJRDQ5BkJivOd9_0Vae-NzQie4WhEs8y6M_mcEKZ1Eg==

GET
DATA 200
OK truncated
/ Frame 52AC 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 52AC 44 KB
44 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 525918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 00:14:34 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9729 598 KB
194 KB 23ms
9ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 22 Dec 2021 00:47:23 GMT
expires: Thu, 22 Dec 2022 00:47:23 GMT
last-modified: Wed, 15 Dec 2021 20:12:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 523949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 52AC 0
253 B 652ms
343ms XHR
text/html 54.204.0.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=0&USR_ID=214791876&ST_usrKey=_R_pKs2J5Qd7HZdG&SM_ID=0&C_ID=12018&C_companyName=Adapex&version=650210100&sC_ID=0&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-0-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:52 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 28 Dec 2021 02:19:53 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 52AC 26 B
186 B 98ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=_R_pKs2J5Qd7HZdG&instance=214791876&version=65.21.10&age=211228&cmd=GET&key=eKVKXbhX&c_id=12018&seq=0&order=2&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&playerCfg=FL&canonical=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 1-56o64r73022o536onp6qp1qpsr869110.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 52AC 14 KB
14 KB 7ms
7ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/1-56o64r73022o536onp6qp1qpsr869110.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33ca5e7810d91b923571ae0a67e59cfd3013d6338a05619b8e64d32c5cdb3cb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:30 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:23:04 GMT
server: AmazonS3
age: 64403
etag: "c527220299d6d6057e581e2191bc093b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 14007
x-amz-cf-id: eFSpHvn4Z8WSubCuTTJ151HYd_fPZcStPOgeZW8aMhYMwEKMKqWKCw==

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 52AC 0
253 B 446ms
143ms XHR
text/html 54.204.0.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=SypMW8fLfa&USR_ID=214791876&ST_usrKey=_R_pKs2J5Qd7HZdG&SM_ID=1697128&C_ID=12018&C_companyName=Adapex&version=650210100&sC_ID=8539&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-0-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:52 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 28 Dec 2021 02:19:53 GMT

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 52AC 44 KB
17 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Dec 2021 02:19:52 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 52AC 26 B
186 B 98ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=_R_pKs2J5Qd7HZdG&instance=214791876&version=65.21.10&age=211228&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&playerCfg=FL&sC_ID=8539&sm_id=1697128&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1067
date: Tue, 28 Dec 2021 02:19:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 52AC 1 KB
1 KB 7ms
7ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 17:47:38 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 47090
etag: "cb93bb50e5d021cc38de445a672c18a2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: Qb4rYRHDkO6Z9E7uww2lOKqR74HQjCR7rssdQkFpmGIPVEp6n-fH5A==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 52AC 322 B
640 B 8ms
7ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 20:35:25 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 47090
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 322
x-amz-cf-id: WKHwmAQVwWnHOAU_ruzyO_wuNVEOqbVJezflz-KanTFFBOXU0K2vEw==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 52AC 832 B
1 KB 8ms
7ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:44:11 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 41742
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 832
x-amz-cf-id: RaY4uS2JXh4MsdmQ7O2qgvkkZLJ37TAuUNMYzQ47vWTRq7mH9QPV7w==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 52AC 773 B
1 KB 8ms
8ms Image
image/png 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 20:35:30 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 20665
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 773
x-amz-cf-id: NAlm53PyMU1eT4s0_ZDHX6ySLN8yefgqzqHqq5W-0bnNDonMCQgNoQ==

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E8DB 37 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 28 Dec 2021 02:38:15 GMT

GET
H3 200 container.html Show response
c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B2D1 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 02:19:52 GMT
expires: Wed, 28 Dec 2022 02:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A071 6 KB
3 KB 19ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 02:19:52 GMT
expires: Wed, 28 Dec 2022 02:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame CAFD 189 KB
55 KB 75ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame CAFD 13 KB
5 KB 90ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame CAFD 89 KB
28 KB 92ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame CAFD 71 KB
16 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 479195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16759
x-xss-protection: 0
server: sffe
date: Wed, 22 Dec 2021 13:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6f5521ec42d8a94a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Dec 2022 13:13:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame CAFD 5 KB
2 KB 95ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame CAFD 40 KB
13 KB 96ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 27 Dec 2021 12:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CAFD 2 KB
415 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 00:26:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 02:19:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 02:19:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CAFD 672 B
359 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

388442a1e51e37650faaa206d776a1ced6816a3f9a41b66dbe7347a4537c13fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 01:23:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 02:19:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 02:19:52 GMT

GET
H3 200 container.html Show response
c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BA2 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 28 Dec 2021 02:19:52 GMT
expires: Wed, 28 Dec 2022 02:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CAFD 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 21876
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 28 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CAFD 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 74178
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 28 Dec 2021 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CAFD 0
0 56ms
55ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLW7qSHTKYfmtDpb03wOglYbQCayStLdnj8yr4YgOg-W03KoJEAEghveGJmCV4pCCoAegAd6n19oDyAEJqQIrzO-tcAGzPuACAKgDAcgDCKoEvAJP0BsFPjBKKVEzimUdnU1tv0915JBzGJ0K0aP_0_axSHc6zlEBsY4CD7kmIl9LZYvdqczsqraYVrvloDo4f9shZPgaLYu1k3-DYDpgdkRanpMwQlhjakqMcji0J5dlX_ZQbgJVF6MKu0JReOWq8Qrv_KCkNy05kU7z7KCWr4HO52SmZX7Wga7lDRauYDofp0FssWO2Pj7ZpbHjHI-YaCP1T7lDRmGkz3wv_jX5ApCerr-OKEf9zs1-U08qjKW-hd4l7OHFqf3h0o9WoGTdyy3tNY1d0Wgsd72XL4F4A8X17Jpftd1awngJLjTMl4Pn8xYBczmvuBm7DT1Tq8kUvprTB34J3bWTX37YmSLKuj-SM6yQU_tV8-CrznLisuoPfVGryJ0DxX5Zl6pPXirANdyCQET5PbU1nt8dKISTwATuhsjyywPgBAGSBQQIBBgBkgUECAUYBKAGLoAHidnWQ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENPgA9IICQiA4YAQEAEYHYAKA8gLAdgTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=XX1uExDNiWc&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 BG.jpg
tpc.googlesyndication.com/sadbundle/846855312199277821/ Frame CAFD 81 KB
81 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/846855312199277821/BG.jpg

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97553183e780fb605d186a4b65084e79c788a29a2069f743a2b4b746e3c7cdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:29:12 GMT
x-content-type-options: nosniff
age: 528640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83126
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 13:41:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Dec 2022 23:29:12 GMT

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/846855312199277821/ Frame CAFD 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/846855312199277821/Logo.png

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61914b6790d245f2c62c18d66737074c58ec0b3fe34405530e68cfb59d582db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 11:19:13 GMT
x-content-type-options: nosniff
age: 572439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2622
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 13:41:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Dec 2022 11:19:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A071 0
0 51ms
51ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLChaSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEmgJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AZIZTPtA7AOyvttGtyg4xbWbJzuvyYhZz-trrFGvt8TnY6DNbDQjgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=LQ1HCDMOCxA&uach_m=[UACH]&cid=CAQSOwCNIrLMQyp0ptc8fGHDKIkXy6QIJYmM4U26JJHtMTdV-9djwiq_BH9eLhCr7V33IBXcmwTAjJEyxPbyGAE
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A071 0
0 52ms
20ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gsh6mzp68tvadg966k1579ddd6gnr532wj39mfx8rp6rhb96pja9r3kw0fnn1j8mnx2fwvvqk8xjfy0z4948tp7bne17h29rbfng19amtxr29gkbf7mpvwk1v7aqxb300h8gpmmt2garkhsszm49m5cbd3wyg4yjnmv7x6kj1rp27kfapxe76wtecmcc0nkyr0g1jfmprzwz9yez4e6bkgqc82n985cwq2zj0zzjss119vn43eee4tps64s159ggs1k1qze1zyv3h3xx5sx5gbxvr2j8nfvz8j275grgph9ms8bqg9bt8vmgfbcw8f7hek280trtp6cd0c2e0g43mq974r199k0sjgd58jpj79gn4f0esvc8dy70zfc8mtt1m4p5ah86r61gs3q6e6z8wh5q3e5y&b=Ycp0SAADlvgKd_oWAAGKoNP1V1xDLOFVM7BLyw
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame AC79 2 KB
1 KB 99ms
41ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gyaggfb7p8b2gfsw4sze4e8m6ehwmka9tmdy5qbxatk2abd1yqsbgvpmx6jpnd7wvyxmhv56ra2n67w20ek2f2ckr69t1mtg0wfzcmjej2k7dd9yz8he46170dbdjj378csjz7vx0kyb9jft2g257x9gcmk97zc22j7jf9gk4bahezr70qh076abb781nbrhx16pvxez78dnsjtzbt94sjkc1srsv22gewv8j3r32vmvsjmn24cfya23eaqvjqze8h615twj2y07h2azmetcgk2br65h90149entertc58y217gq12cgz1qx4jdx05rqnvet3vcp5qcrfzs505fqzzjtbcgrs19smd3s12tj91wmja1g82m2csg0zbkh1aawss1b386bnrp53ewkq4wtsr37zdqk13t8mqjweg3kwdv7sxpn82yt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c9a27930e9a150869b03e8fad5845a762d5402c5abc0eb63678041d00acbd0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c474e66dd1883b2-MXP
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A071 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 01:36:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E8A7 1 KB
749 B 9ms
9ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Dec 2021 05:53:44 GMT
expires: Tue, 28 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73568
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A071 119 KB
37 KB 62ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 02:19:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A071 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 02:11:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A071 0
0 38ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSynLXMrHW44GGnuYJi10PbXQg4Jb2ucHVpG50B7xi1puhKGxpPJsHg_rpvt58eYDESqMxjn2O2qMS4a4ByzBLE3C_jg
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A071 22 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 16:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Dec 2022 16:01:17 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B2D1 0
0 53ms
52ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7jP-SHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEmQJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcPeT0xWyXr3Nz8wraMeHQvIyrgQ8KfeSPR0qyQpZl76cput_Y_wjuAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=-exprtJjhCU&uach_m=[UACH]&cid=CAQSOwCNIrLMQyp0ptc8fGHDKIkXy6QIJYmM4U26JJHtMTdV-9djwiq_BH9eLhCr7V33IBXcmwTAjJEyxPbyGAE
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B2D1 0
0 46ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jfscgxc8edh6htecsnwqbkxrqq3vjq9bmx72c1j8wvphan0w37ggfvskrm2abhkynw0a0evyx6dtsctgyyj3grjbacd53x88rnxv3srzm7xjwhr3ry96gqwf5vbbpxvhvxgjd4d25mrxq6kdbm1g26c8eem4ymdjtg31tdhvnym4jnjk4e252e9bsvx69sqnfdvxjys2r4k2rss4n4qt0v2farcs8nebh5148137rarr05s1ckas3fsb9bf94jav0j980vf6s6vt1jv15a4w2f4fq1x6mzdnym7remsp6rmc62khwgbc1dcjydr3axpj52jm70n0entgpfa5mtedanszqyz5ek3f83jar8a11ddebtr4k9e6zbxq4y3tk9k02pwmdc4kzfwkeewfe9m1d2svq7a0&b=Ycp0SAADlvcKd_oWAAGKoDgg6RSxD8RCUJMvqQ
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 242E 2 KB
1 KB 93ms
40ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hnatg5cpt366hpmkr2s9dkzvfms660vrh9hvy4723pg9nj5jzt73hxfqej5phd42v4v2bbskv555rnj2wsec7277tp72shhx89d0sn73vfyehmjssvqx8mz2whqmtbhpts2vrkhjdek8zg0p0h3f49y207r1gq1s4n40knk2kdpstxc7xv10x0xvdege5sz1amygsvz5dq4xgbjfdfft1gpna39y2kvzn5at94544atths1vka10ja91wpex6x7eq8zsgsy1j462x7kbcz4hsft95jf5szqbhjbhr8va9sp6hpbzs9110231qbkz8hy9hrhnyerg810fh01yzkfc0g678kvqnv0ta97a6fq3ay92nernv6ahf9n8296ntggv09f2sbrhx0drp9scqpew2fnt0h0t7zrrygjy2kbp7rh998hq8r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2597e9cf04c8bc286e00236a19798b6ecc7eeef4f0c9076a90b425e920205ac1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c474e66dd1983b2-MXP
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B2D1 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 01:36:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6AF5 1 KB
749 B 18ms
10ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Dec 2021 05:53:44 GMT
expires: Tue, 28 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73568
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2D1 119 KB
37 KB 67ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 02:19:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B2D1 15 KB
6 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 02:11:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B2D1 22 KB
7 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 16:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Dec 2022 16:01:17 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2BA2 0
0 55ms
49ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeyIxSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEpgJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihinrkMKdWx8t18bSnR7NouXEm66-uDpvS8ZP-Qa2GH2aDexn5EPjgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=lr2kEIy2KQI&uach_m=[UACH]&cid=CAQSOwCNIrLMQyp0ptc8fGHDKIkXy6QIJYmM4U26JJHtMTdV-9djwiq_BH9eLhCr7V33IBXcmwTAjJEyxPbyGAE
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2BA2 0
0 34ms
18ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h8kd1kwqpaatdjp2ajz9v1jjkf39pdgeas9fc0t51s6hxms91z4e93xp8s3es3czcfv9anqzpn4sfmdek8z9attptsmyqvec1wx4bgdbsjsprk87687qht18j5j8gft3t27fn2q444af171xcsdz2htg85jcrw5v35msexsqrterhkmkg0qwsegmdcanqzg3yjrxaw3fe4y2yeszm9z2m3z69pf1gr7skysj9kv4kr7yr84008m0jw6g2msxen7py71mctenaya6y7n7638v5vtk89zadms5cd5m6jn22dqqhg8svrmhb01bcq9r40h5n5dw3ydaqwzdmqcf0g565kjynhrmt461xaxzkjdwmxkn6mhw8hpcnpm7tys9nt8jeg3ms684swzpffcedw7jyjhme7w2&b=Ycp0SAADlvoKd_oWAAGKoBLIa55NExmDqwoHzw
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4E1D 2 KB
3 KB 83ms
39ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gqqbcer56fj220a9kbjdwdza74eq101kmvjyz04xawzw9ny2b8kh7886qn7s400ya06j7cz4wn77f0zn0hd324nbmaa11tjcdfbpvwwqah6bm49663v83rb64960wmek6krzxj41sbs9hdks33xnz1cjez69vcnj9wnkhjnb5x7apx52gqc04aw4vhgapf50akt4qdzc20jqfgc5vaxxz3e31w6zzv2n22fd2j6ckpr87g9323qvwrcza0sskcjkq88kca9rsm6d0n03n8tw949nv79z8e8spz1w4ngb024fmm6mnypmb006myan502ck9mv6861gefdv7abkm9gyxzxvfks86av11zbja9aww6qpkw6h352kae06eg8ytdpsn82q6tdy4ntchj5hr70jjn5yk0znygbz5ef7kymby46rrypktg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46176808ed0135dd157d62d8378ae32f3df49792291405722834feeaec4275f7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c474e66dd1a83b2-MXP
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2BA2 2 KB
1 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 01:36:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 191D 1 KB
749 B 19ms
11ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Dec 2021 05:53:44 GMT
expires: Tue, 28 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73568
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BA2 119 KB
37 KB 62ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 02:19:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2BA2 15 KB
6 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 02:11:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2BA2 0
0 21ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGg0KV3I0imQWGY_CVb47r7c7_ORVMzqq7lR7rki6jwNBmBOeA4jGjIq41uK8E6iunWicvXI--Rsm5ilDhbBo3f8UgiA
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2BA2 22 KB
7 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 16:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Dec 2022 16:01:17 GMT

GET
DATA 200
OK truncated
/ Frame CAFD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d82215b693575a968d12e95965908dd191fee185e27c6873f21d6390af5b32ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET /
google2waycm.netmng.com/cm/ Frame E8A7 0
0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E8A7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg&...

