urlscan.io logo urlscan.io
SecurityTrails logo

vaughn.live Open in urlscan Pro
2606:4700:20::ac43:48b0  Public Scan

Go To Rescan Add Verdict Report
URL: http://vaughn.live/
Submission: On December 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 14 countries across 113 domains to perform 872 HTTP transactions. The main IP is 2606:4700:20::ac43:48b0, located in United States and belongs to CLOUDFLARENET, US. The main domain is vaughn.live. The Cisco Umbrella rank of the primary domain is 936345.
This is the only time vaughn.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
28 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
29 2606:4700:303... 13335 (CLOUDFLAR...)
1 20 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.2.132 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
15 34.149.20.76 15169 (GOOGLE)
14 185.64.189.112 62713 (AS-PUBMATIC)
2 18 147.75.84.158 54825 (PACKET)
15 52.51.172.254 16509 (AMAZON-02)
14 2602:803:c003... 26667 (RUBICONPR...)
16 3.122.124.148 16509 (AMAZON-02)
17 216.52.2.48 32475 (SINGLEHOP...)
15 42 37.252.171.53 29990 (ASN-APPNEX)
15 35.153.26.180 14618 (AMAZON-AES)
23 54.171.91.135 16509 (AMAZON-02)
6 54.84.92.154 14618 (AMAZON-AES)
14 2a00:1450:400... 15169 (GOOGLE)
24 54.205.105.111 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
14 2.16.101.123 20940 (AKAMAI-ASN1)
19 2a00:1450:400... 15169 (GOOGLE)
79 2a00:1450:400... 15169 (GOOGLE)
60 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 22 172.217.16.134 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 34.194.44.187 14618 (AMAZON-AES)
42 91 142.250.185.226 15169 (GOOGLE)
13 41 172.64.151.101 13335 (CLOUDFLAR...)
8 138.201.135.164 24940 (HETZNER-AS)
1 4 138.201.84.244 24940 (HETZNER-AS)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
4 23.218.208.200 16625 (AKAMAI-AS)
4 4 23.197.120.249 16625 (AKAMAI-AS)
10 23.32.185.233 16625 (AKAMAI-AS)
4 4 2607:ae80:4::25 26558 (FREEWHEEL)
2 7 185.86.139.93 201081 (SMARTADSE...)
3 5 34.98.64.218 396982 (GOOGLE-CL...)
1 54.235.147.92 14618 (AMAZON-AES)
5 5 46.228.174.117 56396 (AMOBEE)
4 7 2001:678:cb4:... 56396 (AMOBEE)
4 23.82.15.158 30633 (LEASEWEB-...)
1 34.234.182.209 14618 (AMAZON-AES)
2 2 2620:1ec:21::14 8068 (MICROSOFT...)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
4 4 185.98.54.153 39572 (ADVANCEDH...)
2 174.137.133.49 27257 (WEBAIR-IN...)
1 4 2.16.97.41 16625 (AKAMAI-AS)
2 2 35.208.249.213 15169 (GOOGLE)
1 1 2.19.126.74 20940 (AKAMAI-ASN1)
4 4 34.200.129.91 14618 (AMAZON-AES)
6 3.33.220.150 16509 (AMAZON-02)
1 2 209.54.182.161 16509 (AMAZON-02)
2 2 35.214.248.253 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 63.251.232.170 32475 (SINGLEHOP...)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
2 2 54.221.54.135 14618 (AMAZON-AES)
3 3 188.42.105.236 7979 (SERVERS-COM)
1 198.47.127.19 62713 (AS-PUBMATIC)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 35.186.193.173 15169 (GOOGLE)
7 7 50.31.142.31 22075 (AS-OUTBRAIN)
3 2600:9000:25e... 16509 (AMAZON-02)
1 159.203.145.121 14061 (DIGITALOC...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 3 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
2 35.178.224.52 16509 (AMAZON-02)
1 2 172.217.18.102 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 6 92.123.148.9 16625 (AKAMAI-AS)
5 69.173.144.139 26667 (RUBICONPR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 37.157.4.29 198622 (ADFORM)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.155.156.165 1299 (TWELVE99 ...)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
2 52.222.139.14 16509 (AMAZON-02)
2 18.239.50.21 16509 (AMAZON-02)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 2 154.59.122.79 174 (COGENT-174)
3 5 52.57.96.192 16509 (AMAZON-02)
1 1 184.30.24.22 16625 (AKAMAI-AS)
2 35.157.123.207 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 4 51.75.86.98 16276 (OVH)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
3 88.99.219.174 24940 (HETZNER-AS)
3 162.19.138.117 16276 (OVH)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
6 162.19.138.82 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.227.252.103 396982 (GOOGLE-CL...)
2 69.166.1.35 27630 (AS-XFERNET)
4 35.177.10.97 16509 (AMAZON-02)
4 23.19.226.132 396362 (LEASEWEB-...)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 35.244.193.51 396982 (GOOGLE-CL...)
1 18.65.39.15 16509 (AMAZON-02)
2 67.202.105.22 32748 (STEADFAST)
1 23.218.208.187 16625 (AKAMAI-AS)
4 6 3.214.189.170 14618 (AMAZON-AES)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.242.46.191 16509 (AMAZON-02)
1 2600:9000:244... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 54.147.45.225 14618 (AMAZON-AES)
2 2 216.52.2.86 30282 (AS-INAPCD...)
2 2 193.0.160.130 54312 (ROCKETFUEL)
2 3.71.149.231 16509 (AMAZON-02)
1 1 54.164.192.255 14618 (AMAZON-AES)
1 1 2.19.100.239 16625 (AKAMAI-AS)
1 46.4.108.81 24940 (HETZNER-AS)
1 141.95.32.71 16276 (OVH)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 18.239.83.21 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 1 18.134.84.26 16509 (AMAZON-02)
2 3 52.16.22.123 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
9 52.210.15.1 16509 (AMAZON-02)
1 1 52.54.55.244 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 185.64.190.79 62713 (AS-PUBMATIC)
1 76.223.111.18 16509 (AMAZON-02)
1 52.17.117.51 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 18.202.86.19 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 173.237.69.60 7979 (SERVERS-COM)
1 64.176.200.183 20473 (AS-CHOOPA)
1 142.250.110.157 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... ()
1 142.250.185.194 ()
2 172.217.16.194 ()
1 209.58.147.67 ()
872 126
17    2606:4700:20::ac43:48b0 (United States)

ASN13335 (CLOUDFLARENET, US)
vaughn.live
1    2a00:1450:4001:806::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
28    2606:4700:3030::ac43:93fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vaughnsoft.net
thumbnails.vaughnsoft.net
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
29    2606:4700:3032::6815:3776 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vaughnsoft.net
20    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
10    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
15    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
14    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
18    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
15    52.51.172.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
hb.minutemedia-prebid.com
14    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
16    3.122.124.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
17    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
42    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
15    35.153.26.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-26-180.compute-1.amazonaws.com
pbs.nextmillmedia.com
23    54.171.91.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
ads.servenobid.com
6    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
14    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
24    54.205.105.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-105-111.compute-1.amazonaws.com
collector.ex.co
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2.16.101.123 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-101-123.deploy.static.akamaitechnologies.com
cdn.ex.co
19    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
79    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
60    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
13    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
22    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
11    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:26f0:3500:58c::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
secure.insightexpressai.com
6    34.194.44.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-44-187.compute-1.amazonaws.com
sync.ex.co
91    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
41    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
8    138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal9000.redintelligence.net
4    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
11    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.32.185.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
7    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    54.235.147.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-147-92.compute-1.amazonaws.com
vop.sundaysky.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
4    23.82.15.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-113.channelexco.com
1    34.234.182.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-182-209.compute-1.amazonaws.com
gpv.ex.co
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
4    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
2    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    2.19.126.74 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-74.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
4    34.200.129.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-129-91.compute-1.amazonaws.com
i.liadm.com
6    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.214.248.253 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 253.248.214.35.bc.googleusercontent.com
csync.loopme.me
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    54.221.54.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-54-135.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    188.42.105.236 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
7    50.31.142.31 (Hickory Hills, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    2600:9000:25e8:9a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
3    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    35.178.224.52 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
track.webgains.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
8019191.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
6    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
5    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pubads.g.doubleclick.net
5    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    52.222.139.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-14.ams50.r.cloudfront.net
analytics.webgains.io
2    18.239.50.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-21.ams58.r.cloudfront.net
cdn.track.production.webgains.team
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
5    52.57.96.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
cs.media.net
2    35.157.123.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-123-207.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    2a05:d018:d29:3601:b946:ae1e:458e:a1ae (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net
3    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
3    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
6    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    35.177.10.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
api.webgains.io
4    23.19.226.132 (New York, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
e.channelexco.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    18.65.39.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-15.ams1.r.cloudfront.net
public.servenobid.com
2    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com
acdn.adnxs.com
6    3.214.189.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-189-170.compute-1.amazonaws.com
cookies.nextmillmedia.com
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    34.242.46.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-46-191.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    2600:9000:2449:ec00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    54.147.45.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-45-225.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.164.192.255 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-192-255.compute-1.amazonaws.com
ssp.disqus.com
1    2.19.100.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-239.deploy.static.akamaitechnologies.com
hbx.media.net
1    46.4.108.81 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.81.108.4.46.clients.your-server.de
tm.simptrack.com
1    141.95.32.71 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-006.roqad.pl
wt.rqtrk.eu
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    18.239.83.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-21.ams58.r.cloudfront.net
live.rezync.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    18.134.84.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-26.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
3    52.16.22.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-22-123.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a05:d018:cc3:fe04:9c2e:6bf6:2687:8d4a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
9    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    52.54.55.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-55-244.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    52.17.117.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-117-51.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
4    2607:f8b0:4003:c17::5e (Tulsa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    18.202.86.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    173.237.69.60 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
1    64.176.200.183 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 64.176.200.183.vultrusercontent.com
exchange.kueezrtb.com
1    142.250.110.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f157.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:400f:1::6 (None, )

ASN- ()
r1---sn-5goeenez.c.2mdn.net
1    142.250.185.194 (None, )

ASN- ()
googleads4.g.doubleclick.net
2    172.217.16.194 (None, )

ASN- ()
ade.googlesyndication.com
1    209.58.147.67 (None, )

ASN- ()
a.channelexco.com
Apex Domain
Subdomains		 Transfer
160 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 270869
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net
714 KB
155 googlesyndication.com
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com
909 KB
57 vaughnsoft.net
cdn.vaughnsoft.net — Cisco Umbrella Rank: 990871
thumbnails.vaughnsoft.net — Cisco Umbrella Rank: 889934
5 MB
47 ex.co
player.ex.co — Cisco Umbrella Rank: 9632
collector.ex.co — Cisco Umbrella Rank: 9533
cdn.ex.co — Cisco Umbrella Rank: 10387
sync.ex.co — Cisco Umbrella Rank: 2598
gpv.ex.co — Cisco Umbrella Rank: 10865
2 MB
43 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
acdn.adnxs.com — Cisco Umbrella Rank: 610
92 KB
41 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
29 KB
35 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
80 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25796
ad4m.at — Cisco Umbrella Rank: 11359
assets.ad4m.at — Cisco Umbrella Rank: 35458
273 KB
24 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2371
public.servenobid.com — Cisco Umbrella Rank: 5655
16 KB
21 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 2834
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2362
24 KB
20 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image8.pubmatic.com — Cisco Umbrella Rank: 661
24 KB
19 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
8 KB
18 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
match.sharethrough.com — Cisco Umbrella Rank: 495
2 KB
18 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
897 B
18 33across.com
ssc.33across.com — Cisco Umbrella Rank: 3699
lexicon.33across.com — Cisco Umbrella Rank: 1596
ssc-cms.33across.com — Cisco Umbrella Rank: 904
2 KB
17 vaughn.live
vaughn.live — Cisco Umbrella Rank: 936345
241 KB
16 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3730
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 6250
7 KB
15 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37721
hal900026.redintelligence.net — Cisco Umbrella Rank: 200207
hal900029.redintelligence.net — Cisco Umbrella Rank: 261914
105 KB
15 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 93
1 KB
14 gstatic.com
fonts.gstatic.com
csi.gstatic.com
170 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r1---sn-5goeenez.c.2mdn.net
786 KB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
827 KB
11 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
usersync.gumgum.com — Cisco Umbrella Rank: 1858
rtb.gumgum.com — Cisco Umbrella Rank: 1472
4 KB
9 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 10631
s-113.channelexco.com — Cisco Umbrella Rank: 86284
e.channelexco.com — Cisco Umbrella Rank: 10147
a.channelexco.com
9 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
d.turn.com — Cisco Umbrella Rank: 1349
3 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
4 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
rtb.openx.net — Cisco Umbrella Rank: 695
1 KB
7 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
2 KB
7 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 287
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
395 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
3 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
38 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
4 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
889 B
6 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 4674
4 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
bidder.criteo.com — Cisco Umbrella Rank: 776
1 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
974 B
4 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 192580
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563
2 KB
4 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
medialead.de — Cisco Umbrella Rank: 46843
2 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
778 B
4 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 9014
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
3 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
3 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
808 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5624
986 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
712 B
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 27586
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
3 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7973
sync.adkernel.com — Cisco Umbrella Rank: 1750
600 B
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
241 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
2 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
725 B
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 164531
6 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
875 B
2 media.net
cs.media.net — Cisco Umbrella Rank: 1381
hbx.media.net — Cisco Umbrella Rank: 1215
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
1 KB
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
9 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
653 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
4 KB
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46149
664 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
207 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
573 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
2 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
754 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
2 insightexpressai.com
secure.insightexpressai.com — Cisco Umbrella Rank: 1392
3 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
25 KB
1 kueezrtb.com
exchange.kueezrtb.com — Cisco Umbrella Rank: 7780
484 B
1 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1354
135 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
314 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
38 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
541 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
465 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1380
181 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3915
595 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1499
350 B
1 simptrack.com
tm.simptrack.com — Cisco Umbrella Rank: 106380
891 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1557
274 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453
370 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 83743
491 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 104746
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 89094
434 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 88416
261 B
1 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 408
98 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 305788
401 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
550 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
174 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 128498
923 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
671 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4454
134 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
282 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274
270 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2266
1017 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
489 B
1 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2302
365 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
0 socdm.com Failed
tg.socdm.com Failed
0 agkn.com Failed
fid.agkn.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
872 113
Domain Requested by
91 cm.g.doubleclick.net 42 redirects googleads.g.doubleclick.net
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
vaughn.live
g2.gumgum.com
79 pagead2.googlesyndication.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
vaughn.live
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
60 tpc.googlesyndication.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
vaughn.live
tpc.googlesyndication.com
googleads.g.doubleclick.net
cdn.ampproject.org
securepubads.g.doubleclick.net
imasdk.googleapis.com
41 cdn.vaughnsoft.net vaughn.live
39 ib.adnxs.com 12 redirects vaughn.live
googleads.g.doubleclick.net
acdn.adnxs.com
cdn.ex.co
36 dsum-sec.casalemedia.com 12 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
24 collector.ex.co player.ex.co
23 ads.servenobid.com vaughn.live
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
22 ad.doubleclick.net 2 redirects vaughn.live
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
20 securepubads.g.doubleclick.net 1 redirects vaughn.live
securepubads.g.doubleclick.net
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
19 googleads.g.doubleclick.net 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
18 prebid.a-mo.net 2 redirects vaughn.live
cdn.ex.co
17 ap.lijit.com vaughn.live
public.servenobid.com
cookies.nextmillmedia.com
17 vaughn.live 1 redirects vaughn.live
static.cloudflareinsights.com
16 btlr.sharethrough.com vaughn.live
cdn.ex.co
16 thumbnails.vaughnsoft.net vaughn.live
15 pbs.nextmillmedia.com vaughn.live
cookies.nextmillmedia.com
15 hb.minutemedia-prebid.com vaughn.live
cdn.ex.co
15 ssc.33across.com vaughn.live
cdn.ex.co
14 cdn.ex.co vaughn.live
player.ex.co
cdn.ex.co
14 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
14 fastlane.rubiconproject.com vaughn.live
14 hbopenbid.pubmatic.com vaughn.live
cdn.ex.co
13 www.googletagservices.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
12 assets.ad4m.at as.ad4m.at
11 www.google.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
vaughn.live
tpc.googlesyndication.com
11 s0.2mdn.net 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
vaughn.live
imasdk.googleapis.com
10 eus.rubiconproject.com cdn.ex.co
eus.rubiconproject.com
vaughn.live
public.servenobid.com
g2.gumgum.com
cookies.nextmillmedia.com
10 fonts.gstatic.com cdn.vaughnsoft.net
fonts.googleapis.com
9 usersync.gumgum.com g2.gumgum.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 hal9000.redintelligence.net 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
hal900026.redintelligence.net
hal900029.redintelligence.net
7 b1sync.zemanta.com 7 redirects
6 cookies.nextmillmedia.com 4 redirects vaughn.live
cookies.nextmillmedia.com
6 id5-sync.com cdn.ex.co
vaughn.live
ssbsync.smartadserver.com
6 www.awin1.com 1 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
as.ad4m.at
6 match.adsrvr.org ssum-sec.casalemedia.com
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
public.servenobid.com
g2.gumgum.com
cdn.ex.co
6 sync.ex.co cdn.ex.co
vaughn.live
ssum-sec.casalemedia.com
6 report2.hb.brainlyads.com vaughn.live
5 x.bidswitch.net 3 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
g2.gumgum.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 token.rubiconproject.com eus.rubiconproject.com
4 csi.gstatic.com imasdk.googleapis.com
4 e.channelexco.com cdn.ex.co
4 api.webgains.io analytics.webgains.io
4 onetag-sys.com 2 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
public.servenobid.com
4 ssbsync.smartadserver.com 1 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
public.servenobid.com
ssum-sec.casalemedia.com
4 i.liadm.com 4 redirects
4 sync.teads.tv 1 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 s.uuidksinc.net 4 redirects
4 ad.turn.com 4 redirects
4 sync.1rx.io 4 redirects
4 ads.stickyadstv.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 ssum-sec.casalemedia.com cdn.ex.co
ssum-sec.casalemedia.com
public.servenobid.com
4 ads.pubmatic.com cdn.ex.co
vaughn.live
public.servenobid.com
g2.gumgum.com
4 hal900026.redintelligence.net 1 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
hal900026.redintelligence.net
4 fonts.googleapis.com client
hal900026.redintelligence.net
securepubads.g.doubleclick.net
hal900029.redintelligence.net
3 match.prod.bidr.io 2 redirects ssum-sec.casalemedia.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 lb.eu-1-id5-sync.com cdn.ex.co
vaughn.live
3 hal900029.redintelligence.net hal9000.redintelligence.net
hal900029.redintelligence.net
3 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 an.yandex.ru 2 redirects vaughn.live
3 a.tribalfusion.com 2 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
3 c1.adform.net 3 redirects
3 r.turn.com vaughn.live
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
3 us-u.openx.net 1 redirects googleads.g.doubleclick.net
3 pv.medialead.de 2 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
3 s.ad.smaato.net 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
ssbsync.smartadserver.com
3 sync.gonet-ads.com 3 redirects
3 creativecdn.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 secure.adnxs.com 3 redirects
3 region1.analytics.google.com www.googletagmanager.com
3 www.googletagmanager.com vaughn.live
adv.office-partner.de
www.googletagmanager.com
2 ade.googlesyndication.com
2 live.rezync.com 2 redirects
2 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
2 ups.analytics.yahoo.com public.servenobid.com
2 p.rfihub.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssc-cms.33across.com vaughn.live
cookies.nextmillmedia.com
2 gum.criteo.com vaughn.live
2 sync.go.sonobi.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
public.servenobid.com
2 rtb.openx.net 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
cookies.nextmillmedia.com
2 imasdk.googleapis.com cdn.ex.co
imasdk.googleapis.com
2 cdn.retailads.net 1 redirects futalis.de
2 s-113.channelexco.com vaughn.live
2 prod-rtb.ad4mat.net 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
vaughn.live
2 cms.quantserve.com 1 redirects 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
2 match.sharethrough.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
public.servenobid.com
2 ums.acuityplatform.com 2 redirects
2 cdn.track.production.webgains.team 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
as.ad4m.at
2 analytics.webgains.io track.webgains.com
2 d5p.de17a.com 2 redirects
2 s.tribalfusion.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
2 static-de.ad4mat.net as.ad4m.at
2 8019191.fls.doubleclick.net 1 redirects vaughn.live
2 track.webgains.com vaughn.live
as.ad4m.at
2 pb.media01.eu hal900026.redintelligence.net
as.ad4m.at
2 gcm.ctnsnet.com 2 redirects
2 dclk-match.dotomi.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
2 sync.srv.stackadapt.com 2 redirects
2 um.simpli.fi 2 redirects
2 csync.loopme.me 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 trace.mediago.io 2 redirects
2 dsp.adkernel.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
2 px.ads.linkedin.com 2 redirects
2 p.channelexco.com cdn.ex.co
2 u.openx.net 2 redirects
2 secure.insightexpressai.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
2 script.4dex.io vaughn.live
script.4dex.io
2 player.ex.co vaughn.live
1 a.channelexco.com
1 googleads4.g.doubleclick.net
1 r1---sn-5goeenez.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 exchange.kueezrtb.com cdn.ex.co
1 colossusssp.com cdn.ex.co
1 bidder.criteo.com cdn.ex.co
1 prebid-server.rubiconproject.com cdn.ex.co
1 id.crwdcntrl.net cdn.ex.co
1 ads.yieldmo.com cookies.nextmillmedia.com
1 eb2.3lift.com cookies.nextmillmedia.com
1 image8.pubmatic.com cookies.nextmillmedia.com
1 ssum.casalemedia.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 1f2e7.v.fwmrm.net 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 dis.criteo.com 1 redirects
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 tm.simptrack.com as.ad4m.at
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 acdn.adnxs.com vaughn.live
1 public.servenobid.com vaughn.live
1 lexicon.33across.com vaughn.live
1 futalis.de hal900029.redintelligence.net
1 cs.media.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 adservice.google.com 8019191.fls.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 tr.blismedia.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 adv.office-partner.de hal900026.redintelligence.net
1 t.adx.opera.com 1 redirects
1 cs.chocolateplatform.com 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
1 image6.pubmatic.com ads.pubmatic.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 gpv.ex.co cdn.ex.co
1 sync.targeting.unrulymedia.com 1 redirects
1 vop.sundaysky.com vaughn.live
1 ssbsync-global.smartadserver.com cdn.ex.co
1 www.google.de vaughn.live
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.cloudflareinsights.com vaughn.live
1 storage.googleapis.com vaughn.live
0 tg.socdm.com Failed g2.gumgum.com
0 api.rlcdn.com Failed vaughn.live
0 fid.agkn.com Failed vaughn.live
0 sync-dmp.aura-dsp.com Failed 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
872 180