43 B
421 B

183ms
174ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c474e68898cc295-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c474e6738f9c295-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKjBCgIJdivb5XoxtMa1pwZWCpjuT9ab71RTQeBQug4KRJyjv-_F2GzZguQqhw-LfAi18i8AKffDCeFuo2HSLW75Uz1zg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8A7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPk6Rr_ME9oCJJeD4NooZ3M&google_push=AYg5qPLNiDwa6S0lNX0u4h_1FEvQz7M8lVt-dUHJUB9BvXXb-AB_0VoqN4...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPk6Rr_ME9oCJJeD4NooZ3M&google_push=AYg5qPLNiDwa6S0lNX0u4h_1FEvQz7M8lVt-dUHJUB9BvXXb-AB_0VoqN4QuXNQgCRNPC_NnqKAQwiB3lAZ5yp_pRHbNmRyrPXY

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1640657993.847412,VS0,VE93
x-served-by: cache-hhn4051-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPk6Rr_ME9oCJJeD4NooZ3M&google_push=AYg5qPLNiDwa6S0lNX0u4h_1FEvQz7M8lVt-dUHJUB9BvXXb-AB_0VoqN4QuXNQgCRNPC_NnqKAQwiB3lAZ5yp_pRHbNmRyrPXY
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E8A7 70 B
264 B 33ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGFtPnYt7QkMFEj2FmRqJi4&google_cver=1&google_push=AYg5qPIPXmkHi9yvW4U6DTMOaqmDFBaQOVg0Xdhg-9_hoiX-AEUNYTD3YENnaCvoH8P8u4ziA1FUWJMmFiRWTtYwUrNJbnHoNw
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8A7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGAVIZz_DiOj_hid7PSq_XY&google_cver=1&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGAVIZz_DiOj_hid7PSq_XY&google_cver=1&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOh...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ&google_hm=W0wnQ4tzRqS3skaV_BIfFA==

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ&google_hm=W0wnQ4tzRqS3skaV_BIfFA==

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ&google_hm=W0wnQ4tzRqS3skaV_BIfFA==
Date: Tue, 28 Dec 2021 02:19:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E8A7 0
75 B 434ms
122ms Image
text/plain 199.187.193.182
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMOIh8g3m4QbVe0ndAh_yfQ&google_cver=1&google_push=AYg5qPILErwBEkH8Nnjvprua3GS0cmhqcBlvQXSzrseelyFrb33gcIUQcVSyM-vIKqBqTJGrqrsU6bE2UgK-ycoL2woMhY2KSHQ
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8A7
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPz...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPIsFa29tzYDsEhxh97XAqJNVST9n99vtZbTWexTqVrbVIxp9k2U7wnwNGBTPzZT54a_eyAhd7b_5_5CmS13BLO1rBaVv9w
date: Tue, 28 Dec 2021 02:19:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E8A7 0
232 B 52ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4VgomNVoLTFCGKxWdzn-Dc_mZwg2lahfzD9qWnyM-jR14yXdvxsn0T4alyNFXxNfeXlg_Vg

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET /
google2waycm.netmng.com/cm/ Frame 6AF5 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6AF5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJNQlvf4NrmsyTNmTMxXwcI&google_cver=1&google_push=AYg5qPIMH0ZnJc-cHBxwrnpuZzs7QPbsAmWuBs0fxw8nXNzvkkZv9POv7b_LHiQUfS-ikdsGCUfQoGgFDCTNVp-0DfLhA4MO5LJw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAyNTgzNjk4NDc4NDg1NzIxNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJNQlvf4NrmsyTNmTMxXwcI&google_cver=1

43 B
407 B

30ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJNQlvf4NrmsyTNmTMxXwcI&google_cver=1
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJNQlvf4NrmsyTNmTMxXwcI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AF5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOy13QVgUvhmwZgfmlgBbYo&google_cver=1&google_push=AYg5qPLLnK4a01FIuavb1eopJAefj5A7njj6ejCOlN_AwWDFlv9QJKwpDt4zqy-oGfw2PjCJhpCleWkuJ0XP1r...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjU3MjQxOTU3MjQ5NjUyNg%3D%3D&google_push=AYg5qPLLnK4a01FIuavb1eopJAefj5A7njj6ejCOlN_AwWDFlv9QJKwpDt4zqy-oGfw2PjCJhpCleWkuJ0XP1r7a2Y...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjU3MjQxOTU3MjQ5NjUyNg%3D%3D&google_push=AYg5qPLLnK4a01FIuavb1eopJAefj5A7njj6ejCOlN_AwWDFlv9QJKwpDt4zqy-oGfw2PjCJhpCleWkuJ0XP1r7a2YghPQwdlaQ

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0NjU3MjQxOTU3MjQ5NjUyNg%3D%3D&google_push=AYg5qPLLnK4a01FIuavb1eopJAefj5A7njj6ejCOlN_AwWDFlv9QJKwpDt4zqy-oGfw2PjCJhpCleWkuJ0XP1r7a2YghPQwdlaQ
Date: Tue, 28 Dec 2021 02:19:52 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AF5
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKuH0h0JGDzK78L2Sr7I4Dg&google_cver=1&google_push=AYg5qPJFhxFqaGrsd313JnRYqdm_rvBW3yLaWgCjqMHxCRIPN-stHZ8_GRXpWsOKS9mTTGqM423...
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEKuH0h0JGDzK78L2Sr7I4Dg&google_cver=1&google_push=AYg5qPJFhxFqaGrsd313JnRYqdm_rvBW3yLaWgCjqMHxCRIPN-stHZ8_GRXpWsOKS9mTTGqM423...
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=vzpVdyPtRXWaQK0TUbXc3w&gdpr=1&gdpr_consent=

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=vzpVdyPtRXWaQK0TUbXc3w&gdpr=1&gdpr_consent=

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: Apache-Coyote/1.1
location: https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=vzpVdyPtRXWaQK0TUbXc3w&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AF5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHjTEXBRrqRMeZUreLuGSSI&google_cver=1&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KWIW...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHjTEXBRrqRMeZUreLuGSSI&google_cver=1&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4ODgxNDUzNjA5NTQ5NjUxMg&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KW...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4ODgxNDUzNjA5NTQ5NjUxMg&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KWIWRZrPdAvbcBxRn64VbcHS

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4ODgxNDUzNjA5NTQ5NjUxMg&google_push=AYg5qPLIVoRMAy-hblX9aZTASR2JkDPvEDQ6jlqOmy2soigzwAkd265ZXdsCxg5KJWROzk5jDPF6KWIWRZrPdAvbcBxRn64VbcHS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AF5
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENlcbwDnwLuXijM04XWIg78&google_cver=1&google_push=AYg5qPLejNNA7fGAprSYXejfx4V_i6YtwOWAYdeQfPL7Z5DXxm3p-54d0wU_baJQHOVB_QAVO_lJ2iHw6THrlcZu...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLejNNA7fGAprSYXejfx4V_i6YtwOWAYdeQfPL7Z5DXxm3p-54d0wU_baJQHOVB_QAVO_lJ2iHw6THrlcZuWzc1FWyIE78

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLejNNA7fGAprSYXejfx4V_i6YtwOWAYdeQfPL7Z5DXxm3p-54d0wU_baJQHOVB_QAVO_lJ2iHw6THrlcZuWzc1FWyIE78

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLejNNA7fGAprSYXejfx4V_i6YtwOWAYdeQfPL7Z5DXxm3p-54d0wU_baJQHOVB_QAVO_lJ2iHw6THrlcZuWzc1FWyIE78
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: tp3TVuzxBj3eKZL8DzktgU1sSgRL_X4Pgu36vDg2QtARIZPhqQCf6g==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AF5
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKM0hx1F3qg3jLh-Blw2Hgs&google_cver=1&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTY5ODc3MTc5MDQxMDg4NDA0MA%3D%3D&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTY5ODc3MTc5MDQxMDg4NDA0MA%3D%3D&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTY5ODc3MTc5MDQxMDg4NDA0MA%3D%3D&google_push=AYg5qPJgp9j5YyuHIQIhoDAEl2ViVg6K0sW6aUlt5510WG3j-IgAoCaxd208e_AOwcKJGj0fCTLIABuVKT8hgsDKdPnurIUeqg03
date: Tue, 28 Dec 2021 02:19:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6AF5 0
12 B 31ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KeSROVPvntth_1eYYM_AzaCFIixaS3S3ajsPwJqkL3temHen4wM9e3sC49nXVrapwdQ7aL

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 191D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGlFVFhWRG0xTjIyNUc1&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cver=1&google_push=AYg5qPIStAuxCbp6YUSd2IHYrjWRWSfwvrdL6w9T38LcUOH...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGlFVFhWRG0xTjIyNUc1&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cver=1&google_push=AYg5qPIStAuxCbp6YUSd2IHYrjWRWSfwvrdL6w9T38LcUOH78IZN2kkRNJXu_y75qUOd7WTS84VIW8rOMNad0Qn7QZoSW0SS4FWK

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:52 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGlFVFhWRG0xTjIyNUc1&google_gid=CAESELOt1TcgxJF-TyB4kTZkuxg&google_cver=1&google_push=AYg5qPIStAuxCbp6YUSd2IHYrjWRWSfwvrdL6w9T38LcUOH78IZN2kkRNJXu_y75qUOd7WTS84VIW8rOMNad0Qn7QZoSW0SS4FWK
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 191D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNb...

43 B
390 B

757ms
756ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c474e6909cac295-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 662
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c474e67e94bc295-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMxrRYkNcp7gtSSRRBOYkt0&google_cver=1&google_push=AYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIVe5dBwH6BOHSxxD1w9RA8fkKkgpbQfPdwgKGA5jQA-Gt-xsdwweP-ff2nHd24pMzrq51dGFX2LEMmQOC1nZQss22TDNbi%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 191D 70 B
264 B 112ms
110ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGFtPnYt7QkMFEj2FmRqJi4&google_cver=1&google_push=AYg5qPIYmPwRt_fEaisFptc9hGHX_P7yCPrb8M6iHUfRWdhoBxK6Fcg_cKlaHG39gIbXkGvblYCjqHKiExQKNeAOqevqG7R10Niq
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 191D 43 B
351 B 40ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFP3bBG6ai_rvM9A3Gg1c8k&google_cver=1&google_push=AYg5qPIhGxXoxef50-fu1q_w-ZA8qQrqmlOTKM7Fneh_AqneytzepijXDepxtkkx-7H-kypi9GCO8593FD6AjL07FlYPmXDbTImv
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: q7estokpfe60vjpusagjpgo3d3fmrrqk

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 191D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsdV4VizTSW55eSqtUt0AA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsdV4VizTSW55eSqtUt0AA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKX6jVSkaMeswIjMBCflcL35IlzAhns6Znyovp-0ftu83u4WJyYzctp4o9SsSFm-iVzP3xApp9WAfEgMfj7iko3dQgKpAm1

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsdV4VizTSW55eSqtUt0AA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKX6jVSkaMeswIjMBCflcL35IlzAhns6Znyovp-0ftu83u4WJyYzctp4o9SsSFm-iVzP3xApp9WAfEgMfj7iko3dQgKpAm1
date: Tue, 28 Dec 2021 02:19:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 191D 0
75 B 370ms
122ms Image
text/plain 199.187.193.182
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMOIh8g3m4QbVe0ndAh_yfQ&google_cver=1&google_push=AYg5qPKH-MAX_Cs_WVQ5Zli7u-paEk81O3lZaXRXLpYH3pF3dpfHn0oyKCVQ12zxqjlu1oQPLGT0e5sHdHDMnXeKHtPAY5Uxgt1q
Requested by: Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 191D
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELHLKTB_5bUG8pcniSSA1-c&google_cver=1&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKz...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKzJ24b8_vUpJu37fhPcZwnVPAizg8XuxIrCy

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNDIwODAzZS02Nzg0LTExZWMtOTVjZC0wMjk5MzA3YzBiNjY%3D&google_push=AYg5qPKQbZ50E88rUneXo2Db9ny76xjoZEiPgN0t-E0I551sIemmb2k8zw96BGQOKzJ24b8_vUpJu37fhPcZwnVPAizg8XuxIrCy
date: Tue, 28 Dec 2021 02:19:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 191D 0
12 B 15ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcpFEbI1ZH1J0sLZuRrAWg16C32fPXI1kyyicbd5pdMk8Ov5VdTus_6aF6fRqAe-UvsVRJEg

Requested by

Host: c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
URL: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A071 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f14ada669dc72f778cac73cd2fca7bbfa5c13fb69e52072afafc38066bdd0c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 4E1D 81 KB
11 KB 53ms
33ms Stylesheet
text/css 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqqbcer56fj220a9kbjdwdza74eq101kmvjyz04xawzw9ny2b8kh7886qn7s400ya06j7cz4wn77f0zn0hd324nbmaa11tjcdfbpvwwqah6bm49663v83rb64960wmek6krzxj41sbs9hdks33xnz1cjez69vcnj9wnkhjnb5x7apx52gqc04aw4vhgapf50akt4qdzc20jqfgc5vaxxz3e31w6zzv2n22fd2j6ckpr87g9323qvwrcza0sskcjkq88kca9rsm6d0n03n8tw949nv79z8e8spz1w4ngb024fmm6mnypmb006myan502ck9mv6861gefdv7abkm9gyxzxvfks86av11zbja9aww6qpkw6h352kae06eg8ytdpsn82q6tdy4ntchj5hr70jjn5yk0znygbz5ef7kymby46rrypktg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gqqbcer56fj220a9kbjdwdza74eq101kmvjyz04xawzw9ny2b8kh7886qn7s400ya06j7cz4wn77f0zn0hd324nbmaa11tjcdfbpvwwqah6bm49663v83rb64960wmek6krzxj41sbs9hdks33xnz1cjez69vcnj9wnkhjnb5x7apx52gqc04aw4vhgapf50akt4qdzc20jqfgc5vaxxz3e31w6zzv2n22fd2j6ckpr87g9323qvwrcza0sskcjkq88kca9rsm6d0n03n8tw949nv79z8e8spz1w4ngb024fmm6mnypmb006myan502ck9mv6861gefdv7abkm9gyxzxvfks86av11zbja9aww6qpkw6h352kae06eg8ytdpsn82q6tdy4ntchj5hr70jjn5yk0znygbz5ef7kymby46rrypktg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1072489
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c474e682eda59bf-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4E1D 36 KB
13 KB 38ms
28ms Script
application/javascript 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqqbcer56fj220a9kbjdwdza74eq101kmvjyz04xawzw9ny2b8kh7886qn7s400ya06j7cz4wn77f0zn0hd324nbmaa11tjcdfbpvwwqah6bm49663v83rb64960wmek6krzxj41sbs9hdks33xnz1cjez69vcnj9wnkhjnb5x7apx52gqc04aw4vhgapf50akt4qdzc20jqfgc5vaxxz3e31w6zzv2n22fd2j6ckpr87g9323qvwrcza0sskcjkq88kca9rsm6d0n03n8tw949nv79z8e8spz1w4ngb024fmm6mnypmb006myan502ck9mv6861gefdv7abkm9gyxzxvfks86av11zbja9aww6qpkw6h352kae06eg8ytdpsn82q6tdy4ntchj5hr70jjn5yk0znygbz5ef7kymby46rrypktg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41041
x-guploader-uploadid: ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOHVsLsyomYn3JJxDzPiTG%2BfQskHZJojpvp4ro2J9iys%2BAqrfrHMVKo7uTNMelWWHKV8tpnwZ%2BJsl8G7qUZ6Vxz%2FD3Kxo5EEfMfK4v0JNfYp0OPeWUNDeRD2XwkABt2atO6Ow7M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c474e682e4183b2-MXP
expires: Mon, 27 Dec 2021 14:55:51 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 242E 81 KB
11 KB 45ms
26ms Stylesheet
text/css 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hnatg5cpt366hpmkr2s9dkzvfms660vrh9hvy4723pg9nj5jzt73hxfqej5phd42v4v2bbskv555rnj2wsec7277tp72shhx89d0sn73vfyehmjssvqx8mz2whqmtbhpts2vrkhjdek8zg0p0h3f49y207r1gq1s4n40knk2kdpstxc7xv10x0xvdege5sz1amygsvz5dq4xgbjfdfft1gpna39y2kvzn5at94544atths1vka10ja91wpex6x7eq8zsgsy1j462x7kbcz4hsft95jf5szqbhjbhr8va9sp6hpbzs9110231qbkz8hy9hrhnyerg810fh01yzkfc0g678kvqnv0ta97a6fq3ay92nernv6ahf9n8296ntggv09f2sbrhx0drp9scqpew2fnt0h0t7zrrygjy2kbp7rh998hq8r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hnatg5cpt366hpmkr2s9dkzvfms660vrh9hvy4723pg9nj5jzt73hxfqej5phd42v4v2bbskv555rnj2wsec7277tp72shhx89d0sn73vfyehmjssvqx8mz2whqmtbhpts2vrkhjdek8zg0p0h3f49y207r1gq1s4n40knk2kdpstxc7xv10x0xvdege5sz1amygsvz5dq4xgbjfdfft1gpna39y2kvzn5at94544atths1vka10ja91wpex6x7eq8zsgsy1j462x7kbcz4hsft95jf5szqbhjbhr8va9sp6hpbzs9110231qbkz8hy9hrhnyerg810fh01yzkfc0g678kvqnv0ta97a6fq3ay92nernv6ahf9n8296ntggv09f2sbrhx0drp9scqpew2fnt0h0t7zrrygjy2kbp7rh998hq8r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1072489
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c474e682edb59bf-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 242E 36 KB
12 KB 43ms
34ms Script
application/javascript 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hnatg5cpt366hpmkr2s9dkzvfms660vrh9hvy4723pg9nj5jzt73hxfqej5phd42v4v2bbskv555rnj2wsec7277tp72shhx89d0sn73vfyehmjssvqx8mz2whqmtbhpts2vrkhjdek8zg0p0h3f49y207r1gq1s4n40knk2kdpstxc7xv10x0xvdege5sz1amygsvz5dq4xgbjfdfft1gpna39y2kvzn5at94544atths1vka10ja91wpex6x7eq8zsgsy1j462x7kbcz4hsft95jf5szqbhjbhr8va9sp6hpbzs9110231qbkz8hy9hrhnyerg810fh01yzkfc0g678kvqnv0ta97a6fq3ay92nernv6ahf9n8296ntggv09f2sbrhx0drp9scqpew2fnt0h0t7zrrygjy2kbp7rh998hq8r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41041
x-guploader-uploadid: ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsoBq7L6rQhvMkliajda1o3%2FxwruQEUjfOTsUSJLqbQTPjiU%2BEtRasQKuP7mmYj5xc2lhBUYlcY0YcmQGkqIf3YwAXlRCCAn4IFb7HAfgPNQZCd9ktA1OPgETGZEXciXJgt3H40%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c474e682e4583b2-MXP
expires: Mon, 27 Dec 2021 14:55:51 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AC79 81 KB
11 KB 62ms
43ms Stylesheet
text/css 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gyaggfb7p8b2gfsw4sze4e8m6ehwmka9tmdy5qbxatk2abd1yqsbgvpmx6jpnd7wvyxmhv56ra2n67w20ek2f2ckr69t1mtg0wfzcmjej2k7dd9yz8he46170dbdjj378csjz7vx0kyb9jft2g257x9gcmk97zc22j7jf9gk4bahezr70qh076abb781nbrhx16pvxez78dnsjtzbt94sjkc1srsv22gewv8j3r32vmvsjmn24cfya23eaqvjqze8h615twj2y07h2azmetcgk2br65h90149entertc58y217gq12cgz1qx4jdx05rqnvet3vcp5qcrfzs505fqzzjtbcgrs19smd3s12tj91wmja1g82m2csg0zbkh1aawss1b386bnrp53ewkq4wtsr37zdqk13t8mqjweg3kwdv7sxpn82yt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gyaggfb7p8b2gfsw4sze4e8m6ehwmka9tmdy5qbxatk2abd1yqsbgvpmx6jpnd7wvyxmhv56ra2n67w20ek2f2ckr69t1mtg0wfzcmjej2k7dd9yz8he46170dbdjj378csjz7vx0kyb9jft2g257x9gcmk97zc22j7jf9gk4bahezr70qh076abb781nbrhx16pvxez78dnsjtzbt94sjkc1srsv22gewv8j3r32vmvsjmn24cfya23eaqvjqze8h615twj2y07h2azmetcgk2br65h90149entertc58y217gq12cgz1qx4jdx05rqnvet3vcp5qcrfzs505fqzzjtbcgrs19smd3s12tj91wmja1g82m2csg0zbkh1aawss1b386bnrp53ewkq4wtsr37zdqk13t8mqjweg3kwdv7sxpn82yt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1072489
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c474e682edd59bf-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame AC79 36 KB
12 KB 37ms
29ms Script
application/javascript 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gyaggfb7p8b2gfsw4sze4e8m6ehwmka9tmdy5qbxatk2abd1yqsbgvpmx6jpnd7wvyxmhv56ra2n67w20ek2f2ckr69t1mtg0wfzcmjej2k7dd9yz8he46170dbdjj378csjz7vx0kyb9jft2g257x9gcmk97zc22j7jf9gk4bahezr70qh076abb781nbrhx16pvxez78dnsjtzbt94sjkc1srsv22gewv8j3r32vmvsjmn24cfya23eaqvjqze8h615twj2y07h2azmetcgk2br65h90149entertc58y217gq12cgz1qx4jdx05rqnvet3vcp5qcrfzs505fqzzjtbcgrs19smd3s12tj91wmja1g82m2csg0zbkh1aawss1b386bnrp53ewkq4wtsr37zdqk13t8mqjweg3kwdv7sxpn82yt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 28 Dec 2021 02:19:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41041
x-guploader-uploadid: ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeRUTDPuNkY7jVFIxRzVbA1r4DtVV8OdA6xo6YOaccTBafIncqH6kQKFtWqHj5y8CgMMEvclhcVeq32Afh9JQWHTx8befBNOU%2BRDnr%2FFx1NV%2BSvRFdFqQsVa9zUs2VdbOVIDqh0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c474e682e4483b2-MXP
expires: Mon, 27 Dec 2021 14:55:51 GMT

GET
DATA 200
OK truncated
/ Frame 2BA2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 394b4425f8b644792287489f26ed05fd556495517be6621f0ab6bdd2cea9d91f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B2D1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19ec6802c6875e4b8973807522c814147fa088fe6b1181c6c734c41e238d675c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 242E 3 KB
3 KB 73ms
33ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9158398
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2Wvg5u05vD7%2Foae7GRqevNp2zF8pLAR6Fx8S9h9OWj71fuKuuJZSwO%2BiuEM47KiIFGAVwZedbRSsJPt9OC%2F1aKE0wT%2FLIpISi76E8hGwvs%2F8CC7g%2BkqGcMfI9eb1z3S9l6EDz1ISrb92j4XPQG6usxM"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6c474e68bc514ed4-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame C845 2 KB
2 KB 25ms
25ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Tue, 28 Dec 2021 03:19:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2160808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlcsAf%2FWDDk2iDldwqvnPCFdPxGx0so3Qug8igIPiZx%2BUCrMqH91a07sTJamyViw%2BK4RxVWjg8Nz54GygD2OlIE%2FvFsMBKPZGieITyP5NUj0jRbdscc9wGw9k9i76FpT7SQnLUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c474e688f2059bf-MXP
content-encoding: br

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4E1D 3 KB
4 KB 52ms
32ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9158398
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRq94iYudEg7hudiabWmYzOQfwXpYzS1z9lad%2FxfYQ3SU3ZL%2FSJsvQzKWLIIbY3yFRE4ks07M07mW%2FNRHzklbEJ%2FqKVm6SlyVn2fmUbh8avigGm0JIBO45o1lme08n63TO47I2h6tEVayK0gYd2f%2FmNt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6c474e68bc544ed4-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AC79 3 KB
3 KB 55ms
37ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9158398
x-guploader-uploadid: ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arkBllNTVzX9m67g91nWb6%2BBeE2bUACgaBA%2BMAkpBTwvQDqKrW04oSQ9fNaksmt7WxAxQkeQGlEkMuIcsVOC9au6%2BWntqUPb%2FDilAFSkmEHe9b3lvvD19xnu166QPkumhHZ28zAdzO0D%2BKPXqxICBDBa"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6c474e68bc534ed4-FRA
expires: Tue, 13 Sep 2022 02:19:55 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame CECD 2 KB
2 KB 24ms
23ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Tue, 28 Dec 2021 03:19:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2160808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZU%2F%2F1%2F8Cfykhk3ySfwP2m2ob61KALkMvuSE5dVd4U6%2BblreDAz7EFh153RAc3P9WqzKOU9VU1tNnSpxZzspTXzhbAWA1dHuS7mpiZ0tJptDTHE1OEY9chkxnRV0UNMvhGP%2Fa3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c474e68af3f59bf-MXP
content-encoding: br

GET
H3 200 frame.html Show response
ad4m.at/ Frame AEAF 2 KB
2 KB 26ms
26ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Tue, 28 Dec 2021 03:19:53 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2160808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fnNwbsi6uxxhygIbWuDDvQZLx3HqQPsswws%2B7CoOAX4pux6A8v5Oz4BC6U%2FhFGZwCI9JjXq492EnAw6%2BmbjvjLV9rLGZj8A5xPyOk1hUoMdXHlZ6nEfcW%2F5Z%2BSCkp4bdntGPdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c474e68af4059bf-MXP
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 242E 2 KB
2 KB 47ms
47ms XHR
text/plain 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64153e217f4c9fab8fd867187cc5b93b11c39dd165cf8356ddd222dec7d47251

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c474e698c615a25-MXP
date: Tue, 28 Dec 2021 02:19:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8tmh3oCQl%2BTWO5a8CveHCJJp29umift3HvMjdQL015%2FA6TJs3%2FKMrj%2BpxJ%2BVLSo4M5ZJSwsaeHPC6Yu0WyfNmRflPaH2QMfSyuA040Dvm8cQ2jDdx%2Br4LWlHcpWei81X3XPF7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-jrpn