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-13 -
2024-04-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
report2.hb.brainlyads.com
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2023-06-08 -
2024-07-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.ex.co
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.insightexpressai.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-16 -
2024-03-15		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.sundaysky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-11 -
2024-07-11		 a year crt.sh
*.channelexco.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.media01.eu
RapidSSL TLS RSA CA G1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
ad4mat.net
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.futalis.de
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
simptrack.com
R3		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
*.kueezrtb.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-09-14		 a year crt.sh

This page contains 108 frames:

Primary Page: http://vaughn.live/
Frame ID: 95412F407D6AFF9AB07A6A09209DC513
Requests: 309 HTTP requests in this frame

Frame: http://vaughn.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: ACB72B078279D42ED576BE3632CA1954
Requests: 2 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 234B519F9541F152A82A3D95951735CD
Requests: 1 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B970D02971CE1147EAAEF5496E9B41D
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Frame ID: 621919E2C40B7B0DD5DA0F7F9E40D053
Requests: 8 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D90647D3836204006FD99F31A66F1AB2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWI0ojZBC1k-wkFGIYFRglrp3Ri4mBAdE4Woyxp-K2Ns5mDM8b2_JaK8pWzNNuXe1CriBECk_yX7MS0yjeHUqZ8rsbC-_M0seUB3oVwR6rMwOBtqbtaTz9I7ENTmFkY8C88vfLgnEAMWKRAPLLUwMtjvu6TRhMEdJz3W0riyIh2v5RbF08_Ra8cOyQmoVMmojPYJa7lxywlb-5sQhFOhn1nfYj3og
Frame ID: 0C32B8A9553048FDF31F75EEFC7F4F10
Requests: 5 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA1468B1CDAE16422D23F6D1C47D54F9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNUrzm08JiaVVMZ-B0K96rkhEarZffw-3o5dgw97WWi_uimzQZV9q6lGkke8xhTUqGCFjVGjXr7r-N8bqK1l6D2xc5UxEOCkYsfdhY7djH-WN7V4qmqRcoQLpekiKhQOuk8gNR4UE0Zab0M7PO1DpInRZdS_20LEu7vresKsAOhuntyq15NkAoRnj3Wtrk8MG8VWVZRvKWDJ7gf424A2emJskaKTbg
Frame ID: 720D39BDD01565F5A8116E0B039A3D13
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNVilSsu6ZjDAo9lGOciKwBM3cz966epIUTTQsHkg4hE_bTiqjWgNE90SmSDwyFAqqMzvtccCX1rwpOJKNgyYsNJ0ifGWlcWeuTgbYs78HGYfIDHJwMrQW3tpKH639fNJPW3VEQ3KNiRWmMIDo2AAVuTJQW1LunITsMcyNDex9qwmiHIwOKbVpm855pGIUuOYogk1i_FRL9DLiPfE4nn3AN1jj1Cug
Frame ID: 248D6B257D60D91FDABC483DEF862607
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E15838C0169FC59E5D5DE6D9870A6125
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9FCE47BAA20062A1C7F0F66497C74A88
Requests: 3 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F327C76AAA8C82BC5C7C465D60F863F2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYkuTm7QEwAQ&v=APEucNVInSJFt_8K1rygAYBmtCsrGNq--OMxMxat4pU6fp8NIecixhOI_UQqwFlpQNQfHbV0c72kF_k19yHHj3jB2QJKtfl_-JAxs3eTS1elEIdzmIyT0Ft5VEX7tzrToOeZNbGbicRVszXalvckfRC9rAy-VbmmThiI4wKmaG5S2WRUhPBShitMia9XjevpfWeRlXrzw_NnqxeF0TCd6Uw6V7_ojwSWlQ
Frame ID: 1FFAC5D2E026520B758FD31B7C154F47
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 98F50EB09293A1229831B429506557AA
Requests: 3 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C96897BC7D14B3C3782F8FF3C7601EB
Requests: 9 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E7C2B1E8950A9843A9208BDC3160818
Requests: 15 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D39E220534984A773C2608E81AADC82F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9BF6E577BD2BC69ADA0CD742C2416477
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hex55wpbrej231m41beqtydh725c38pm14p82jycszz3vb0cdmjvjsvbgware5ya55td74ybc1f081d4sc8gf6y9y10ypptb9pdh9562a0ynts99jvwh5v2x1cg9fk3dj9gcqfgb34w37583byxknqm21awj2w636n35nww0ns2w1dq6f1yhzwmz7zs5qvdrbgp49k9gbna4twvj737ncx4a6aj3f1c1kc3655m6taqnxddy05vxs6s5ncza6jctehyrptm0k8adpfk1zkgsv15vpz6nswpe9na4kb1rqer55x2qymkhpryc0q9w0xxaq1erwp0qt65v290xdmxswgrn2k2k7cp7saswhaeddx25kpqaj6ytwr7jf18mxwfvt51xqwn6q8z8kj6vfwkkbnxrngp9qkdvhyaeatcp20wnz3d62hpcvhj1x0ssn8hnexa1dz1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%26num%3D1%26sig%3DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%26client%3Dca-pub-2829411399762487%26adurl%3D
Frame ID: F03FB555901F934E80BD1A5701E94F55
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D26DC1D3232A2CF575E215CF30848CE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNV81Cpgq-yVA-nAu1MzPnvAV204wZQqpcSK1KVn7pOJFJIENeAioBKrHHZolLYvw64N-E6_McGdGB0kxE-7tyZ1MnCO3Pq4RgTqFMnAK-07GVSZv_2J7g44DPFAHSDvqRAxlmQjNXtMsmHJr9irfAksN6gu9BJGSDaISRN7zgIIu8yDl-nQqpE0nitO7cC3quQCHG76KfWzn4UuqPzApjsq5JrA-A
Frame ID: B0070D9A8B8797562965B7A1F12E24E2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8ACFF699B9D45DC39909BE03E0C3257C
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Frame ID: E551C9BB75C7ADEF021D26535F2726F8
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: E553D21A68A1BCE1386619B4447C70AE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Frame ID: 5BFF90ECBE3F41BCEEAFA7EBE326689A
Requests: 3 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=39f1249259da198312c99b8dc6669
Frame ID: 54A66E10CD25B8BBA9B01948481DCE7F
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Frame ID: CA6901CEF8DC2CFBDC71D36607E18AA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV1tGOgCUqXdy07JIZvfEeuYHkjDMTbacx0FmOq1Udv1_4HbyweLZxFlSKWhlM3On-ERE6s71tg2LLog1Af9Sdii06kjoJUR5OlerfzOUSxqT5NjY4j4GYXRQS1Q-hbxTHVwAtxMaGWhNbU-nd6OMVSwnd7O8oQDzeL8gNBDmD8uVDvpLOsFfoJTelRWucxVL6JRhvZ3FjSewDhoE4Xec5yrknGiw
Frame ID: A76195D16B93C8049295C0AF0D193F6B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9314930BCB8A8AA298CFBE2659B5DB4
Requests: 9 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2E79CE0A0BF21C94C03181B5561E7E2
Requests: 13 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D789C4D32F7C3772D5FB378FF93E0D7F
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 18F4B12A9D7B81559B0DCF81520EF5E4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNX9P5gx8XBTECflYWCjlEZbcYW5yQsR5AFzF2_GlJ2YWteljhQLMdPYxoOWmzpeS2Ny_VwMuG5UHhTk7MJuEUYru_N_eST6yse-Ord-MIgnBBsg2jmZdXa9U6tMt7c24uHneJaqA4Drnog5wAbCQucKVcdgOAfxYmizxphnJn1PpnMMceg-excYi6yHzEZKHFb-lqCYKqnwPgFejefGAgZ1IjIzEg
Frame ID: D4656ADECE414E941955E512B61FAABF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4EDE9D85F42C4E39B185EE478C3EE2C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVziLe0ADVyP0hndaN1yF5QzUZeHp_uq3-uCMrNrLqD3bnImBn-jymm2_c8LfMwkjUGHE8tsjJliUIAkqB7AvpY44eRdd_peey5IzjYhJJgB57MS4R0yAfheq1xHtVVTABCCMlmh3UL_axGNRHhLQe-6-Z83rgZndTjXq3wx3ked9KkKbALGgIAkemq_aA06YoRhX1zalraue5L3bVs_pv7UnBrEw
Frame ID: B93DE834F53B7DA48345911FD3E3B175
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 12C6E9E84D0000D83CFDB3DB50763D6C
Requests: 3 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1545E05B41F8B5EB7582C6C17063DB0
Requests: 13 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 636E8DE973D3BC162A50733E1B4628E3
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=40138400096789704444554012525026&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 78432243744297B07032F0926E1A9B06
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478
Frame ID: FDC25D571C1249D3BF1C064FDC8F022C
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Frame ID: 2E26964E98B5818E22DC8FE69AE6354A
Requests: 8 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22C746AC9555F293F60BE40CDD7692EF
Requests: 13 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 462C243FCA42C36A581F6D62EFD53256
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNWfMcB4REig_3f-58lNIIBC20jj1vIrIXMM9bH-Rd_FywQcpoF0vHHmKq_pG1pue0AvyzhSZnEENBwLkfayDrDuGkK7IJc49xa2XHA7p4N-wHa61txWD_ja6O2aNmBqwF8z-z3IW4SVDfxau98IdEdHmVz5-fZIQWGZ5Ev21oXLxmQ5Hc3FtF6PDUt_xal2zHMZgsaO6gvbYxeXUBlNrC1Jy5_IgA
Frame ID: 2D30CF8C5D0D14C5052ACAD5D05FE8DE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8746927D5EB6AA78D3E6F52F6C4A7D6E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYmtbm7QEwAQ&v=APEucNX6dBCVtLL3JOVNFJzk_5gx9lH60nyuJyB05NztV84FzTdPHjf5Jlx4KCzb9-sQurcG_6nUiJQOBhz1tKtIInALT75-nBmcdGMN7vGeNOVJIDEStidg-v23EflJlrgB91hxy-Ig4Cj3ri3qqCBcuBDupKO-X6UKW5cj8BwnzC_MtzPWQbrdiEFyNheTGPUvaoKPyUzGcubHZuDazql5fvCKs0ckJQ
Frame ID: 4276FB7482A9DD3A8E784A5E4C0D497C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31D25D915763EBF232A09AA7ACCB1779
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV85PAf7FRa5SWUgdtpvTtoyFx9EE3ehsWJf4HXxza2an3mmKXsDKMbX82zGJBU4yZRS0d3cbPiq1wV4qaLlouCJZWPPkjeDCQDoM02VTOMrQcD8A0IjUBj4yXN6OPlQPhK-hEM1Ni4jhGTrGfjC--lfKE4XmawNmIR4HO4KZBfUq71OihHJcpFfqDZlmxSLMZ0tIPuosmbSgrdTqoPL_x-kLO39g
Frame ID: A49058DB29D5A0091308D7C69E8D86CC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9312454FDB5770EF2609E52A66ABDBAF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 4200AF30F34EC89CADE58C537ACE96CC
Requests: 18 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 37E1A9A95726E8E5A72C2028DA06976C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D8B86299E4D39D54A008FB806D06CB93
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CD7C4E0B40FFB704E603A6BC8FE3FE53
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A8D958F9D0F0C1A4C3C7A61C45FA8A30
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1F8114ACFA4B7136FC2E45B3DBFF0C1
Requests: 3 HTTP requests in this frame