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 66ms
44ms Preflight
text/plain 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-jrpn
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIoLLCADYQC8RdYgxwCmvVFtqrEXCy6Ag7MNO0tsBPuM%2F%2FubtdlCN6uvTaujyeuZjtAZiZ43HTrwyDUWzBi%2BISx9uCYOxrk6jCWmjSz3uDwyE3sf6jWTiuQ9Ay5S4pZ2HIQHsDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c474e694c255a25-MXP

POST
H3 200 rs Show response
ad4m.at/ Frame 4E1D 2 KB
2 KB 49ms
48ms XHR
text/plain 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48da9526d10bd52082028ada857831ac7186a0e1555b640e70eafd9f8642890

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c474e698c625a25-MXP
date: Tue, 28 Dec 2021 02:19:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADaYGMOG3qhMBVZGU28yJCweOLhqeZPQc%2BPFQjhralllT5c8Nx4SMelb5VdeWUCP46q33HuavaA8%2BfIX5TpzpZ7HdxdAHRL0diK5SmaeLwDe1mXf%2B%2FNEO0mcsMqI3mgP12574vY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-jrpn

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 62ms
45ms Preflight
text/plain 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-jrpn
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw3dOyggPTovrQZn1WSqCo1u34EcfBXxjpaw24MP8CbTehx4jU8WwttSuLIIFqq%2BV2UBZChLrMN2TkkEiibe3e4j0naLNPCNaiBJfAnsx%2F5nfsDBB4raLgupHty%2BMCSWJXJmC54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c474e694c265a25-MXP

POST
H3 200 rs Show response
ad4m.at/ Frame AC79 2 KB
2 KB 46ms
46ms XHR
text/plain 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575ad3394867ec8e643ee38e1451217c957a72ddad8e2ac2765bfffbac565f8d

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c474e699c645a25-MXP
date: Tue, 28 Dec 2021 02:19:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IDnm0IzsC7Q68RQGIF1kmUJ45a8FXVkhCuAFdVdWzoj2ksGVJ2l9LOhCtbVVN5%2BJDnp1To0HQorbJj6u%2Bof%2BdLATLjoyvLprYgFiFHjbi6Hr%2BTyyR%2BvBdyhk4RrCkQn9g8TCb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-jrpn

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 65ms
48ms Preflight
text/plain 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-jrpn
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7yvSijd8OjI0wuqYibE3bjJQVfIoabW6xS3Q5lkKjqfy8kJUazUfETrTDXdzvEbZT8M4Jm4yJh%2Ffojf6M%2FQhe6du1krodAXSpok4RBkaOQ%2Fb3DpCcTNmqVDMclXpsChh8aDKq0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c474e694c275a25-MXP

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AED5 6 KB
4 KB 41ms
41ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d6855d0e1848d759a8aded2ff87d13ce8f38a4ad8c88fafc7aae8ea1f7e1324

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hnatg5cpt366hpmkr2s9dkzvfms660vrh9hvy4723pg9nj5jzt73hxfqej5phd42v4v2bbskv555rnj2wsec7277tp72shhx89d0sn73vfyehmjssvqx8mz2whqmtbhpts2vrkhjdek8zg0p0h3f49y207r1gq1s4n40knk2kdpstxc7xv10x0xvdege5sz1amygsvz5dq4xgbjfdfft1gpna39y2kvzn5at94544atths1vka10ja91wpex6x7eq8zsgsy1j462x7kbcz4hsft95jf5szqbhjbhr8va9sp6hpbzs9110231qbkz8hy9hrhnyerg810fh01yzkfc0g678kvqnv0ta97a6fq3ay92nernv6ahf9n8296ntggv09f2sbrhx0drp9scqpew2fnt0h0t7zrrygjy2kbp7rh998hq8r0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%26client%3Dca-pub-1062972861553303%26adurl%3D

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c474e69d81859bf-MXP
content-encoding: br

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 52DA 7 KB
4 KB 41ms
41ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a7c29eee3b904f1226ec6c1bd4bacb498f20daafa35b8e3be7491e8ec55de22

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gqqbcer56fj220a9kbjdwdza74eq101kmvjyz04xawzw9ny2b8kh7886qn7s400ya06j7cz4wn77f0zn0hd324nbmaa11tjcdfbpvwwqah6bm49663v83rb64960wmek6krzxj41sbs9hdks33xnz1cjez69vcnj9wnkhjnb5x7apx52gqc04aw4vhgapf50akt4qdzc20jqfgc5vaxxz3e31w6zzv2n22fd2j6ckpr87g9323qvwrcza0sskcjkq88kca9rsm6d0n03n8tw949nv79z8e8spz1w4ngb024fmm6mnypmb006myan502ck9mv6861gefdv7abkm9gyxzxvfks86av11zbja9aww6qpkw6h352kae06eg8ytdpsn82q6tdy4ntchj5hr70jjn5yk0znygbz5ef7kymby46rrypktg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%26client%3Dca-pub-1062972861553303%26adurl%3D

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c474e69e81a59bf-MXP
content-encoding: br

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AFAB 6 KB
4 KB 41ms
40ms Document
text/html 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a920bd3dcd63444787b26004bd66c8901de409a64d8ea0f6b4f6e65342197e5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gyaggfb7p8b2gfsw4sze4e8m6ehwmka9tmdy5qbxatk2abd1yqsbgvpmx6jpnd7wvyxmhv56ra2n67w20ek2f2ckr69t1mtg0wfzcmjej2k7dd9yz8he46170dbdjj378csjz7vx0kyb9jft2g257x9gcmk97zc22j7jf9gk4bahezr70qh076abb781nbrhx16pvxez78dnsjtzbt94sjkc1srsv22gewv8j3r32vmvsjmn24cfya23eaqvjqze8h615twj2y07h2azmetcgk2br65h90149entertc58y217gq12cgz1qx4jdx05rqnvet3vcp5qcrfzs505fqzzjtbcgrs19smd3s12tj91wmja1g82m2csg0zbkh1aawss1b386bnrp53ewkq4wtsr37zdqk13t8mqjweg3kwdv7sxpn82yt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%26client%3Dca-pub-1062972861553303%26adurl%3D

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c474e69e81c59bf-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AED5 81 KB
11 KB 26ms
26ms Stylesheet
text/css 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1072490
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c474e6aa8d459bf-MXP
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame AED5 53 KB
54 KB 56ms
46ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2174476
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycduo0UTEdnOX-MiABea3R9RVC-wUFGbcbM88E97re81Z722vGl7PPS0-v7ZFyRoBHDbyGT1R2Iixydz_fKctb0kf50Zd5w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vkd6EWOKW9nR1rnFwQZX%2FMPONn%2FUKMtucivCy0j0Q5wVtibiIwQrJX1cpnHlj8xbCtzkwzncxsG517XI4nxfU2mDgaS%2BvuBx6n%2B41HF9Fsz1VgNJOWDH0pN41%2FGOKwOLj09Rjp%2Bwfg0OStH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6c474e6ab84783b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame AED5 23 KB
23 KB 45ms
42ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041797
cf-polished: qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid: ADPycdv1oUkOs05TCidQdrERCUcxtUKCFtCXSowGaUdEKe-RWLKCUcnmutFnQgj6j-6pGwSE6-MYNN1LlAqLhHLnGk4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23154
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gURLdNIUxwV34NTElu5dT09AB1Crf0VQDXpvUNlYzLkh7VvqiFCKLUX4R0wTE65tZecw9ummUd%2Bk8AhHKY9tKZ1biTR%2FxYu1tOF9Ky2YYwVpKUOzQxtVNEN8NBkIgrcRl5z%2FqqMofWB7Z3Rt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639072283176296
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 132437
accept-ranges: bytes
cf-ray: 6c474e6ab84c83b2-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame AED5
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112280319536095593...

43 B
808 B

60ms
34ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:53 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 28 Dec 2021 02:19:53 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame AED5 9 KB
10 KB 45ms
41ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 634903
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdtd_qzJJ2j8fLhc4MnJy8Pr9WXO00HsOwNKEMijhkjdKL7lwbsOmTLi6JDxSHzxUMKw-IAs7yuzXaCBOIMf-G4xdCME-A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgH%2Bu9ncgiPmr9pyWrR5908QX5CzWptP6tFTDP8LNlNsKIOi1eskf5%2B6Cc%2FF8SuxgmpbDHZoLnZQ5FhpusyaGwrUIRMIhcHQczkzKkqT4TtC%2F%2Fnlauqtrga289ZxVmfL6rIqTRvgFUL6tWEc"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6c474e6ac85083b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame AED5 19 KB
19 KB 46ms
42ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2155950
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycduccTQX0v5HStdzqUBaOSMAPFvevjIm-E4EkrINYblBfrL1woNBTr1xy0gQfP0Q0nlAtaOtVvilm33PZqLnjD4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19022
last-modified: Wed, 10 Nov 2021 15:00:52 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQSvrTQ%2F9%2FGKTK3zWrv%2B3m4u1AJAeZRRB0WNk4I3qYCQA6cdLsdFXjATUgNeoM%2F8u5tDm4%2FHbBzzXZlfRaAjQL2ydSMdg0ICxLaYIvfLRFNcFbH%2BvDHoyWqeueCj%2Bqq0Ke6xY50BwOUeyuDC"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636556452656256
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6c474e6ac85183b2-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame AED5
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&g...
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211228031953609559337...

43 B
791 B

39ms
13ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:53 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Tue, 28 Dec 2021 02:19:53 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame AED5 6 KB
7 KB 45ms
42ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1042531
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycdsK196Ecn03QPRqBp8CpDaVgJT2AsDJ3ZlT3eiYjBXrTxRrOuYO0NMKrtr3tiaUJcInnRcq-6tBotOZwFvzyY583q9byQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtxj8U59YToaP82WvXua8o2b1RAieIfUq52RA17wMv%2BPpDrLdCzulkwPlWQzyRJnaoDNdrjUAEoTgkC%2B1kWEWB%2BGBWFQkcSWN9SA93qobe5HUQ%2BHr2T4gwefPrpnNUpSY7i7M8o84jwMV78t"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6c474e6ac85283b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame AED5 9 KB
9 KB 44ms
41ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=041aae01f34cb58b04dd3c21ad7dc63b%2F2785062728518775992&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993226&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc9k7xzkt4c004sb1kc510xvhhm24jj8f16gsdwykdkcbr109gxb2p29avbaak4ksp4bkepyabw89c48jwvny78a3v1de5zr6g09zc1dn5tfc0we1c2819wx5gmf9ev2qy87e8xe5k8b2gzj6769d9dftsfqtmhtmfmnv0fj8kzk24zkbmc0qrh2q5r5gvmn90jh2704ykr6706mgmvp7kgsfjq7rtsncp3s2vqvjx9qqytz2xfx7entcw3h8kzm146ggydrcvq0vj76nag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPz9XSHTKYfetDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnAJP0JY-7Whgf_NNQ2BtmFu3_cEXc5P9Y_TqSUp_cXFLmlP4J6xxurJs4MX2H_SKm_D18ROWJS2LYZt55uMuy0wS-TUKfyVnj1yvV6t_PT8SkY5BgknauNwLh-G4JPHhqJd1SzIiq3KapExCgFv96FYqNEPRM_2C0CFPTl3E4yrSDq9PHaRLMpFb_dyRl8KUN1NC4zconAryFypp0cR2NbYXS9l43QNA8pv42LC6lQBz9CDfW_d7gcZfbWzA8RpvbfZEtz6J1CckuVZnFjMFu181TkvqL5cR9s72KgHk7TuCV3AsqbgRqHl2efs4aLxNoOaYMcOcTW3EHoNwd_e35TXEVJk686waXa3wUCn0aW27nsrkXoN4IRCwRiwMd-AEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0ldNNwzZypeCSNE7JIklIflXmR9Q%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1042851
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycdtMtTyN6zhwj0c0pJTwLpXG_gF4oeCdn3NaosXgL23nDxjjW4hVymyvi5PPiOg_a5ZgzSyiTCEuVJy8FpcaQn_EjTKCbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvkkeOli2V2F6xykBBE%2FrQj1d3%2B2wYtUuEtURekG7vM9m9CZ6Fmb9voskh47xYgFiqyAsxa2%2BdD38MJDrClto%2FCJPqh%2FHgl5iTEX8TL2tsrGIFWEaL32l8KBZq8M2qnPksZ7oW7SpjJIfZu4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6c474e6ac85383b2-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AED5 43 B
704 B 249ms
47ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 52DA 81 KB
11 KB 26ms
26ms Stylesheet
text/css 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1072490
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c474e6aa8db59bf-MXP
cf-bgj: minify