Frame: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59D1778B8005C66D45850512C9501970
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B50E1452475140965A1D7EDCF8C9F38F
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k9qyzj3jn8y71em9gmcqkjc9vh1enx1pxbfvywhs8w2ay5gtfr3qvveehcwhdzm2mr9cpvghv6x1t9asrqs87khw7hzbj0he2frxxtw2w5jaxfwk9mb09acb4q4r1fpyse81596spewmcs4etteh7b9agtkcffsnskg8qbbt7prjwbve4gcsm9xgxghrghy8xyqc73vp4cyps44vxqf2mf7kvr16kr1wbm65zd35g02smvy151qdxm68jk5rxq4tkpwd9z4ehc5mwnycpfmtpz8aegnzq36zn8rf6djda1ncx3cmjvyqjvk6093a4n7egbt2xv39aqarc7x6mg9syn8z13xfqyymv3h0v4tc15h1bh19m6te61ynb2143h5dd0ecpy8fn6bbe81hhcre31q2h1g1xjzagkaxy376xjs52tptra5x5ntkarm5resdrrvqac8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%26client%3Dca-pub-3565385483761681%26adurl%3D
Frame ID: 100642D217F676C743CF3A2D696412F8
Requests: 5 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3356614728
Frame ID: EB2EE8B7A82B54E1F559E19AFDC61A56
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Frame ID: 98CFE51A0840B9E0DBC82E6B50174B8E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42B8044FD248D021E6B2F7A0E2C273EC
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Frame ID: 8CC071E37EC57890A011B8F3C94BF2E9
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 4B07FFD62DA8C302A864B355BC2325B5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Frame ID: F2A1B368330DA81308F16256E4128F74
Requests: 16 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: DF6C9B998A2D6C28DA6781728AB778A6
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 881C05FF7E14C3834309A1FAF9513C1C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Frame ID: 372A8D658F7D4C2BA91BAAE2833C6DB6
Requests: 14 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 32221E286B37CADAE40503ED94E9FF87
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7FA51A2087CF26955BA616EABC75CFE5
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Frame ID: A3902B04CB42501941A632EA9A1F43C1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dVaqIEv0Cr66eeaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: BB98AF38CA65037B55EC33CFCE96BB6E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E8BEE69DAB73B378EAD8E03DEEEB1D29
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4F175CDB37CC5E4E6DD0E5751C483372
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13385103
Frame ID: 4B1E274D59A9A3775826176D66F519AF
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?type=iframe
Frame ID: 1C11B65F42C1BCECE828C4BB57D3A2AB
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 4875901F3C7EBB49C9168D265683CB36
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C880DDF012668822F6232A83FC8EAEDC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D158C0550FE284097547D558364DFD4E
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B078CC3F3C5F1AD59024FED61100F027
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: E2A6D1757DE8775E24583A44C926763C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 17ED2DA5954537B0F9BCDDDFE14A0160
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 13CAE54CAF49BEF79C500A29F640E61E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 091AD58A2F86400D4A6CF748B36CAE17
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: D13B65F5A705786D134D5ABA5B8BA9B8
Requests: 1 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: D0F4AD36BACFC7BEB0F751AB9B35CCFC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05BC8D4F61E7692E45DBEE61760E360D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCFA58CEC09CBA59A5905D5C6634CD22
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=8106690664101716930&gdpr=0&gdpr_consent=
Frame ID: 3A11DFAEAB7A1094F463DE8DCF5D71AD
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZjhjY2E2OC0yY2Y2LTQzM2EtOWRmMi1lZjE2ZDI1OWM0NmE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4C1D0FE723620E240D2840E728348CDC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2D2BC06430037984E7DA7FCBE56F73A5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 76F6EC05FF926FC452FC398D172600B4
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 5860E4D5088828FC7BEED5557A01A1B6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=gumgum
Frame ID: 6D0E66CE77253C41D80929BA62890BD6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5E92042E2990ABF636FAE15A7D46A774
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: CE8C4DC64523AC1D5FEBF8A820BD48F4
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Frame ID: 0ADDA8908903C09893EADC8ADFAC0F3F
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5657527055004491837
Frame ID: 86B7DC1946992AC5A1469270F9F28790
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
Frame ID: A9835CD6681F2ABFBE302E7FD464A0A4
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZWncz8bzbm7zKfdQm559AwAA&3236
Frame ID: AE4EA5E7E294DC363FD18CD9804F24F3
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=1ec105d6-6efc-49d5-8b92-474be54103e0
Frame ID: 93C806DAC6C76DED85195346AAD8A89F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
Frame ID: B096401CB22B16245BC1C75BDAB8E251
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Frame ID: 62A8756001BC8C60EBB5F1F9DBDECD47
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: CFB3941DBB6C486DBCACB8B89F1509F3
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: E7B127C06871CA0F635F6DB3F35637E9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 0801D316F0F91A31A800531E637EAD8C
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: ED4657132A85AC5BE793E3C17B8F170B
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7FE387B7AFF1C7BB82837FE2F0C35A4E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vaughn Live - Possibly the greatest live streaming website on the internet!

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

872
Requests

79 %
HTTPS

30 %
IPv6

113
Domains

180
Subdomains

126
IPs

14
Countries

12257 kB
Transfer

26982 kB
Size

138
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 37
  • http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f HTTP 307
  • https://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Request Chain 54
  • http://vaughn.live/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • http://vaughn.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Request Chain 124
  • http://player.ex.co/versions HTTP 307
  • https://player.ex.co/versions
Request Chain 200
  • http://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent= HTTP 307
  • https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPSQbFBvHcaWKpuvxXDBWRc&google_cver=1
Request Chain 269
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKqC6qfIQ-UYTFRL-p8y914&google_cver=1
Request Chain 271
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Request Chain 290
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWnczzs-8lD7S6IMlhHYOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
Request Chain 292
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Request Chain 294
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
Request Chain 296
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
Request Chain 316
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
Request Chain 318
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 330
  • https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 354
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Request Chain 355
  • https://ads.stickyadstv.com/user-matching?id=3684&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=39f1249259da198312c99b8dc6669
Request Chain 357
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=880adae2-b84e-43dc-b484-01e0ae796a1a
Request Chain 359
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1701436624551 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6356034667 HTTP 302
  • https://sync.1rx.io/usersync/turn/9098278066350391065?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003
Request Chain 360
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=5657527055004491837
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Request Chain 381
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
Request Chain 383
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 384
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBMXhSQhPhI2-_BLoY4ZYOQ&google_cver=1&google_push=AXcoOmQQzJoOjuoa-xGQKVqS44m2UpnOSmwbnKmbMxcGj5-qYuRguUyZo7o026zFDnFsNIgB4RP850soltd-B0VB5yhxSORegXgYMIs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQQzJoOjuoa-xGQKVqS44m2UpnOSmwbnKmbMxcGj5-qYuRguUyZo7o026zFDnFsNIgB4RP850soltd-B0VB5yhxSORegXgYMIs
Request Chain 385
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJjfp3g-S3bjjW5RQZ9NsuM&google_cver=1&google_push=AXcoOmTYekw8_6OdZG8nktDk52125DsrLl-eKUwBXdfx3H4RSWK64v3SiWWBMOHHR3fecLVRMg8xVAaQhgeHaRinArcK3fzagdz595o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTYekw8_6OdZG8nktDk52125DsrLl-eKUwBXdfx3H4RSWK64v3SiWWBMOHHR3fecLVRMg8xVAaQhgeHaRinArcK3fzagdz595o
Request Chain 386
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEMAH1xxEwqzSBZH-LTSPhJo&c_param1=AXcoOmQziaHGnkxwwdPXS44XAwDAqz9xAGJuaVcDvGCWI6z6PrnUl5LOGNV34IEEOkzJdpeNDmx9Fd5mIYC7F_Vv5SVqtfkfLGINSEs&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQziaHGnkxwwdPXS44XAwDAqz9xAGJuaVcDvGCWI6z6PrnUl5LOGNV34IEEOkzJdpeNDmx9Fd5mIYC7F_Vv5SVqtfkfLGINSEs
Request Chain 388
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK4qOePl37Kfxyb_ns7PLJI&google_cver=1&google_push=AXcoOmQKZP_XXnSR-pDf_jApWr1R66UBl-SHt-zsAQTeE_3IoF0PEzFwaMcS_ELzaTt5-JoJWd_3pIFViWTdklbwijD4ZjQn3vuq7FON HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQKZP_XXnSR-pDf_jApWr1R66UBl-SHt-zsAQTeE_3IoF0PEzFwaMcS_ELzaTt5-JoJWd_3pIFViWTdklbwijD4ZjQn3vuq7FON HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 389
  • https://trace.mediago.io/cs/google?google_gid=CAESEAtOWbJVf-moi0dB-r3bxtQ&google_cver=1&google_push=AXcoOmTVwLDzQqaxfRP9d6BO7UlTCm7au5uWHBQoQXB9Td5tZrLAdm65dJkQZ0bs_FJvQVNmWzlSPRFdrQ-oun9Q9LB5z-2aeGfIJ6H9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTVwLDzQqaxfRP9d6BO7UlTCm7au5uWHBQoQXB9Td5tZrLAdm65dJkQZ0bs_FJvQVNmWzlSPRFdrQ-oun9Q9LB5z-2aeGfIJ6H9&google_hm=9d9fcb00c3ff4f881gmz4l00lpmnfpmw
Request Chain 390
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAJhlspYRfoI6l2SR9gSRls&google_cver=1&google_push=AXcoOmQPWYa1n3FvMJsQy8YGCv57PvMdI49pTEZmn3HIVpAUfNKFGosDxCF64Hwa5IRQZWKgxf0Rv9UVsVUrsoVZJ44_WCt--rh_0Dk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQPWYa1n3FvMJsQy8YGCv57PvMdI49pTEZmn3HIVpAUfNKFGosDxCF64Hwa5IRQZWKgxf0Rv9UVsVUrsoVZJ44_WCt--rh_0Dk
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMnN7WIX0BKNVt2-dz_nlXY&google_cver=1
Request Chain 393
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWncz8bzbm7zKfdQm559AwAA%263236&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWncz8bzbm7zKfdQm559AwAA%263236&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0eadefce1820416586bfa6d08204b375 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 396
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1ec105d6-6efc-49d5-8b92-474be54103e0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 397
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236&tc=1
Request Chain 398
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5a6ba79b-f103-4544-8930-969f8cc4b098
Request Chain 404
  • https://um.simpli.fi/gp_match?google_gid=CAESEJyKNfY6rcO0V1aAFiJjjME&google_cver=1&google_push=AXcoOmRlSVIWrVeO_MjnDS-_JjdW4_5L4RWO_jIBDTRw6vFSSqgxiqepW1AQmXdi1kzcWAUZfPGQoJkdAU8z9uJ4yY0hHoefuLfYnac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRlSVIWrVeO_MjnDS-_JjdW4_5L4RWO_jIBDTRw6vFSSqgxiqepW1AQmXdi1kzcWAUZfPGQoJkdAU8z9uJ4yY0hHoefuLfYnac
Request Chain 405
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBs0hITnaT6uFYzXSKEW3bw&google_cver=1&google_push=AXcoOmQ-1snZLIZiYpXYOxR4S3he6zAg6qB7CiFOJfcFFMm0hEj_Mima5suj0_reZAUI2acAT9bCfhvOkk3XMQ5fEuiACFnYRVzMWeY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ-1snZLIZiYpXYOxR4S3he6zAg6qB7CiFOJfcFFMm0hEj_Mima5suj0_reZAUI2acAT9bCfhvOkk3XMQ5fEuiACFnYRVzMWeY
Request Chain 407
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEKolwzsHSODNneFBJhnyHfc&c_param1=AXcoOmSPL_oa4YCQsiP7rP0ayNuUglh6AWgvNjD9OrocNyscVw7saXtI0eCkXxGW3zm1pNixYSLV60ngKZQTBlntOLOIuouCvLs61Bo&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSPL_oa4YCQsiP7rP0ayNuUglh6AWgvNjD9OrocNyscVw7saXtI0eCkXxGW3zm1pNixYSLV60ngKZQTBlntOLOIuouCvLs61Bo
Request Chain 408
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKt0XZFV7gFKZZywYNyfjvw&google_cver=1&google_push=AXcoOmRLeHI7g1G3xFxzjmccscWdvI50VwaPDxzheQqV6HDaEIFMu3Zr9_1CYaE_nDUndh0Xk7BziHi3OHKcmAtWnddZ_WXtWZiA6sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=5M9D2Zf7Ws9v6PeQrP8P6bKi0Y4&google_push=AXcoOmRLeHI7g1G3xFxzjmccscWdvI50VwaPDxzheQqV6HDaEIFMu3Zr9_1CYaE_nDUndh0Xk7BziHi3OHKcmAtWnddZ_WXtWZiA6sc
Request Chain 410
  • https://sync.gonet-ads.com/match/google?google_gid=CAESELg-fhnLDMrEcqyHK-873jQ&google_cver=1&google_push=AXcoOmSQKugalAvhn0nZsslb9MXOOy4dAe7Wc_RdPOZvAYjeQX6Vg5oQZkpnIV89KDcsglC5QFd9BwJOHTz9Ybah4fB8WcvuGAIoIIQ HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESELg-fhnLDMrEcqyHK-873jQ&google_cver=1&google_push=AXcoOmSQKugalAvhn0nZsslb9MXOOy4dAe7Wc_RdPOZvAYjeQX6Vg5oQZkpnIV89KDcsglC5QFd9BwJOHTz9Ybah4fB8WcvuGAIoIIQ&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MjIyMDU0MDViZjI3MGI5OA&google_push=AXcoOmSQKugalAvhn0nZsslb9MXOOy4dAe7Wc_RdPOZvAYjeQX6Vg5oQZkpnIV89KDcsglC5QFd9BwJOHTz9Ybah4fB8WcvuGAIoIIQ HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MjIyMDU0MDViZjI3MGI5OA&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Request Chain 413
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
Request Chain 415
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 433
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFRlt8DsyxD-MXnxOxE4Ums&google_cver=1&google_push=AXcoOmTs2o1p_HQThxM9pgMYKNeLlfeHseNOxaerxGLVccfgWUrxFV28ovrJa5BJOf0GZtdlaAAozNWbokJbrpC9aXpGWlU51zyL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTs2o1p_HQThxM9pgMYKNeLlfeHseNOxaerxGLVccfgWUrxFV28ovrJa5BJOf0GZtdlaAAozNWbokJbrpC9aXpGWlU51zyL&google_hm=VIK7BHPUSpqkks9vX4iDBY4
Request Chain 434
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMBtUoufLS4X9T8cEOKsAdE&google_cver=1&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vsNZgheoOUyvt3Wc HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMBtUoufLS4X9T8cEOKsAdE&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vsNZgheoOUyvt3Wc&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vsNZgheoOUyvt3Wc&google_hm=X2pxel9hUk9Xd3d3RTA0MzUzQVY=
Request Chain 437
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRoFRWSizUuhmr6y_cT8Fws8Nf52C6XyteqA-8972YTkwylmLQRqdBCMtASAr94pZ7ldragYIu38he5ljMsJLWfa8RYclnsiA&google_gid=CAESEK_eHJ9OqtbLKentFjGd9jY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_eHJ9OqtbLKentFjGd9jY&google_hm=T1BVZDMyZDJlOTBlYjk0NDkyODlkNmYzMDVmZTdkMzViODk&google_nid=opera_norway_as&google_push=AXcoOmRoFRWSizUuhmr6y_cT8Fws8Nf52C6XyteqA-8972YTkwylmLQRqdBCMtASAr94pZ7ldragYIu38he5ljMsJLWfa8RYclnsiA
Request Chain 438
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENkIjA9web27T9v_YanBDJE&google_cver=1&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D44hls3jKjrhgX1yT4VcI2rEkRA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENkIjA9web27T9v_YanBDJE&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D44hls3jKjrhgX1yT4VcI2rEkRA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D44hls3jKjrhgX1yT4VcI2rEkRA&google_hm=Tmc5TDd6eTF5NGxvQUppY1EycTc=
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 452
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Request Chain 454
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 459
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=40138400096789704444554012525026&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 461
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478
Request Chain 463
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOnqLbVBZTUPY0HWTPNvbc&google_cver=1
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEC7D_3RCSZ3V1CrOmEfq6Cs&google_cver=1
Request Chain 474
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEITEcPgt-cd4nN9jSbaNu1A&google_cver=1&google_push=AXcoOmQqvrO5lVGJO1uusvcGk7tNSjs5ncZflbp5y1aJMEI9ZYpMY0DcmM03su6oGXkd1pA3zb2oqQITrH8lAyfqeq_Zj-ytSR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAyNjIyMDQ3MjMxMjQ2MzEyOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
Request Chain 476
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOODKMw-bzLwZg-skwAHiFY&c_param1=AXcoOmTuqJUIEYCu-EyPlt74G29BL6SfpvfbbGO0EWo5YiN2lIfxT7uyTiY2qa6GYqV5gRALzeekL-xghixUctaa8s5a2ReQxUwq&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuqJUIEYCu-EyPlt74G29BL6SfpvfbbGO0EWo5YiN2lIfxT7uyTiY2qa6GYqV5gRALzeekL-xghixUctaa8s5a2ReQxUwq
Request Chain 477
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBxQEtvm9T8Pso10nm0WMuM&google_cver=1&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O-Q7-dZg-McC-HF9Jnoci-N HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBxQEtvm9T8Pso10nm0WMuM&google_cver=1&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O-Q7-dZg-McC-HF9Jnoci-N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwNjY5MDY2NDEwMTcxNjkzMA&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O-Q7-dZg-McC-HF9Jnoci-N
Request Chain 478
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGJCKvliqzkZDjFclGAIVpM&google_cver=1&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-YzDb7xzFugDCXZU HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGJCKvliqzkZDjFclGAIVpM&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-YzDb7xzFugDCXZU&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-YzDb7xzFugDCXZU&google_hm=TXBrbGtTQ0lUQjhJVXNRNzZmdHI=
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPxxfz6_Lt3lBlQrgLASYqw&google_cver=1&google_push=AXcoOmQ5uoFjX296Ye3GPYipQ5iUmpIJadYBq_UcyfrasfqlqpvBH2FDwLH_Nwm2Lc-Bui9mUGvBcRiiUBG3KBo7Q1ehDUUDPEZG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNTkZPN1YtMUotQ1Q1MQ==&google_push=AXcoOmQ5uoFjX296Ye3GPYipQ5iUmpIJadYBq_UcyfrasfqlqpvBH2FDwLH_Nwm2Lc-Bui9mUGvBcRiiUBG3KBo7Q1ehDUUDPEZG
Request Chain 545
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 546
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 547
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Request Chain 548
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 551
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 552
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 553
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Request Chain 554
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 555
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 556
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Request Chain 558
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Request Chain 565
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEITEcPgt-cd4nN9jSbaNu1A&google_cver=1&google_push=AXcoOmRobeGunvZ3aVtUE4_UHYF5_PRdQ6rrrLAubJ1PLT3kUVE19ceFKiVnTYlY7HbBv3bXUT4ADduZ1YGU3oWlkaX_uqPO3xDwyd0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzExNjY1MzMzNjI3MjI0MDQwOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
Request Chain 566
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELJLRXitlJDu5se8Kxq_FT8&google_cver=1&google_push=AXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJLRXitlJDu5se8Kxq_FT8&google_cver=1&google_push=AXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 567
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKZEsNDG9E9lgTmauLGPZbk&google_cver=1&google_push=AXcoOmQLjrARgOg0uL7JyS-XgfQTtTHcWUwcpIDvQQw89I6RJu8jPh_r3PVue5Y5LVelucmL8HuKWRsYf9_C4ZayNtKHXb2sgQ1-pgno HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLjrARgOg0uL7JyS-XgfQTtTHcWUwcpIDvQQw89I6RJu8jPh_r3PVue5Y5LVelucmL8HuKWRsYf9_C4ZayNtKHXb2sgQ1-pgno&google_hm=VIK7BHPUSpqkks9vX4iDBY4
Request Chain 568
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHOIDVnoCHM9AD3BLmdNxV8&google_cver=1&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLwazK38c54 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHOIDVnoCHM9AD3BLmdNxV8&google_cver=1&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLwazK38c54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLwazK38c54
Request Chain 569
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOODKMw-bzLwZg-skwAHiFY&c_param1=AXcoOmR20nnQIobXrpqloFN3onF7P-tF-hcWjFnFEQEew9b8dgbKpT3g75M8cni-hFi9L2zqal3W0jbv_ekOTSgL93tp2qVS543Yu3o5&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR20nnQIobXrpqloFN3onF7P-tF-hcWjFnFEQEew9b8dgbKpT3g75M8cni-hFi9L2zqal3W0jbv_ekOTSgL93tp2qVS543Yu3o5
Request Chain 570
  • https://an.yandex.ru/mapuid/google/CAESEOUZvdJcdNMDBJxDQbxrvVw?ext-param=AXcoOmQk8rROh5Sp-Pg72VN_DbTzEMd2uGVFi-cqm0vZqdCW4NMUYvRnJKefAI8Trt6Jf_vFFxJydsCpw-A_6di3R8HJXE7k48TTBnhZ2w&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEOUZvdJcdNMDBJxDQbxrvVw?redir-setuniq=1&ext-param=AXcoOmQk8rROh5Sp-Pg72VN_DbTzEMd2uGVFi-cqm0vZqdCW4NMUYvRnJKefAI8Trt6Jf_vFFxJydsCpw-A_6di3R8HJXE7k48TTBnhZ2w&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOUZvdJcdNMDBJxDQbxrvVw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 571
  • https://trace.mediago.io/cs/google?google_gid=CAESEPPuIDnHdlohkKLup0dk5ks&google_cver=1&google_push=AXcoOmTvScQNKug1s9OhbrGTKjxBkk4XFD5Cgd3iXz6EafFGXK34Bsgr-LedojdAE8PmQdZp9rPyyKzOs5d-SiKdGxv6nE-l4LpViLZuyg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTvScQNKug1s9OhbrGTKjxBkk4XFD5Cgd3iXz6EafFGXK34Bsgr-LedojdAE8PmQdZp9rPyyKzOs5d-SiKdGxv6nE-l4LpViLZuyg&google_hm=9d9fcb00c3ff4f881gmz4l00lpmnfpmw
Request Chain 579
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMWAlmyjD_1_gTupZE25ubw&google_cver=1&google_push=AXcoOmTqwXu1JIH4fgEGcNl_8-8O0_OzvXMSJiH2MVZHmHDfRmEf2u1WrgVK0k1RKCZLhla-hoSrNI_vpCXvwXhJ4JuifyWpiEg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTqwXu1JIH4fgEGcNl_8-8O0_OzvXMSJiH2MVZHmHDfRmEf2u1WrgVK0k1RKCZLhla-hoSrNI_vpCXvwXhJ4JuifyWpiEg
Request Chain 580
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHudgbbOu5n2La6rLeEzBEM&google_cver=1&google_push=AXcoOmQgydSrSntBX8ip7rXL5j5BoKkHfphsyifRMLAEykIW82DIANeNIQCCAFB4Pzyy6GNspg8_C4URF5Pzhjn1xCfbI67Vu79c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgydSrSntBX8ip7rXL5j5BoKkHfphsyifRMLAEykIW82DIANeNIQCCAFB4Pzyy6GNspg8_C4URF5Pzhjn1xCfbI67Vu79c
Request Chain 581
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPEM8aSf22RTUVl5u5eqFGI&google_cver=1&google_push=AXcoOmQQWg0HPtyEZWcJcqvhY2h6dpYuUMaHisXpu3RNvJm6nwjvo7WK1ctVanYEtHeolWJrgj9om8vjmFqZlvNGnaK0twQOBwY2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858738488&us_privacy=1---
Request Chain 583
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKserQ0NT6eWUK_7H8g4glo&google_cver=1&google_push=AXcoOmTyNmE7r5yE6G9jHxZqw21CPcCH48xN_BA__0DLBvf1RNmAMjg-clPa_BFL3ICwqtpjEanzU25G4kOnP8NigqVR43jFIAmO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&mn_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTyNmE7r5yE6G9jHxZqw21CPcCH48xN_BA__0DLBvf1RNmAMjg-clPa_BFL3ICwqtpjEanzU25G4kOnP8NigqVR43jFIAmO&gdpr=&gdpr_consent=
Request Chain 589
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDxnS6VYdrodpEUF9ea0lEs&google_cver=1&google_push=AXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxnS6VYdrodpEUF9ea0lEs&google_cver=1&google_push=AXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 590
  • https://um.simpli.fi/gp_match?google_gid=CAESEPwNL3ca7oxOGl9uETl7MG8&google_cver=1&google_push=AXcoOmRGQViv3wv0lDLvFRFBzHAN3Q_1iASW4ixtvF8gxneCkgPp_U6zRev9mykL3a7Vl4DCO_mvXh3PB6KNvofdEf1C20GLXyqbEwc3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRGQViv3wv0lDLvFRFBzHAN3Q_1iASW4ixtvF8gxneCkgPp_U6zRev9mykL3a7Vl4DCO_mvXh3PB6KNvofdEf1C20GLXyqbEwc3
Request Chain 591
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENUG1BOV2E-RXCJgUPxEQjk&google_cver=1&google_push=AXcoOmQ35vg__w5fh4oxADxG-dDp4P6EVj2F1zRu9rwJGCJeC3bjgoxbWGOTqO2aMwwS0PFS0WH83KSAWh6UlN9P8dX3SozCceXjx1BK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858823460&us_privacy=1---
Request Chain 592
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFcsAGgxATJO1iMcsTIY760&google_cver=1&google_push=AXcoOmS9xPk6nVzbmKfNdKsLcpsSw5YT3ieyRZ8zsWWIM0CSU13DkXsaU-d4rMaxqA5qtknP3Y3G13wPC-j_E8o4tUpid-8acFuIeQ_J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS9xPk6nVzbmKfNdKsLcpsSw5YT3ieyRZ8zsWWIM0CSU13DkXsaU-d4rMaxqA5qtknP3Y3G13wPC-j_E8o4tUpid-8acFuIeQ_J&google_hm=eS1BWkhJQ0lCRTJwSHJLaWFhOFdVd0dWV1lsVWJwVUxoeH5B
Request Chain 593
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECEvl2dc4VfjZwSK7V5v1-0&google_cver=1&google_push=AXcoOmTAL_kHDAnoJlfGpMkozDXYf0DZ0ogZZ98wO7vPh1GU5Ga4KUjgzxGz__3xCN95Ttef2DOEs2kh6EQb21tabRFMAGaXRMPPdY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAL_kHDAnoJlfGpMkozDXYf0DZ0ogZZ98wO7vPh1GU5Ga4KUjgzxGz__3xCN95Ttef2DOEs2kh6EQb21tabRFMAGaXRMPPdY4
Request Chain 631
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=97648300114709504444554012525029&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3356614728
Request Chain 668
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELSXPzY2vu0GIEuK9x1syBc&google_cver=1&google_push=AXcoOmQLB6sr4jwxuWFzvLZT7nSUOmkGluvzgFgrztM_Ktil3G6MtCZu054IIYL4TjpIcc-flXqVehLwfVv5kJC1Sju2rphmiRN5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzExNjY1MzMzNjI3MjI0MDQwOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
Request Chain 670
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIblLejTBSq9_iFYZoCJqi4&google_cver=1&google_push=AXcoOmSbKOL6vcRgmDTdvAiN3eVnMdmUhOsIZnp2gMkx0KahGYJpC0MYd5ULZPEuK8802YhwiBUwXwLD5EiZdg45YaRXF7-qtEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmSbKOL6vcRgmDTdvAiN3eVnMdmUhOsIZnp2gMkx0KahGYJpC0MYd5ULZPEuK8802YhwiBUwXwLD5EiZdg45YaRXF7-qtEA
Request Chain 674
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOOGDOPZZFGHGoudL8Tdj0g&google_cver=1&google_push=AXcoOmTGU-H52nW6QvJfGunkjcTtak4xX6w7Z5rUihY1PpiFgC0-Qw_wZGOX0Ublv8JqFIU1lEbRVctvRCymkgrN_iOKARd35-aRDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGU-H52nW6QvJfGunkjcTtak4xX6w7Z5rUihY1PpiFgC0-Qw_wZGOX0Ublv8JqFIU1lEbRVctvRCymkgrN_iOKARd35-aRDA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 681
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=920184&produktid=girodirekt&dt_url=
Request Chain 738
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPaDxq2p7oIDFSmY_QcdeXoDDQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Request Chain 741
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1701436625_ec7658f0-904b-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 749
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 754
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5657527055004491837
Request Chain 755
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Hv5dsRZHEuMUsCk_RyuTHmln
Request Chain 757
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=19691427
Request Chain 758
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084928632915245
Request Chain 760
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 762
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-9e4a492a-341e-32f4-aef6-f6905a5d23ec
Request Chain 765
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 772
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6487503489310055869&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 775
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4245d9b8-491d-43fa-8949-df6b3e3ebe89&gdpr=0&gdpr_consent=
Request Chain 776
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWncz8bzbm7zKfdQm559AwAA%263236&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3116653336272240409 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0eadefce-1820-4165-86bf-a6d08204b375 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db45f2dd8-9734-4e6b-b334-61e7609692f2%253A1701436626.6676922%26_%3D1701436626.670165&cb=1701436626.6701968 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928632915245&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db45f2dd8-9734-4e6b-b334-61e7609692f2%253A1701436626.6676922%26_%3D1701436626.670165 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&_=1701436626.670165
Request Chain 778
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5657527055004491837
Request Chain 779
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=39f1249259da198312c99b8dc6669&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1031_7309306953232341845&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAB3DU7K07oAABORdvDpVw&dataProviderId=817&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Request Chain 782
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKFoyaTTSzOzVqufNEeJ1qM&google_cver=1
Request Chain 791
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5657527055004491837
Request Chain 792
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=mWcOA8sxXAqCNlwCymAVCc00CguCZlwNnTAt-qhK
Request Chain 793
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=3f91a1e3-ff61-422e-a03b-d7e78e1828cb
Request Chain 794
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e4cf43d9-97fb-5acf-6fe8-f790acff0fe9$ip$178.162.209.142
Request Chain 795
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PBP77MBE2pf88nHgrg7AbjO8TgCJT2YeNSTH~A
Request Chain 796
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f6c820f3-c84b-4ef5-97ee-296c59f393a2
Request Chain 798
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=MpklkSCITB8IUsQ76ftr&gdpr=0&us_privacy=1---
Request Chain 799
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=3ba0yniQf0A4&ev=1&pid=558355
Request Chain 800
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6487503489310055869
Request Chain 802
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=8106690664101716930&gdpr=0&gdpr_consent=
Request Chain 807
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=gumgum
Request Chain 808
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 814
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Request Chain 815
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=5657527055004491837 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5657527055004491837
Request Chain 816
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
Request Chain 817
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZWncz8bzbm7zKfdQm559AwAA%263236 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZWncz8bzbm7zKfdQm559AwAA&3236
Request Chain 818
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=1ec105d6-6efc-49d5-8b92-474be54103e0&gdpr_consent=null&gdpr=null HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=1ec105d6-6efc-49d5-8b92-474be54103e0
Request Chain 821
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 863
  • https://gcdn.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/79C14D4B5D196D47E6E7EE4AD7F512C4E7BC7925.74D1FD4A0A333E155641A1A554409EDF8F5DDBE2/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5goeenez.c.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DEA7364496289A869B0591537B813CADD2FA0CA.326E359E0FFDEFF581DB2923B4F8102C6CFBEEFA/key/cms1/cms_redirect/yes/mh/WD/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5goeenez/ms/onc/mt/1701436356/mv/m/mvi/1/pl/57/file/file.mp4