GET
H2 200 DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame 52DA 46 KB
47 KB 30ms
26ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2156670
cf-polished: origFmt=png, origSize=74333
x-guploader-uploadid: ADPycdtuXXPb7ADl7RioOqHpqrtsdzWF5hl19IqY_2JFC-u0shv9De3Q66SRWr1sHqxYgPcdjICMpXxTgk1SkHfj7qHw1HjQ9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47320
last-modified: Mon, 11 May 2020 10:44:44 GMT
server: cloudflare
etag: "51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yFicEcxMz4ehHyWPrm6hsNiKNfl3Jes%2FxknKJ%2BQyKa%2FcmxGiGsflArgXSLfV7aN8R38iaB77Lu9ZySbhvCvOSpjitjnxh%2BwUdsLvusj%2Fjp5HUL3uNIDmfgcmNArDPS539yuV7RiKgqHEVK1"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589193884048730
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 74333
accept-ranges: bytes
cf-ray: 6c474e6ab84683b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame 52DA 290 KB
291 KB 46ms
42ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1580831
cf-polished: origFmt=png, origSize=489686
x-guploader-uploadid: ADPycdttkiRnr_kJ6oACeo5mSqmconYWerZa60ya93iw5gAxLUKXLXFc3BIWeHx-ZAKwzpZhpPjg7MjbswctLAa9mbg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 296674
last-modified: Tue, 17 Nov 2020 11:24:27 GMT
server: cloudflare
etag: "e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOCJQlSFU10SYBKulmSE%2BTInNe8WUvTxsWLyRqd%2BZe8jPLz6wuv4k8WmfWE7iixkePMZsQtCovgAD7dml6aCbL10ybq%2Bwi%2FISAeFRQrlwC441%2BMgj9W8T7GWo0mZV8UmOn3ZgDAGFLGVam5d"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605612267020757
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 489686
accept-ranges: bytes
cf-ray: 6c474e6ac85483b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 87E4E9CEA9DBCB943231FCA0E0EED2695FFD0CFE5B3657F191EFCD5353EFB0D2EEFBED469066399720FE3CE85448BD83A1A4DA5EF1EE69B8FD90FD6DB460FA1B
assets.ad4m.at/logo/ Frame 52DA 107 KB
108 KB 45ms
41ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/87E4E9CEA9DBCB943231FCA0E0EED2695FFD0CFE5B3657F191EFCD5353EFB0D2EEFBED469066399720FE3CE85448BD83A1A4DA5EF1EE69B8FD90FD6DB460FA1B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b60331576d4c9bf51a6295ff4caa921ac1ca260e304106eca074f88e7c836e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=q4qNoA==, md5=JjQBPrEM0SwXOueegafmKA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041332
cf-polished: origFmt=png, origSize=157449
x-guploader-uploadid: ADPycdsWfoK39VWqdypwVk7B9feA_JPfF5cnWsS7V1dVxMit4jw9Sr2d0uTBNqGl2vFCm4mHMDXpTrLViKLLEWTrUHo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110040
last-modified: Thu, 11 Nov 2021 14:22:47 GMT
server: cloudflare
etag: "2634013eb10cd12c173ae79e81a7e628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0ACgl96GhrZ7Dv%2BIreK7SumBjV11WDWOss8F1LeLHkzg3pOZUrXUykfXEGXJvmWeyPHvF2z9BTp%2F5%2Fqkdz0KgFz3O0niHvBuxXuxP3nHBkeQzZCAHQWF6fXiNyYDZ50GptnY0LHi0fRkYHG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636640567676756
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 157449
accept-ranges: bytes
cf-ray: 6c474e6ac85883b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
assets.ad4m.at/product_image/ Frame 52DA 32 KB
33 KB 44ms
40ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=XpYYSQ==, md5=hUTvKH3ITIHGC57UiHB42A==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2186000
cf-polished: qual=85, origFmt=jpeg, origSize=91728
x-guploader-uploadid: ADPycdtYCZODq-Jz1h5VycuXgm-_7VxXK5M_3FPibkqh-pcujBo5vpQg11Aa_EuhZrxgdZEmCzwHuYnlAiZLPXNjkEU3jgIdrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33156
last-modified: Wed, 25 Mar 2020 13:46:38 GMT
server: cloudflare
etag: "8544ef287dc84c81c60b9ed4887078d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27XA8qsYxVYUTsZSw0umgr8h7zMLgCivHRh8F6cSX81%2FRD0n6MXP8TQk9DAG0Y6n469ycjhInGtsl9be4Msrhs%2FYkMT2QTC2frr7MANtSv04ShdiRFaNkhQ8ccCciw09EitPx81oBc%2Borlpv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1585143998277875
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 91728
accept-ranges: bytes
cf-ray: 6c474e6ac85983b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 52DA 18 KB
19 KB 47ms
44ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1582755
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdvWG74Bf1U2hCCCHNKHYVWguTJEpmxQvayYf12Iz_5DZd1MAgc3lAw-FauWOsOuS2LmWhC1Hvlfxvv2cifRihs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDjvV%2B0Lyqlu%2FYpR0HGaQbKVDp1ItQUThq44tz9b5DHwalmjDWUNexF9SLVmtyX28xIhkopnx27%2FX7Ui8H9dinpaaZh9JtljfhC6xFtmNqGuRGi2OgS6JyvpW2SH59KYpx1mi8zhVkeeR7P4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6c474e6ac85a83b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 52DA 9 KB
10 KB 46ms
43ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045567
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycds_4uM2QJaDbkYWaenN9Xmz-MONqhn0P2LmZKIMiq5vC2JL3_DbhhL4c_18W1nFenm2bUscKWDLCtxs4NQwevo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lrwrWlWfzEy0EDAB1l0ImdTxjPIPb0fkUQJj0tIRcLQmxbbrWZZim%2B23ggIjjdKRw91CtTURdG2voi3aRQvktii8rcGKAXRmxtqoGNBGWCLcPi49lDl8J6Y3rfqsHXbyrVK%2FBtDqn3NgruZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6c474e6ac85b83b2-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 52DA 43 B
703 B 248ms
48ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUMoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AFAB 81 KB
11 KB 35ms
35ms Stylesheet
text/css 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1072490
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c474e6ab8e159bf-MXP
cf-bgj: minify

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame AFAB 38 KB
39 KB 41ms
40ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1577142
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtkuVE5WmxsEyo2l7TzGL9nu8f9BgkBI3mUKDBV0kiVBvjVtZogDiPUXfFcJ0ddn4N7GFPZP10_0UNm4lb4AhM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qndbrw5TjaPLFL611pkGKpMa%2FEmhj%2BO1QhS02vJUddLMLAzDrxxDzoGxit6ySR%2FJ0TMTbKfrXBG8Ob%2BabjH3OrATB9wX3qFVLgNBW9bZiPydOEzFUhPajQOh6moblKizMhNiFGro%2FVvkAcx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6c474e6ab84883b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame AFAB 113 KB
113 KB 46ms
44ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2159869
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdt5sNiJov4RVcQHKWEr_AAptKKPZr9Zt73h6QYBSiAuuAvN8bA9vRFCWppjKAZEVehIi3ui5ImO-qmjAB8Q3moHjnObJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UThzTJnnHpqQFRa67TGohgQqDwN%2Bku2lafuOZw2KjwkwCSu%2FBgtf0SiPxJeCMKxdAX5RsxW8VN4N0KcopSnIqJrs5gQSJw3Mcooye7vd5fza5V9uqyjElNSbv7a3oTqYycNuTqrvolIV1T8C"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6c474e6ac85d83b2-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AFAB 43 B
704 B 246ms
48ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidB57hgfW7sDRtxH6H3t9txR5C4TeTGBUMoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame AFAB 6 KB
6 KB 46ms
44ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1044238
cf-polished: origFmt=png, origSize=12441
x-guploader-uploadid: ADPycdvp7hOlTMRMEZ25fLeL-eF-URX9lGOKV-0eRe9Xn2O64QXPV9O40SpHwOujuoSlGxo9ZIDkQhXADKSwGOM8hDh_3N_ZFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
last-modified: Wed, 22 Jan 2020 13:02:46 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExW4rnd0lb9XRcu5NKJR4%2BmbuiOmMpd%2Flrp7PCFz9GwHvpcQAISiymZvDPKI3THaZU1McbLOnDnjdbXKxu35u2Safb%2FAP%2Bjx4ZbHTWYqtGIGA%2BMSTau5Xu%2FPqXZdoJGs45OrrIBr30JqbrhE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698166841638
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12441
accept-ranges: bytes
cf-ray: 6c474e6ac86183b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame AFAB 37 KB
38 KB 43ms
41ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2155985
cf-polished: qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid: ADPycdsEggymGqcQokUkCFe_nMMiBRIcpaZ3sdddByqNi96WSpwDi_egdQ9q_P8jLr551yTJezXdWveoqEW5-A087L8hVKCpuw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38376
last-modified: Tue, 30 Jun 2020 10:59:41 GMT
server: cloudflare
etag: "9a6735ce88738411b521c572479825a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2We1tLYkag1vMGI6NihT5oqj1ZmIOu1kOFKRquowh51n5WgMOEMFJxZ0txt6hTH1q1zUZjxRfrOBQ35S0RgtWOaYZeKiRuuQI0KaEkxarAJB3lZptukS5zad2n%2BzJT3fXnJnX0rlM%2BkexJeX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593514781204583
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 98417
accept-ranges: bytes
cf-ray: 6c474e6ac86283b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 view
t.adcell.com/p/ Frame AFAB 42 B
482 B 230ms
31ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
strict-transport-security: max-age=15768000
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 E87C1EA8020B7EC9F8491EB6859916F7FFE2502D132479DCD09F8F4FF88AEAEC1D91FEAB15D06AC4FC2BD340FDBD89AF36A927329154B0AA32656FE414FAF3E0
assets.ad4m.at/logo/ Frame AFAB 12 KB
13 KB 44ms
43ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E87C1EA8020B7EC9F8491EB6859916F7FFE2502D132479DCD09F8F4FF88AEAEC1D91FEAB15D06AC4FC2BD340FDBD89AF36A927329154B0AA32656FE414FAF3E0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f3a302f061077647c8331748199de4558f696674c177a5a8624940f0dc3327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=4NPSbA==, md5=1+0tGQxgGz69wk0QpAbEjw==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045586
cf-polished: origFmt=png, origSize=16773
x-guploader-uploadid: ADPycdvw4K7SEIuMPN5Cb5aht03y-DTDsvEhA5XrT4Zv5pvApY_DnCi1UbJ2oLCmDGMqOUbKYo-C3naM_1oKEGDiG5k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12474
last-modified: Wed, 22 Jan 2020 13:07:47 GMT
server: cloudflare
etag: "d7ed2d190c601b3ebdc24d10a406c48f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbgnWpbx17y1%2FQA8qzfv7f3asHbZNvu4Brb7yEmK0r6JrGwqqxYNSIIkx6%2BnNp3R54d1w9gH33J3HOckV23fHqlrfTs3sN5Gk82RjZWGzhBx2wQKq6X2p9GG82cC4nad5UjDOAORt59FGvNF"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698467072527
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16773
accept-ranges: bytes
cf-ray: 6c474e6ac86383b2-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 F6A5D5DA552B6D153334B848023E25954B4B67C3D4A42B9A51984F8B2D2E741398E9476AC1A9721E3DEEDE1C11F9DF092345EA961230ECB96A4472C7837EE18D
assets.ad4m.at/ Frame AFAB 93 KB
94 KB 43ms
42ms Image
image/webp 2606:4700:3039::6815:c09b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F6A5D5DA552B6D153334B848023E25954B4B67C3D4A42B9A51984F8B2D2E741398E9476AC1A9721E3DEEDE1C11F9DF092345EA961230ECB96A4472C7837EE18D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5b5dccdbeb6c0e79cdcd8084eaedd4a680a82f86321d0db312d1d712aba60ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=VXqRXw==, md5=gIjQ2Zk5qO4+iM7nV/AVnQ==
date: Tue, 28 Dec 2021 02:19:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1050830
cf-polished: origFmt=png, origSize=103065
x-guploader-uploadid: ADPycdsgQ0oBeGRer4cFvtbNM5fqj3nC_TJaxbvVii8FDWtuKzngxc_UtJ3Hcy4HC9MLc7d9O-4ERw13Y9sQarUwR9o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 95520
last-modified: Wed, 02 Oct 2019 13:07:59 GMT
server: cloudflare
etag: "8088d0d99939a8ee3e88cee757f0159d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SwiAH8KFuNSL8Ll%2BsgZbno1r0zS%2FVGdQK90lRf05f5GL3jyGVKf3nvntNe1Qc3dSjHMzgh1C8WxvN%2FvA8VpmQ0XWfIYNuc2GhiwweiHH8alCiGTmMhzspKVlC4MXrmW6h3ggO5wSpDLKUnj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570021679570674
content-type: image/webp
expires: Wed, 29 Dec 2021 02:19:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 103065
accept-ranges: bytes
cf-ray: 6c474e6ac86483b2-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK dd45cb1edd0e4c76b171fb462bd874fa Show response
netzwerk.uppr.de/trck/epv/ Frame AFAB 870 B
2 KB 319ms
106ms Script
application/javascript 147.135.143.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk.uppr.de/trck/epv/dd45cb1edd0e4c76b171fb462bd874fa?subid=oneid3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcdoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.66 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.34
Resource Hash: 269a502e8b1e7c5e5d5078f95fa94e4f1901ba9ace342d8dbbf58c6e9c22972c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:53 GMT
Server: nginx
X-IPLB-Request-ID: B9E817B6:C62D_93878F42:01BB_61CA7449_46F376:1363A
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 37188
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-HTTPS-Header: 1
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 52DA 1 KB
2 KB 346ms
133ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kh53cn79jed80h7nq0hc5chntpmmnm71fqncwx98zdd3a95bfrwra3tfef2qpr9aqw16ymr0gjp910bk8vnzadhcgbv36j72en9pbkhxfxpd8qwxnsj9kvbej7s8w2f350gsd45zh954hvxcqhjzkk50bmqjy2ydf1s3tappm00mrjnsmb2prybpvq730prpwnpthzr6e81rh0kp1j79cz5ccsf0sqtyjrdttg842gbzx81zk2x5dhsn79dzycym706wh97v595dr64dwwa3nce0qrr5w1d8j3x0enrpn29f7f5kyq8wyr%26a%3D&clickref=oneidrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fdoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHKoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 09ac848d29fd075e1ca9231ea62bfa2a0ffbb0606d1405d5d038f77a572be94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:53 GMT
Last-Modified: Tue, 28 Dec 2021 02:19:53 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1447
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/ Show response
www.autohaus-koenig.de/htlp/ Frame 4204
Redirect Chain

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHKoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suit...
https://www.autohaus-koenig.de/htlp?coyotetrackingid=470927724
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=470927724

531 B
420 B

14ms
14ms

Document
text/html

159.69.159.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=470927724
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.159.132 Hobstin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.132.159.69.159.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: 4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.2
date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

server: nginx/1.20.2
date: Tue, 28 Dec 2021 02:19:53 GMT
content-type: text/html
content-length: 169
location: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=470927724

GET
H/1.1

200
OK

px.gif Show response
d.adtriba.com/ Frame 266B
Redirect Chain

https://trck.lekker.de/trck/htlp/htlp.html?em_source=uppr&utm_source=uppr&host=lekker.de&pvid=61ca744963db1f2eff1e75f5&url=https%3A%2F%2Fd.adtriba.com%2Fcollect%3Fatb_ptid%3D0316c55c%26atb_dpuid%3D...
https://d.adtriba.com/collect?atb_ptid=0316c55c&atb_dpuid=advancedstore&atb_dcaid=cpo-native.strom.preis&atb_dcrid=stecker-geld&atb_dcrsi=
https://d.adtriba.com/px.gif