872 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vaughn.live/ 		299 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d4908b6bd72e0d38f577ae482679f55a1044c0581de02a3ecd46c261ce8f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82eb9ba28855bbdf-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 13:17:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy
no-referrer-when-downgrade
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4y8s%2FrsBIaCacOFPUiHgNwan5bbf5Un9VqBXlt09AVyRrumK2oyxUs4Nfu%2BKgGEO8SvuNOsxMDkGYoRRc5RyLnueCxWSsLK4Nx39qNLCPs4Ohyetf3HCiZyKjPjPshphmwA2lSHuZah"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
VS-Country
DE
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
didna_config.js
storage.googleapis.com/didna_hb/vaughnsoft/vaughnlive/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/vaughnsoft/vaughnlive/didna_config.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e883e20b63b7a8ec0708dee462e99e7380153f8bad2e52cd89ff42f3dd6d4cfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:01 GMT
x-guploader-uploadid
ABPtcPoI_tRKCM0Qw_z9xTfau--EGt4YHrKBw3pZnSoOOD3j2aaDUVOwDTvhMeZKFceUsIydrxs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24612
last-modified
Tue, 21 Nov 2023 12:51:59 GMT
server
UploadServer
etag
"0319daae2d74b035e70ba4b388330c8f"
x-goog-generation
1700571119162343
content-type
text/javascript
x-goog-hash
crc32c=r6jGPg==, md5=Axnari10sDXnC6SziDMMjw==
cache-control
no-store
x-goog-stored-content-length
24612
accept-ranges
bytes
expires
Sat, 30 Nov 2024 13:17:01 GMT
vsm_65.js
vaughn.live/1701436621/js/ 		862 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/1701436621/js/vsm_65.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dcef9c467b71658562934ddfb715ac04ceef9828b08557fbe27587fdabae82d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 01 Dec 2023 13:17:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21XKzDdSTBpQaElH7AFQF0OPjqjEQsqldow0YvTJuIa3JUeMs3P50J0PVBVMU3TUVY1KYsQ8ZdJuL3rPeGC5PzXlUsmS0JZ0%2Brd2T3mSeWI95ZdxnVZYyGUyKYOIVV2G1WztfFKvukSZ"}],"group":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
82eb9ba47af93663-FRA
alt-svc
h3=":443"; ma=86400
simplebar.min.js
cdn.vaughnsoft.net/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vaughnsoft.net/js/simplebar.min.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3839c9af234c82824b16c4e9e9349edb815a632bc24565bfb062bcd325e06a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:01 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Sat, 08 Jul 2023 03:56:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a8de85-69b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yGEANIviCuwAKCFtZ1bi8GtZ7p4T2n05ESzY%2Bw1Vp%2FX3o08eLqAKU4MKCAHBcPOSNdCg5apVqM%2FKpaEleDDg7LrX9ks8ZPpjHGxzEDlJtEUgdq4VNl%2Fo%2B6JhhSdTEWATGNTbC%2B7AftDSuEkzgiclQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2073600
cf-ray
82eb9ba49db0bb85-FRA
vsm_65.css
vaughn.live/5102997120/css/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/5102997120/css/vsm_65.css
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
129ff67f9a62a38c937c9d2193e82a64a37ce14b899a06041347a0c5afb77231

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4044
Cf-Polished
origSize=80360
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Fri, 01 Dec 2023 12:09:37 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyiSNCopEI7ATnB5hkq49MRmttPu2MydNG23TuobmPT2X%2B6F2UdoiSm6fk5LPebHJaByHxi8uJwHUnzAbunTHCc0sY4wuB7qCdyTxTSlrU7mP87KSG9NLc24wf9mXYKP4NPHlET9ZsfQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css;charset=UTF-8
CF-RAY
82eb9ba47dbd6958-FRA
js
www.googletagmanager.com/gtag/ 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-92S0CM3WMK
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
341ca27d168d2a7a86f0a120fbd1c401cdbc8af818f3d9326c54802d677540d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89017
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 13:17:02 GMT
vl_logo_antenna.svg
cdn.vaughnsoft.net/img/svg/ 		429 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/vl_logo_antenna.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76424e4ddaa70b951475c72a21dea37eaca9a79cffd1dc7835a1b92707c5a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 06 Feb 2023 20:00:48 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"63e15c70-1ad"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTjzgWvVT7ui2%2BI0XoQ3F3Gn88hqSOcFLY3NK0SyaNgD3GdhPh7xwQ%2F80tNRNpOAEQGUHnXjnwHN9%2FsXasxGqgcYPr9XdrTBZRf2aI2PQ0p7b5tQBBCVIhQP39X0Sy%2FaWS9HptU9wDtGxVfA8pQB3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9ba49be10bc5-AMS
facebook_logo.svg
cdn.vaughnsoft.net/img/svg/ 		434 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/facebook_logo.svg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0c77a8b0488db4dcef92f68c561ce9484dd719273ab81f808bfe13e7da5593

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Feb 2023 21:18:33 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
516
ETag
W/"63e16ea9-1b2"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5SMK3MwFzWnsd2vfR7w1qCFuK9BufqMbPJOCfDWmgVrfh45y6zG%2BDjjvCoxdKwuSs3pieNKPsuKI7iOdifq%2BlL95EFeyw7bBQUK%2FYcYTctwAEGYXyzrs8%2FdV%2BWC1di4N6wgCCY5QS49DU%2FdIt5k%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9ba5ed4f0bc5-AMS
twitter_logo.svg
cdn.vaughnsoft.net/img/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/twitter_logo.svg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0cc3219fd17498b4a8960f4f0a39063ba032bd80702f141e22121c97414b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 26 Jun 2020 10:10:06 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1639
ETag
W/"5ef5c97e-451"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErB2TGvMgTuOOg8mQYoH1E%2FcNpc7wNFQa5g8LJYOGBbA%2BYSCFl9DM5Ye6FaK2c0npCQf0ygRYuNRbVqEwYdoJ0TATJMNGUbr2gtb%2FFWKa%2FRcpUAVJHnsPQnSwy%2BFY3pfLbNZ2pZzhEph1jPPQL3YJw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9ba5fdf66961-FRA
-4
vaughn.live/ 		11 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vaughn.live/-4
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
gzip
Transfer-Encoding
chunked
VS-Country
DE
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64hgqXBR0wH8VonVuCumcSK45uXaEvUDT49Ret6KPe6k9n4p1UU66Zhv0SHJfO4aUJ%2BWxeZ7y6jcXd6nuFs7qbU0KtZr32aCPHbIw5SQvU8tKdt%2FaXOtbD8z3caEYczpHnrIogBp0JgC"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
CF-RAY
82eb9ba61f436958-FRA
vip.svg
cdn.vaughnsoft.net/img/svg/ 		338 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/vip.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
410ca934646966e1ba2a979f30398ff28330d7af5b31558e34f60230fd4984a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:01 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 10 Sep 2021 18:50:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"613ba8f2-152"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6w4oYveiBCBNBrAa%2BVXZhqBK0R052h8z%2BI4qJEU%2B3dzp%2BlBGvMPcOT98mJrnvqLiTeIlA89XhyQlpU3yx3ll6pmE1HWidYxDuKRoIefeepQX62Q1hF9ivkBm63OYbzRxL3O2qCjQzgqez5pQcXcK7w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9ba62e176961-FRA
nav_camera.svg
cdn.vaughnsoft.net/img/svg/ 		293 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/nav_camera.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dc1fdf44d1c37bb37d5d89c6723654d53120e12e33d1ec8394710c5d9f71f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 13 Jun 2019 23:53:54 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5d02e212-125"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xq2VvEGb2VcJodJd38DRZFc6Eh0Sinf4gy6GdgK6BBOdCxZwuBvijwW0UgZPaB7K93a3T0x%2FZmFYaHZGZ%2FI%2FjbhqFrH693Ju2uVRFja26kJYFuJh8ky5YrNEU%2F5xH11QJ3REqSLtpUEBY2tkdM%2B7hA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9baa2a026961-FRA
settings2.svg
cdn.vaughnsoft.net/img/svg/ 		276 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/settings2.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb57accc979a5269134e59b4b2834d5104413d163d34cc62056e9a4f9c7d0b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 10 Sep 2021 18:43:13 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"613ba741-114"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eTarx1lJLD0ayCTc9UHCOPfO%2F2oreL2c104VeEuibOP4gSoEq0YcJ2FOVRKuT2EsM1zsZdYXtQJr5w9y8N9%2Bjs4zErcpZaLMtxRr9VZI9HYsXC5nM5blobITWkdZ%2FkMH%2F86BRnJBenS4QmuQACGXw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9baa6abb0bc5-AMS
photo.svg
cdn.vaughnsoft.net/img/svg/ 		343 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/photo.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68478016ead78848ff67baf34c06b51dc5a2e92bcedbbe1a5e28919a31c81c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 07 Aug 2023 03:56:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"64d06b50-157"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JatB1nn3%2FTuZImEfNV%2FBLhMyi6VWIGzRuFgPUqPc59aXxBFFiOCguIo19PljOXcsOCZYGfwEH7aDs%2F3PZcLRzcyo0eBrRwnIbIFcIUqEXWHDMghwi35efqvspar7w1mRHYs4wFJyqW%2FN44Cfhy6T4g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9bab2d91685b-NRT
stream.svg
cdn.vaughnsoft.net/img/svg/ 		328 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/stream.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e3273fb1bb9e4f2dc1dd97a83476862b0b17b2d2dc319f1c741770029cb914

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Mon, 07 Aug 2023 03:55:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"64d06b2e-148"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Brl7MJEEAbIf4Ub8tQckObQYfpmoFTuNu4yYJ6X86%2FxNrBj2WAU%2Bb0Hc6tJ2ILz0N1dKTGU4bg5M9TOMbchniWN6fimADeBkrVvcNRg2%2BzLbGa0v8J1swTVXxV2k9y5MFlgMO7s3zbeE3QXdPHKNSA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9baa7df09191-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86e8b4db6ab5a08f086e7fd1e03c83a14ac4f75102fb1e680ff07b246d5417a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30279
x-xss-protection
0
server
cafe
etag
240 / 19692 / 31079856 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:02 GMT