42 B
227 B

9ms
9ms

Document
image/gif

18.185.175.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: netzwerk.uppr.de
URL: https://netzwerk.uppr.de/trck/epv/dd45cb1edd0e4c76b171fb462bd874fa?subid=oneid3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcdoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.175.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-175-74.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=86400
Content-Type: image/gif
Date: Tue, 28 Dec 2021 02:19:53 GMT
Server: nginx/1.16.1
Content-Length: 42
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 28 Dec 2021 02:19:53 GMT
Expires: Sat, 01 Jan 2000 01:00:00 GMT
Last-Modified: Tue, 28 Dec 2021 02:19:53 GMT
Location: /px.gif
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Server: nginx/1.16.1
Content-Length: 0
Connection: keep-alive

GET
H2 200 lekker_Native_AD1_SteckerGeld_1200x627.jpg
ht.uppr.de/campaign_116_lekker/NativeAds/ Frame AFAB 163 KB
163 KB 40ms
12ms Image
image/jpeg 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_116_lekker/NativeAds/lekker_Native_AD1_SteckerGeld_1200x627.jpg
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C765%2C14011&b=B57hgfW7sDRtxH6H3t9txR5C4TeTGBUM%2CZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJ%2C3jYhpfdws9p3S7HrHAtEtE9Mh8TWTxDcd&f=j83uEfZeSdDFYHEH2tWCw5zCKTzTxJc9%2C9M1SMfKMtG7aKHBH2tzCP1bTwTmTxVcd%2CWegUrf7QTPDWCYH5HjtDCeXETPTETEZc2&c=300&d=250&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cf74fbec3f61a1748a863828980be93d%2F15298902268970753420&i=9719%2C1676%2C17862&j=16%2C4%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993229&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gy7c8rp0ydtd02mbp9e532xkpd4mb0qr0qgbsdrk8j191n9j30ys8df4p3vds2pdptjtqnh86rg5r9vk73zb3pad7qnse042wbvcrkhn4q6e0e7fvk32p1wmzcwf0cb3847na1401paehb5nn7grsf5vn6ajyfgmn5fdg2a14n0t5aeyxe1chvy5w2ktqe2j99d53e8rnb07eh05k6r48hm5m5mp3s428dhsmmpkk4n8q8ed8sm2nbffwkhvqy87aa4cvt3zeam2se3e4qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCFBmuSHTKYfitDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEnQJP0HON2YTyJtk1gNP6q6lQoqCYUyCP9rVH9ry9yaJsAhNFaKhyzL1t2by9oGroiPip6eMoQgtahtIHASl5mCwjDtUlH8YhaXS01y1aQpQIlk_e7Hy1pCE74enx-bZs-F1CifWvbaYsP3Yr-lO6Kb4oQ8ZCwyTFighFpc7QU82snK1oPCkF0ZqE220ln8YJY7ovf7pV5jo4nWIRDB3-_B98dHKEoiwQanu_LHP-_GhDrLfMZLH2w9O2obBFVxs-zkezzX83P6RTOwYt0dcxgz-jWdMvfXPR3sZMQwhhPy8QT35JiwYVtvDP8cQXCutWIu_5bH_AJoRyrAfCh6xnMZk7EEejn1_dxEb4TA6uehiihpN57xXAPe_ETcDJSuDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0XAd7KiThD4Yr_VgHYMEZ8CqLWXw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0ca1b068361917f7c74fda243bfa052673c4e087d27a0ed492d6fa954f7bf58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
last-modified: Wed, 17 Mar 2021 08:46:33 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "6051c1e9-28ab5"
content-length: 166581
content-type: image/jpeg

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4204 90 KB
35 KB 32ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Requested by

Host: www.autohaus-koenig.de
URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=470927724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3903c910ff2a01f515afa96781194ec72d6f9d3349c9abdd1afd106c37fe0b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36230
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 02:19:53 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 52DA 51 KB
51 KB 47ms
9ms Script
application/javascript 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kh53cn79jed80h7nq0hc5chntpmmnm71fqncwx98zdd3a95bfrwra3tfef2qpr9aqw16ymr0gjp910bk8vnzadhcgbv36j72en9pbkhxfxpd8qwxnsj9kvbej7s8w2f350gsd45zh954hvxcqhjzkk50bmqjy2ydf1s3tappm00mrjnsmb2prybpvq730prpwnpthzr6e81rh0kp1j79cz5ccsf0sqtyjrdttg842gbzx81zk2x5dhsn79dzycym706wh97v595dr64dwwa3nce0qrr5w1d8j3x0enrpn29f7f5kyq8wyr%26a%3D&clickref=oneidrDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fdoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHKoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 55789
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 27 Dec 2021 10:50:05 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: lCY4yZQbS-cR1uzjdBBWjFG7sj4Dp_d_zAVSEPVSiPyMftS5smRu3A==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 52DA 40 KB
40 KB 85ms
30ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneidpqEMC1fgfVVwMhkH4Hmtztx6PH9S7t4JSEoneid__asuidZc5uCkqIp_pkEAdT8jr1mSE_cCKay-YTasuid__emmaglam_advancedad_300x250&wglinkid=2647615
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C22472%2C14044&b=4BxHEf1KsZZ6XtGH9HdtAtxEXHZTpTjRHK%2C4BxHEf1KseQxUGH9HdtAtrVMfZTpTjRHK%2CB57hgfW7sEkPTxH6H3t9t31GF4TeTGBUM&f=rDqUQfA6cppQZUAH7HjtJCG85S5T8TR8fd%2CrDqUQfA6cBbmUAH7HjtJCrJVf5T8TR8fd%2Cj83uEfZeSJEmTYHEH2tWCgmBuKTzTxJc9&c=728&d=90&e=Nu2irLw6pUGMzfLWTgz-nFq0QpHlt2HA&g=cb8be4687e53674807a69216d0c7ea6e%2F13811709516679555576&i=22427%2C27323%2C25007&j=21%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640657993228&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j7p0jxnqc6fgew7q6j7dwerhn5wqn9kpv62jb92pc0bagb601azrq17rvq4gdrfja2xx8a001xwaectskw64nmkmaytht0gpy6hyej44y0f500dg16cjkjgw9qgfzy1e6mbrt1szgk0fkrxwhhnkh692krs26x4wgbvza7z50frvpqqr0qnpjryxkxtbtw4qecp3ew5sqmkrtrhkj1tmwsms3qeqkszs4jsxr9df3rh12bc0spfqrta0mpemzhc79261ge79m4ykc363drg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfiUMSHTKYfqtDpb03wOglYbQCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQIrzO-tcAGzPuACAKgDAaoEqQJP0L3TtvC2nTqYyGaTx7NfKBDWM1Q74TVuG5cEZqsO_i6gX7W_WRBumoIGXQ_azz3bIZeJavGD5QQOp7GPuIRbbOI8sQYC5rL0-Kote5fXYSZ-RNyT82HVDbRvE28wfmB-CV83sC8YQSq5nrIx1S14dPXeZ0geQGavRWlX1yiNeV1f7yljxS5N-ordfwUA2UXJbZ4qNv_bn2-q94COaR20Ehw5OoxCRNPLWRiQxAaC4ka7Vt-LWRZk9y0ZdMThZ80x-2h7BnZCPyos8rkc3SHX4iad9PRtN8-CbthnSIV4letupBlwWWwDTYT27Cc3kcguvo_gNYU6_6DbM3mhsKihyHjFonCvQIu9dvwxnfr6S0gy4QKkIIMPcVG301USAUqbrsVmUDB5k5ngBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2GlDZor7ZhrVnD4gzVLsd4hF9uWQ%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 02:19:53 GMT
Last-Modified: Tue, 28 Dec 2021 02:19:53 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4204 49 KB
20 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4727
date: Tue, 28 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Dec 2021 03:01:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A071 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUIr86jYdq6-K1G__t3Qr4WWdg5Gv4DvaFSsQgXngkXEtOzTDr32czXkAV9y5Gq6VyeFZBT6gYvp7kiralSi6K3Q&sig=Cg0ArKJSzGIUXTgNWE2NEAE&cid=CAASF-Ro-cT5TX1IwiqReVHUinnB7sB1qiYP&id=lidar2&mcvt=1000&p=1038,850,1288,1150&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&app=0&itpl=20&adk=2074380467&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640657992043&rpt=230&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2BA2 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6Y6o95VRxWIhNf8yVZ7AIPdqksTfNC-FdqbsXypI-T-KrU20-Ztgb52UaVGrtT076LZDZqGlTXl3oQb2-5wHzYg&sig=Cg0ArKJSzIVqXqtll3LcEAE&cid=CAASF-RoMUD4poCtT3jrLY0yxhfyP0b7IHZH&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3722003645&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640657992069&rpt=240&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B2D1 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst75BONq9aKZdYXVa1P08Dcm-WuTEpuBQNPcw_7hvN0uIpp_rXY5UP9zh8OJsE2balyel5gzm42dJaxY3UM0YMydg&sig=Cg0ArKJSzFGQ37PN7V5OEAE&cid=CAASF-RoINU4obtxs6f1vLmtd1nUqz0m00o7&id=lidar2&mcvt=1003&p=80,436,170,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3739094439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640657992039&rpt=283&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CAFD 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVSGz8XFs8B_HoqzfMwmYNsDM-gYCFqda_F1KMftVMrJ6Y3WAQaauvKrf79O57HmVrx-TZaGiBqTzx2Lyr-zbBAIAD_RxHW4rofxqaA3aLe8WbnFjTtESf2iqNJz0Xo8qzM8Fj4b5HmVqC&sai=AMfl-YQMJBb6AlkLv3uNv_eWikxgJJrVBna23Qp879cmnQfu2SdgVKDRlMfV-Uf3ohd3hXTSKEFxY_XXI_wTo824PobuIwxwDzohNqwURFG9LWkASz-tKSvMgWtUNHI&sig=Cg0ArKJSzPCmmELg5S8IEAE&cid=CAASF-RoWmPJXuNuT3GTt8H9dogIhKxZt7jD&id=ampim&o=1250,265&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=235&tls=1235&g=100&h=100&tt=1235&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2722687999

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 02:19:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 52DA 16 B
232 B 79ms
79ms Fetch
application/json 34.242.207.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-207-34.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Dec 2021 02:19:54 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 202ms
31ms Preflight 34.242.207.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 28 Dec 2021 02:19:54 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 52AC 3 KB
2 KB 59ms
35ms XHR
text/xml 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281/simcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=1697128&cust_params=sessionKey=214791876-_R_pKs2J5Qd7HZdG%26schain=sendtonews.com,VRAfdwVZOg7jMyH8bxgoOA%26content=8539%26placementType=Premium%26embed=eKVKXbhX%26domain=simcast.com%26player_size=large%26player_width=761%26player_height=428%26player_type=float%26version=65.21.10%26player_status=LVFNLNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00110%26rand=11%26devicetype=desktop%26iris_context=undefined

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7bf4eb253459ab7c030148509b6b560e909ef048b9b9aefc74c4c108ca82d3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 879
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 52AC 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 02:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 1-56o64r73022o536onp6qp1qpsr869110.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 52AC 14 KB
14 KB 8ms
7ms Image
image/jpeg 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/1-56o64r73022o536onp6qp1qpsr869110.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33ca5e7810d91b923571ae0a67e59cfd3013d6338a05619b8e64d32c5cdb3cb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:30 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:23:04 GMT
server: AmazonS3
age: 64408
etag: "c527220299d6d6057e581e2191bc093b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 14007
x-amz-cf-id: NZklBzQogDtYWYgtSeHBbf1_68WeHQB4Dct3HqxDG_7WXRnwUwSERw==

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 52AC 26 B
186 B 98ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=_R_pKs2J5Qd7HZdG&instance=214791876&version=65.21.10&age=211228&ldt=IMA&key=eKVKXbhX&seq=1&order=4&recoveryMethod=SSAI&imaVersion=3.493.0&blocked=false&recovered=false
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 02nqo11os038sp45s3o70s60440p22n2playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ Frame 52AC 291 B
832 B 24ms
8ms XHR
application/x-mpegurl 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/02nqo11os038sp45s3o70s60440p22n2playlist.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3740b07b04119d5048fb2774a4405ab2a0f91c34e3129702c043a8254b9a52a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:40 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
age: 64398
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Mon, 27 Dec 2021 08:11:37 GMT
server: AmazonS3
etag: "51f2fb6b0da90043fdb8669a3dc8f8ab"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: xrq1ym4u0TLahCED0DNdqoFvgaTkhGS4_m5AdjlDCHvp6r9-tsh0_A==

GET
BLOB 200
OK d4cb31fb-8aa2-4a93-b92a-bad62302d4e9
https://simcast.com/ Frame 52AC 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/d4cb31fb-8aa2-4a93-b92a-bad62302d4e9
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK b1f97742-5424-4981-aa4f-dd895c895679
https://simcast.com/ Frame 52AC 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/b1f97742-5424-4981-aa4f-dd895c895679
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK 769465b6-aeac-4a2d-b32b-1ba2f0a39bd9
https://simcast.com/ Frame 52AC 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/769465b6-aeac-4a2d-b32b-1ba2f0a39bd9
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9729 156 B
142 B 123ms
122ms XHR
text/xml 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214791876-_R_pKs2J5Qd7HZdG%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8539%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D65.21.10%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00110%26rand%3D11%26devicetype%3Ddesktop%26iris_context%3Dundefined&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=30000&vrid=1224190&hl=en&cmsid=2460952&vconp=2&video_doc_id=1697128&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.493.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1198108931&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=2F89A043-B1F9-426E-B0AF-FE698DE06EAD&nel=1&eid=44750604%2C44750824%2C44751786&dlt=1640657990988&idt=1031&dt=1640657996987&cookie=ID%3D355c87e360314add%3AT%3D1640657991%3AS%3DALNI_MY6R05UsHtiXI4d-yTl1dYw5wKK8Q&correlator=3448153622095803&scor=1739210399511385&ged=ve4_td6_tt5_pd6_la6000_er290.20.718.781_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 02nqo11os038sp45s3o70s60440p22n2.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 52AC 213 B
754 B 7ms
7ms XHR
application/x-mpegurl 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/02nqo11os038sp45s3o70s60440p22n2.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 464dfa416819cda87af937ef9bae3056e74e484b72f0db5f9c156512fc6222bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:41 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
age: 64397
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 213
last-modified: Mon, 27 Dec 2021 08:11:38 GMT
server: AmazonS3
etag: "54b23a0a48e8f8f0e5ad39c9a13c0184"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 7cVauuimjOQEM9zotJFTIrVzz_dqWux5gAvn-9htBDsH_2MwKZ2LMw==

GET
H2 200 02nqo11os038sp45s3o70s60440p22n2-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 52AC 77 KB
78 KB 9ms
9ms XHR
video/mp2t 18.66.97.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/02nqo11os038sp45s3o70s60440p22n2-00001.ts
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2d3c80162fcf39cb3cb592e687f612b29769116b0e7f5c6a3e3353505a1ebe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:26:42 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
age: 64396
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 78960
last-modified: Mon, 27 Dec 2021 08:11:38 GMT
server: AmazonS3
etag: "1eab19a343c6d0fbc9f8cad7e300ac9d"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: eViKNjuH6chwwH23CsF-Mi4pIjj10JPfQHqL7dVFEKhYmWVUC6DgNA==

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9729 156 B
142 B 74ms
73ms XHR
text/xml 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214791876-_R_pKs2J5Qd7HZdG%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8539%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D65.21.10%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00110%26rand%3D11%26devicetype%3Ddesktop%26iris_context%3Dundefined&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1224190&hl=en&cmsid=2460952&vconp=2&video_doc_id=1697128&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.493.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1198108931&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=2F89A043-B1F9-426E-B0AF-FE698DE06EAD&nel=1&eid=44750604%2C44750824%2C44751786&dlt=1640657990988&idt=1031&dt=1640657997118&cookie=ID%3D355c87e360314add%3AT%3D1640657991%3AS%3DALNI_MY6R05UsHtiXI4d-yTl1dYw5wKK8Q&correlator=3448153622095803&scor=1739210399511385&ged=ve4_td6_tt5_pd6_la6000_er290.20.718.781_vi0.0.1200.1600_vp100_ts0_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 52AC 0
253 B 137ms
136ms XHR
text/html 54.204.0.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=SypMW8fLfa&USR_ID=214791876&ST_usrKey=_R_pKs2J5Qd7HZdG&SM_ID=1697128&C_ID=12018&C_companyName=Adapex&version=650210100&sC_ID=8539&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-0-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:57 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 28 Dec 2021 02:19:58 GMT

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 52AC 0
253 B 136ms
135ms XHR
text/html 54.204.0.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=SypMW8fLfa&USR_ID=214791876&ST_usrKey=_R_pKs2J5Qd7HZdG&SM_ID=1697128&C_ID=12018&C_companyName=Adapex&version=650210100&sC_ID=8539&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-0-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 02:19:57 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Tue, 28 Dec 2021 02:19:58 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 52AC 26 B
186 B 98ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=_R_pKs2J5Qd7HZdG&instance=214791876&version=65.21.10&age=211228&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=5&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&playerCfg=FL&alt=0&sC_ID=8539&sm_id=1697128&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 52AC 26 B
186 B 99ms
99ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=_R_pKs2J5Qd7HZdG&instance=214791876&version=65.21.10&age=211228&cmd=PLAY&key=eKVKXbhX&c_id=12018&seq=1&order=6&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&playerCfg=FL&alt=0&sC_ID=8539&sm_id=1697128&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 52AC
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1640657991907&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1640657991907&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...

64 B
327 B

10ms
9ms

Image
image/gif

13.32.99.90

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1640657991907&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2688&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=1697128&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1640657997206&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5299&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=DraftKings&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Server: 13.32.99.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 02:19:57 GMT
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 0AH2nhEu5Gojr3ZeTolg1EaLI9Zc7ra22Nac4W44UyHuKE7_fUXiow==

Redirect headers

date: Tue, 28 Dec 2021 02:19:57 GMT
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1640657991907&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2688&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=1697128&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1640657997206&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5299&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=DraftKings&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=
content-length: 1222
x-amz-cf-id: Hv7WS5eK07vGkjKRiGKmY_SAb_E4n5br7DbjL8RKEDUaaMvQuBncGg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: player.sendtonews.com
URL: https://player.sendtonews.com/bidderFiles/0.js

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEJ5Grd1G1gtbHsW7ef9YCXk&google_cver=1&google_push=AYg5qPJpcrFIxCbB55URO0RNKs8kC1HfsnH2dHcfYMM8nSNaRtRPRUnceVy-VyBzlC5JnYb27I5tI9_cZXCvSFl5OngPzU9qZBQ

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEJ5Grd1G1gtbHsW7ef9YCXk&google_cver=1&google_push=AYg5qPJFdPL97n2cFk5Xpyh8uIKetY4aTSrY2eJZmGXbl1j_QeruhmXmc23woJ3DsYnqccj5FiFGi9IYy0DDKsfbLtEi-VtQ3Scp

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
simcast.com/	1970-01-20 00:27:29	Name: PHPSESSID Value: i06sfkl0k2tqpf3emalc8t0jfj
simcast.com/	1970-01-20 00:27:29	Name: uidinfer Value: 39564220
simcast.com/	1970-01-20 08:29:53	Name: _uc_referrer Value: http://www.capitalone.global/
embed.sendtonews.com/	1970-01-19 23:44:18	Name: AWSELBCORS Value: AB7769910C09524E3F673477D3796BB23C89D09F9BFB5D4C7F8E1C8EB6D236C1CB7CD79E120482ACAB7C24D59FF89179A5DB1C927F9AD5207E9F00B66941558AB2FE8C9DE0
simcast.com/	1969-12-31 23:59:59	Name: mess Value: 1
simcast.com/	1970-01-20 00:27:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.simcast.com/	1970-01-20 17:15:29	Name: _ga Value: GA1.2.495401102.1640657991
.simcast.com/	1970-01-19 23:45:44	Name: _gid Value: GA1.2.2703985.1640657991
.simcast.com/	1970-01-19 23:44:18	Name: _gat_gtag_UA_205158314_1 Value: 1
.adsrvr.org/	1970-01-20 08:29:53	Name: TDID Value: 7a1bc364-a4a1-4b80-8ed2-58a1b54b15b7
prebid.a-mo.net/	1970-01-20 08:29:53	Name: __amc Value: 1_1640657991_1640657991
simcast.com/	1970-01-19 23:44:21	Name: _lr_retry_request Value: true
simcast.com/	1970-01-20 00:27:29	Name: _lr_env_src_ats Value: false
.simcast.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1640744392231
.liadm.com/	1970-01-20 17:15:29	Name: lidid Value: 30d6407c-c603-4f01-9b08-4343943006ca
simcast.com/	1970-01-19 23:45:44	Name: pbjs_li_nonid Value: %7B%7D
.doubleclick.net/	1970-01-20 09:05:53	Name: IDE Value: AHWqTUnLy_6mRjYf-RBSbtrM3cxP6A0XhgzSmw61FunB5s-9KNrIWbDD4D8V3dz7NtU
simcast.com/	1970-01-20 09:05:53	Name: cto_bundle Value: 97OPAF9rJTJCeWF3UHp2N0hwcExVcmNIeVQxZEtoeEJaTXAlMkYlMkJjd1B3Zzl6eTdubE5Eam5DR2VMSnFmcnQlMkJPUjZjTlppTDNOWjAlMkJtYVpKTW55cjJRSWUlMkZYSzhKODMwNVZnaHk5U3V6R0RuUGc2MWV0JTJCc2h5S0ElMkJDOGFBVm5HS0RRNFdKUlE
simcast.com/	1970-01-20 09:05:53	Name: cto_bidid Value: zi2ilF85Szh4THRzVzlGWE1NcWZlRmF0dVolMkZYOExGcUl2TEl5cllzRk5FdE1admNPVU05eEVvMFBBRUs5NVlCUUtMOXd1MDFpdjE1alRXTjRLZjhzM3VCZTN3JTNEJTNE
.simcast.com/	1970-01-20 09:05:53	Name: __gads Value: ID=355c87e360314add:T=1640657991:S=ALNI_MY6R05UsHtiXI4d-yTl1dYw5wKK8Q
.bidswitch.net/	1970-01-20 08:29:53	Name: tuuid Value: 5b4c2743-8b73-46a4-b7b2-4695fc121f14
.bidswitch.net/	1970-01-20 08:29:53	Name: c Value: 1640657992
.bidswitch.net/	1970-01-20 08:29:53	Name: tuuid_lu Value: 1640657992
.advertising.com/	1970-01-20 08:31:20	Name: APID Value: UPa420803e-6784-11ec-95cd-0299307c0b66
.bidswitch.net/	1970-01-19 23:44:18	Name: google_push Value: AYg5qPK-81LZZyNR-opLtCsN4Ldh-hF0V3KeU8e0ixsRBBlUC7PqfSyV7qGFFlXSHYOLgaIpilYK6sUI7VTGOhcgZ30-rpdUqaQ
.everesttech.net/	1970-01-20 08:29:53	Name: everest_g_v2 Value: g_surferid~Ycp0SAABLNi9qwBK
.3lift.com/	1970-01-20 01:53:53	Name: tluid Value: 5698771790410884040
.adfarm1.adition.com/	1970-01-20 01:53:53	Name: UserID1 Value: 7046572419572496526
.turn.com/	1970-01-20 04:03:29	Name: uid Value: 9025836984784857215
.w55c.net/	1970-01-20 09:14:32	Name: wfivefivec Value: LiETXVDm1N225G5
.pubmatic.com/	1970-01-19 23:45:44	Name: KTPCACOOKIE Value: YES
.adform.net/	1970-01-20 00:28:56	Name: C Value: 1
.w55c.net/	1970-01-20 00:27:29	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 08:30:15	Name: A3 Value: d=AQABBEl0ymECENCBDESU_OuwE9uWfFx_8ywFEgEBAQHFy2HUYQAAAAAA_eMAAA&S=AQAAAgKxXvhUZ7bJ1VVh63Eogug
.pubmatic.com/	1970-01-20 01:53:53	Name: KADUSERCOOKIE Value: 56C755E1-58B3-4D25-B9E5-E4AAB54B7400
.adform.net/	1970-01-20 01:10:41	Name: uid Value: 6688814536095496512
.analytics.yahoo.com/	1970-01-20 08:31:20	Name: IDSYNC Value: 18wq~22c2
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPa420803e-6784-11ec-95cd-0299307c0b66
.yahoo.com/	1970-01-19 23:45:44	Name: APIDTS Value: 1640657993
.tidaltv.com/	1970-01-20 08:29:53	Name: tidal_ttid Value: bf3a5577-23ed-4575-9a40-ad1351b5dcdf
.tidaltv.com/	1970-01-20 08:29:53	Name: sync-his Value: "H4sIAAAAAAAAADM0srQwsDI0sgAAdTIVEwkAAAA="
t.adcell.com/	1970-01-19 23:48:37	Name: ADCELLvpid2945 Value: 164800-46690-oneidZ89uwfeJCMGumHDHDt3t1DdhVTXT96hJoneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush%23%23%23%23%40%40%40%401640657993
.awin1.com/	1970-01-19 23:47:10	Name: awpv19228 Value: 412871\|1640657993\|a49365b0-6784-11ec-92b1-22382f8dc9cc
.awin1.com/	1970-01-19 23:47:10	Name: awpv11830 Value: 412871\|1640657993\|a4933ea0-6784-11ec-9cab-2239e6ba3d41
.awin1.com/	1970-01-19 23:54:22	Name: awpv14098 Value: 412871\|1640657993\|a49365b1-6784-11ec-92b1-22382f8dc9cc
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519498
.mobility-ads.de/	1970-01-20 00:27:29	Name: coyoteTrackingCookie_1 Value: 470927724
.mobility-ads.de/	1970-01-20 00:27:29	Name: coyoteSimpleTrackingCookie Value: 470927724
.lead-alliance.net/	1970-01-19 23:54:22	Name: ppv1225 Value: 2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: prg29r30u90oiojj60omo1v2du
.lead-alliance.net/	1970-01-19 23:54:22	Name: ppv1226 Value: 2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush
www.autohaus-koenig.de/	1970-01-20 00:27:29	Name: mobilityAds Value: 470927724
.uppr.de/	1969-12-31 23:59:59	Name: session_trs Value: 61ca744963db1f2eff1e75f5
.uppr.de/	1970-01-20 08:29:53	Name: trs Value: 61ca744963db1f2eff1e75f5
.netzwerk.uppr.de/	1970-01-20 08:29:53	Name: trscj Value: MTY0MDY1Nzk5M3xMM1J5WTJzdlpYQjJMMlJrTkRWallqRmxaR1F3WlRSak56WmlNVGN4Wm1JME5qSmlaRGczTkdaaFAzTjFZbWxrUFc5dVpXbGtNMnBaYUhCbVpIZHpPWEF6VXpkSWNraEJkRVYwUlRsTmFEaFVWMVI0UkdOa2IyNWxhV1JmWDJGemRXbGtUblV5YVhKTWR6WndWVWROZW1aTVYxUm5laTF1Um5Fd1VYQkliSFF5U0VGaGMzVnBaRjlmYzNWcGRHVmZUbVYwYldsNFgxSmxZV05vTVROZlFteGhZMnRHY21sa1lYbFFkWE5vSm1ka2NISmZZMjl1YzJWdWREMG1aMlJ3Y2owd0ptZGtjSEpmY0dROU1BPT18VGs5T1JRPT0%3D
.blau.de/	1970-01-19 23:54:22	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcxMDAwMDAwMDA2MTY0MDY1Nzk5M3ZsZWExZGUyMDIxMTIyODAzMTk1MzYwOTU1OTMzNzQ3WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZGo4M3VFZlplU3F4MktTWUhFSDJ0NnRSUkpVS1R6VHhKYzlvbmVpZF9fYXN1aWROdTJpckx3NnBVR016ZkxXVGd6LW5GcTBRcEhsdDJIQWFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2gxM19CbGFja0ZyaWRheVB1c2gxMTM3NTI
.blau.de/	1970-01-19 23:54:22	Name: nscQ486 Value: V
.o2online.de/	1970-01-19 23:54:22	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0MDY1Nzk5M3ZsZWExZGUyMDIxMTIyODAzMTk1MzYwOTU1OTMzNzQ5WDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZE51MmlyTHc2cFVHTXpmTFdUZ3otbkZxMFFwSGx0MkhBYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.o2online.de/	1970-01-19 23:54:22	Name: nscQ485 Value: V
.blau.de/	1970-01-19 23:54:22	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122803195360955933747X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
.o2online.de/	1970-01-19 23:54:22	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122803195360955933749X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidNu2irLw6pUGMzfLWTgz-nFq0QpHlt2HAasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
.lekker.de/	1969-12-31 23:59:59	Name: session_trs Value: 61ca7449ad804d13eb72a09d
.lekker.de/	1970-01-20 08:29:53	Name: trs Value: 61ca7449ad804d13eb72a09d
.trck.lekker.de/	1970-01-20 08:29:53	Name: trscj Value: MTY0MDY1Nzk5M3xMeTlsY0hZdk16WmtZbVppTXpZME9EQmtZamhqT0dRMk1XRXhNalZtTVRGbE5UTTFNR1kwWm1OaE1qUmpZVFUyT1RSaE9EUTN8VGs5T1JRPT0%3D
.adtriba.com/	1970-01-20 17:15:29	Name: atbgdid Value: 843513c7-b69f-4b39-84fa-a10b693513d9
.tribalfusion.com/	1970-01-20 01:53:53	Name: ANON_ID Value: axnseFsKBRgFmDqU7puulco2Jt5XDStbXIWbMHmUsETgvU2mYOLTwHdlIsZaefk7kLfLZbMw3ePZa3v3vEtNvwV

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
analytics.webgains.io
api.rlcdn.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
btlr.sharethrough.com
c023bb44c1a499c3c93b84c9926de930.safeframe.googlesyndication.com
c1.adform.net
c2shb.ssp.yahoo.com
campaign.mobility-ads.de
cat.hbwrapper.com
cdn.adapex.io
cdn.ampproject.org
cdn.resonate.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
d.adtriba.com
d29xw9s9x32j3w.cloudfront.net
dsp.adfarm1.adition.com
eb2.3lift.com
embed.sendtonews.com
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
ht.uppr.de
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
image6.pubmatic.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
netzwerk.uppr.de
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.advertising.com
player.sendtonews.com
pm.w55c.net
portal.blau.de
portal.o2online.de
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simcast.com
ssbsync.smartadserver.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.tidaltv.com
t.adcell.com
timber.sendtonews.com
tpc.googlesyndication.com
track.webgains.com
trck.lekker.de
ups.analytics.yahoo.com
web.hb.ad.cpe.dotomi.com
www.autohaus-koenig.de
www.awin1.com
www.capitalone.global
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
api.rlcdn.com
google2waycm.netmng.com
player.sendtonews.com
104.111.239.217
104.18.12.242
13.248.245.213
13.32.99.90
142.250.186.98
147.135.143.66
147.75.61.140
151.101.194.49
159.69.159.132
169.63.109.126
172.217.16.130
178.250.2.146
18.156.0.31
18.157.95.55
18.185.175.74
18.192.154.98
18.193.58.151
18.66.139.38
18.66.97.25
184.31.84.150
192.241.157.60
198.47.127.19
199.187.193.182
2.18.234.21
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.133.107.215
2600:1901:0:76b9::
2600:3c02::f03c:91ff:fee2:5b0f
2600:9000:223f:f400:1b:5138:8a40:93a1
2606:4700:20::681a:61b
2606:4700:3030::6815:631
2606:4700:3039::6815:c09b
2606:4700::6810:135e
2606:4700::6812:c05
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a02:2638:1::13
2a02:26f0:6c00::210:ba2a
2a02:cb40:200::242
2a02:fa8:8806:20::2100
2a05:d018:24:b001:f805:e2b8:13cc:7378
3.219.152.16
34.107.148.139
34.120.133.55
34.242.207.34
35.186.253.211
37.157.3.30
37.252.161.190
37.252.173.22
45.79.244.12
46.236.13.147
46.4.41.145
50.17.208.58
51.75.146.200
51.77.94.3
51.89.9.252
52.215.211.56
52.223.40.198
52.28.203.152
52.58.94.171
52.86.156.15
54.204.0.108
54.229.233.249
54.37.204.178
54.82.234.18
72.52.178.23
82.113.101.132
82.113.101.236
84.200.5.215
85.114.159.118
88.99.63.132
001a77c561db4b1a4e031c9b938c294055652536a500f31b41aaec6ca9d3ce1b
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
00f3a302f061077647c8331748199de4558f696674c177a5a8624940f0dc3327
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09ac848d29fd075e1ca9231ea62bfa2a0ffbb0606d1405d5d038f77a572be94b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca1b068361917f7c74fda243bfa052673c4e087d27a0ed492d6fa954f7bf58b
0d357ce7103733b982eda21117799c12a16653261020f75a1cc17cfd1645edfc
0d6131dbe81f863436de83a176d94fd9a1515fb7698a34303f5a69fbcaed3c7f
0d6855d0e1848d759a8aded2ff87d13ce8f38a4ad8c88fafc7aae8ea1f7e1324
11485dfcc676cb4d7e1a91ba485e799dc45e2854ef657372dbdaa7c602db0adf
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
15ddc2840ff43bf8137b236b85ada6141ef658369e96dfd450abead78389648e
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
194515ae6f82835ab02b70c9fbe1eb3ffb59fc83d62c4e9b8fb4075df27d7647
19ec6802c6875e4b8973807522c814147fa088fe6b1181c6c734c41e238d675c
1a7c29eee3b904f1226ec6c1bd4bacb498f20daafa35b8e3be7491e8ec55de22
1a80fac76ee277acd2ac394529c7eacd9c4d837244dab26f6c2f58e7381090fb
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1ddbfa3c5afcd5fbccb49cd6e85944b5321ab0db6ad908b87870452ad3715d77
239d61a9957bcec1798da01c5701c5b3170693a1205f336890ae4d750b7ed0c1
2435dc50b3a4b36e1f744d963b4d17a4866583d188cb6d6a5a698b4d866c5278
2597e9cf04c8bc286e00236a19798b6ecc7eeef4f0c9076a90b425e920205ac1
269a502e8b1e7c5e5d5078f95fa94e4f1901ba9ace342d8dbbf58c6e9c22972c
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f17b748919141d930da96aa8bce5e431d9e8d9f0d5c531e3bd0143e41dc25ba
30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845
32c9a27930e9a150869b03e8fad5845a762d5402c5abc0eb63678041d00acbd0
32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e
33c2c303b8634b539eb1ca57951a4b42ce87944ae32e9d6fe6cc63c8596ccb27
33ca5e7810d91b923571ae0a67e59cfd3013d6338a05619b8e64d32c5cdb3cb2
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b621914f8e4360ee2a598f15f0a2c8429042574a864946b26b745da958d042
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37c7ab38c84462e9e99855e3e9375f5fb66f3c1daca2b13367369f1f17b8091a
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
388442a1e51e37650faaa206d776a1ced6816a3f9a41b66dbe7347a4537c13fe
38c3a7aab75223c564750abfd463925d7ea782dba37e56b5610399c4684e8da8
3903c910ff2a01f515afa96781194ec72d6f9d3349c9abdd1afd106c37fe0b6b
394b4425f8b644792287489f26ed05fd556495517be6621f0ab6bdd2cea9d91f
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46176808ed0135dd157d62d8378ae32f3df49792291405722834feeaec4275f7
464dfa416819cda87af937ef9bae3056e74e484b72f0db5f9c156512fc6222bf
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
4754fb14feda76d4a7efdec8d96a49b6dd1f9971263adf11a6ac81a6f1520f82
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4b2be8c6569ba725c54f79247df718bc55d40c369ecf748cc7545ca27eeaddf9
4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a
4d353705266a94118b5cc5bc05487420d4a6f6cb800649ec2e0a89adb4a60b91
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b
50b624e5e4ddd670cc95d4eef015e4ee8566b752edb565f945e0ca0ede692dc7
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575ad3394867ec8e643ee38e1451217c957a72ddad8e2ac2765bfffbac565f8d
5857138def6703a65c3b907b9d85c15c3ed7d2a4025fbd006a32e0e010e09863
5aeaa75700fd15079d6d93f1178fdddf62410a6bc04c4493c2fa532dcc9f1c4d
5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
6070ffe90a649717f66c041d932e7d6d6e9b5ed5cd557d39e6ec9df82bb12719
61914b6790d245f2c62c18d66737074c58ec0b3fe34405530e68cfb59d582db3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ecaf1ae384bc98ce95a06225c6f25dda29d5a26eed4c5eb16750872cf221f6
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25
64153e217f4c9fab8fd867187cc5b93b11c39dd165cf8356ddd222dec7d47251
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
678ba891eeb3ab28bf3974cce5c91e9459a090185631bdb6b163c635a5492d77
681627d6e87f89fc1728ee378349f12e6f29149c0bf062a45f5c41c70093358c
6af0ec51966107e98ef76c325737a080fede0c2cfbc2876a02dd5d382a05bcf9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de1eb8f0c4b9230bb9901f5d915fa6ca1a0b040b03e6766faebeeea83c20aa5
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
71351b729bfc7c206bd80a001801bca3317ed54a28830dce9903cca1cc1e4490
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
7416b2a04597713c7a348694c6096aaa15e37c4c923268fc4d5758cd8046abf8
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7a2fed49b1f119f67e5550ecb58df3ff1de9d694a400b10458cb133371efd876
7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471
7bf4eb253459ab7c030148509b6b560e909ef048b9b9aefc74c4c108ca82d3f2
7c786bacc1bc396b76849a7ef83d7c3f3a4fa9690f9294757a3a2c12ebb63825
7d18a18eb8f2b492c1494557caff4047e403c7312782e664b6517479e5bb2e47
7df6959672808cc6eb967052740a270a5803d82d727aafc952ebedb93a1592b7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80ebcc293f24faae7c9625d0d1eafde9747e2149891a62326a1e8280bb36c15f
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635
825cc043e05a1b39247ae024b78d4e3772a5766754e1e3f982ea780d782b89b1
8266b9e45c14a4aaa67f859d2960a06a7f38295e2f408c77f89a907dddc8e6e6
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
865dc7de8769f7700847492856a9621f7bfd96ccd2fafa9958101a48096c285e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
897b2b06d42a625b9c7f4783bd30fe25c400cc03ce67f239d30e244115357b2c
8a920bd3dcd63444787b26004bd66c8901de409a64d8ea0f6b4f6e65342197e5
8bf11a33a4674683eee1518815ac28eb1576da4dd1518796160dab1ace23ba63
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94e783ab4010731f31fb390946934db8d4271de7d970d61af658d89778d03183
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
97553183e780fb605d186a4b65084e79c788a29a2069f743a2b4b746e3c7cdeb
9840ddd897e21cfd008af700fe2ca1c617b6592a4f95efbd9a571bd86b936b5a
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
98ea3adfd1d8613d93d72969cb6e00f4f48114884fc77aed1b027ecbce95c408
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7
9c0b1a4d9ee7fb1485210ce9bb46251593e2454ee063204d01f5d9b1c4842cce
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2d3c80162fcf39cb3cb592e687f612b29769116b0e7f5c6a3e3353505a1ebe0
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a83c517e8e5453953e319cadc5f4edb4e3020fc924bda9b6b57142294288eb24
a8ec919f21007202c5155233e609013e47d9b195a395e59a12db62e9c903937d
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b2b60331576d4c9bf51a6295ff4caa921ac1ca260e304106eca074f88e7c836e
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
b66726b62250765d0d8eaca7c0a748330debceaed154bd27829125b80a9ee189
b6abb0f7ec25ab3fa9fb8fdc9f82c73a60fb81f6286dc6d39d735b6451f08af6
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba1d4c816a3afc381c8b2883571e8cbdc8c982ccba7e977072722c881b69b40d
bc457317d8051bbf32261557e413004e0fffd22cfa873d1eaf0f3cc5045d8deb
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
c48da9526d10bd52082028ada857831ac7186a0e1555b640e70eafd9f8642890
c5b5dccdbeb6c0e79cdcd8084eaedd4a680a82f86321d0db312d1d712aba60ca
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd353d3db55134cf07c1a1d86292cfebb2de50407e7f1b2974a40985f154222e
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d82215b693575a968d12e95965908dd191fee185e27c6873f21d6390af5b32ec
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbe75b409dfdf7f8e015e7dc8e6bbdba642548e8206070f0c2ba2dbca06f3bd6
dd08a87c0d61e7eecc5c1896111ffaa3c716558173bc4ab0b4176d88565f58d6
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3740b07b04119d5048fb2774a4405ab2a0f91c34e3129702c043a8254b9a52a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8ba6c25e1483b376da5f911cb5a9cda1cf892b3e3b6a6d193e564636343bf47
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
f14ada669dc72f778cac73cd2fca7bbfa5c13fb69e52072afafc38066bdd0c99
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f982388a3683116e93e767439763a2440c1c1ecb2c5d9ba9f8889d6ef10d72a5
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fcc29249ad70bf65d0ea27cb0152aaa575120262c15d6aaca0c5d17c0c57b18a
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

294 Requests

90 %HTTPS

34 %IPv6

72 Domains

95 Subdomains

68 IPs

10 Countries

3664 kBTransfer

8207 kBSize

66 Cookies

1 Outgoing links

Page URL History

Redirected requests

294 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

294
Requests

90 %
HTTPS

34 %
IPv6

72
Domains

95
Subdomains

68
IPs

10
Countries

3664 kB
Transfer

8207 kB
Size

66
Cookies

294 HTTP transactions
5 data transactions