Redirect headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
X-Content-Type-Options
nosniff
Server
cafe
Vary
Accept-Encoding
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Dec 2023 13:17:02 GMT
c77371a0-dacc-44ae-b211-c3c15aa0bb84
http://vaughn.live/ 		594 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://vaughn.live/c77371a0-dacc-44ae-b211-c3c15aa0bb84
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
80789371-b351-4340-825a-1cc2590502c7
http://vaughn.live/ 		699 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/vaughnsoft/vaughnlive/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
192618ad-15dc-40a5-9c1d-13ba277962f8
http://vaughn.live/ 		140 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:http://vaughn.live/192618ad-15dc-40a5-9c1d-13ba277962f8
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/vaughnsoft/vaughnlive/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25db3e6f4e3772b34480f4b512f426ee4e546465082096e5dbdccb28e1c3760d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
143002
Content-Type
text/javascript
person.svg
cdn.vaughnsoft.net/img/svg/ 		266 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/person.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ac09112012e045381757372ef1d4cb5496b2803df257f39a8356d597640185

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 10 Sep 2021 18:44:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"613ba781-10a"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmoKuHRKGiu65mP%2BD936vRDvc4N7nUV5mr7FWymI4UXmXEqtXVtapJUAHhxXpMl52LphAAOKAxO1%2BhXfNsnZdOll7g5Rsn2L8EzcyjvtaZWhIa8Xe%2Fa35zGGRliXgpO5xvMHmeBELt9VFMv4pjaa2w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9baa78f3913c-FRA
logout.svg
cdn.vaughnsoft.net/img/svg/ 		256 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/logout.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba97737c97baccd6d0e614fe93d9b895c3459ff09198dd756d9adee6d11251f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 28 Apr 2023 03:00:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"644b36c9-100"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1ojunZPip5cAjrBiKqfKTDHq0vNVrvBnuVNLRll2fj4HOhRQz5Hhlq4OYh82N%2FFHOBi5iwrxepBYj3420nsPP5uifLZlluuCJlsnPLbrNozkg71DTiiaxeqe6obPR8nhhG08AuCc9jPzKQfZDIntg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9baa7a121e5b-FRA
vl_logo.svg
vaughn.live/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vaughn.live/img/vl_logo.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117c4a273c77027ecbee0889209f397df4906040156bf9e70dd18dc1f4e05c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 13 Nov 2022 05:00:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"637079d5-96c"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yy5vSMwsvrxBKo%2B4oCI%2FQOEhdNZLz3aGIfymEkR1NWI4DLdRGVrHYNvni1Nzb9WSoSc1L6X5KVQbPSkvVZlQNUt6d1hf4Wq43%2Bb32Fwy5tsPHuTeUaBCKquMRZMA7MZY79umsTCyCq5u"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82eb9baa69c8bbdf-FRA
alt-svc
h3=":443"; ma=86400
vaughnlive_v9_icon.svg
cdn.vaughnsoft.net/img/ 		459 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive_v9_icon.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a763d7a3c715a28ca9299ba2ae4fb72b784be1cee5921d1736244e5c6a9ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 15 Nov 2020 13:11:49 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5fb12915-1cb"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fauPH8aPY985JT2LvmupLrRlxDIwGg5vWZ63Xy9c9ujc9ulNOlHyQvbB2NS%2FHP%2FEtiKUQ8rSdy0cDhBLmwE5PO4I%2BxDuiepjSHBAfetI5A9ORnaYK4%2FJIR4bHr1PPvskqV%2BKZk34wLXMGpifSzxAyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9babcf3a9191-FRA
nav_browse.svg
vaughn.live/img/ 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vaughn.live/img/nav_browse.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9e7bed557c9d31dc3003aa8588bcd00644d699713dab19721492cf79f61ded

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 13 Nov 2022 10:25:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6370c62a-3f1"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ur%2FbSolhRY8rmn6esK0xhIwaGg7hqiNnsR%2BFq9YAjSF4tUJrtTQ%2BMV9UStsacdubAbv1UR%2BRHqkd%2FpuVbOQwjOHfugh82QJfDBs8EcKJ7DuQK5gJHAG57Bxvpk%2F5Fe2L%2BgQx%2Fte0C29y"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82eb9baaadca71dc-FRA
alt-svc
h3=":443"; ma=86400
nav_camera.svg
vaughn.live/img/ 		273 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vaughn.live/img/nav_camera.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8ee14cc36ccbf37184694e79690ec305a61efd0a3f1eea24a435249e5cf337

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 13 Nov 2022 10:32:21 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6370c7b5-111"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbefKX0K4aiGZzCGE%2F9wJtw3t4tnviT3zKtU3kVVOYKVPjJDmeLE3N0z00PdVqhWlGJXNOywfgCBdoNzIbLkcCOt0FzUDaHWxSuULuRfUUo8%2Fy9XgSfQMSeDl1yYRubAZNNOaJdaTQWj"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82eb9baaaf17bb5f-FRA
alt-svc
h3=":443"; ma=86400
fullscreen.svg
cdn.vaughnsoft.net/img/svg/ 		235 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/fullscreen.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa69e70b1259d8a63ed3f7d5f8cc67888fbe5653a606f66bb0a09e474dd5986f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 30 May 2023 01:36:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"64755323-eb"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wT3zaRY3K35Qr19faSElTnRKa7ebys1wh%2BqGioR4cdh1biE%2FVNE2WHY8X%2FdjMBjS6%2BrSSgFo8nkKF%2FDY8mFnSbW7SLixiIRd9mofMVADNR9F3SoGzjUs1oHE7k6RVZWofQ5fTohDcVmmXPHqWKnWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9bab7afa6961-FRA
nav_signin.svg
vaughn.live/img/ 		324 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vaughn.live/img/nav_signin.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e768aa75bd27d127c84b47f8df3f29dc75ca9322d84938690691ca04f7b07781

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 10 Sep 2021 18:48:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"613ba884-144"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf3lApR1jTbeuUHKBeQQWp8ts9IMzSEBcthTFsaV6KvtPapQhdStu7ERSdAyj%2B1%2FEg2HlUHNnjUO04ApRL9KpT8VrWp2XJoOBtkidDG1TjxrJVZjPpkHcb35CagCCljI3wiFPFNvfUsJ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82eb9baa9a423663-FRA
alt-svc
h3=":443"; ma=86400
nav_person.svg
vaughn.live/img/ 		266 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vaughn.live/img/nav_person.svg?1701436621
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ac09112012e045381757372ef1d4cb5496b2803df257f39a8356d597640185

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 10 Sep 2021 18:44:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"613ba781-10a"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLm%2FNperMTA08%2B4NLSfNuR1Z%2FVTgHGhrLXVdWyU0OyWsvTOtRG4MzI6f1dN4CHnlJzdgv%2FUk9jPiIw4YjYnOz4zqEGo8pkkrhRvlCABvUyxCADx58g2S70ts8LlZU0eSygAG8F%2FOr6cg"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82eb9baa9c5a6958-FRA
alt-svc
h3=":443"; ma=86400
menu_left.svg
cdn.vaughnsoft.net/img/svg/ 		285 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/menu_left.svg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c6afebf3990e09354b0c4da52ce1caf384cf9e71fef2dce2e8d4844c5c1f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 04 Jun 2023 04:38:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
516
ETag
W/"647c153c-11d"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHb0XqYxzsMiTlPEBGWNREDsOeS4YwHoQ1A3OLm%2F%2BJJA9ozFahyZkdvOhU1mhxk4qMMgx%2FkjRfCDb6%2Fm8WqlJryfOAFGDsyRyzTbwCYrqcePRVWOhqZeQRWg8G%2B4Ik7IyUtc1jWZQm464C74ySDWcA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9babcc150bc5-AMS
menu_right.svg
cdn.vaughnsoft.net/img/svg/ 		283 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/menu_right.svg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf451bca9f8d272d8a4a0a7bdabfe80a2b1b233a47f4ad8d8442f179d42ea667

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 04 Jun 2023 04:39:59 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1640
ETag
W/"647c159f-11b"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR6B0Uqs1O8TkqsIQhO586SypoKHznIn%2FXU603G3GOSC%2BNeH5bghHKsRbomLtsAq8XAuSLVHPdHqj81q%2BVwZOS%2B1W5qL%2FoGrmBLFZ60B7Z9gd6YsgFXo36B%2FpPZUJ8%2BM73ZhnZwBKPjbvGQaJZFlnw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9bad6c7b6961-FRA
trending.svg
cdn.vaughnsoft.net/img/svg/ 		228 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/trending.svg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c26ff321c94828180182782292a54d4a759e8d80d2cbfc26c848e457f9f8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 09 Sep 2023 00:44:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1640
ETag
W/"64fbbfd7-e4"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEg3rGm1BYHPvF7sL1knKf2lerXS7VaJynsbr1prsUbG4Ic5U9YXlaOpHhHKeSQEU5YWZSCzDc5IFIedNtVTA4uoBHmkt6G6IPU8mqHqlmqWp9sfbr2L0tihR0jvAqvfKcBPn0yFRlFYtZWu6ESBbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9bad8c986961-FRA
vaughnlive_logo.svg
cdn.vaughnsoft.net/img/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/svg/vaughnlive_logo.svg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87ec2f6623598f660e9a9050d6163eecdfcba392b3a8a5465792b0193e03156

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 12 Oct 2023 19:04:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
218
ETag
W/"65284321-4d9"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1LVRsRE0mX4M%2FvJBpyB9RKgQroMCj6KneEiN4nwXKGsxS%2FtCGSsKzwbhkSfcEdh0Jr6%2BONiebJqlvG%2F0blTHOvcemyqR7SQfg8Yn8GsSe7ZXYX4nNZA2yk8QBmdEN3RWWMjxxmvl11E8ybs7T9YZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=2073600
Connection
keep-alive
CF-RAY
82eb9bab6ae56961-FRA
sapi_v9.js
vaughn.live/1701436621/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/1701436621/js/sapi_v9.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b24ed5e5fe821b5c78f3061ad73d4bcf182bc13559708f48f9c80c25935115

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 01 Dec 2023 13:17:02 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnxgUmXuYuyhwaUuLWOqrBdVTUQ%2BV99GYsiA8BJWq3FEGu9SlL4bAGDgh6GWidE%2BDJsMpDdR6Xq6uMpDje1IegVrHvgSqsbDNsu0o90Qm8uRwEmspA3uc07XKMJdr8FW%2Bn0Azt%2Bl6Jo7"}],"group":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
82eb9ba8af7dbbdf-FRA
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
http://vaughn.live/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
82eb9baae8dc5c32-FRA
font.php
cdn.vaughnsoft.net/fonts/ 		54 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.vaughnsoft.net/fonts/font.php
Requested by
Host: vaughn.live
URL: http://vaughn.live/5102997120/css/vsm_65.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782ae3c45aa5ebd473c579847871a349ffa32e30b6715a9c2e55a3409be1be12

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/5102997120/css/vsm_65.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xfoz8sFqfPWM1lssQ%2BcajhQbwz1q8AqPyDxtUR8uCz9%2BVuFCIhD%2FmrJruMZrA%2FOBUQxmTbMPo4pmMECCb5Xx5hk0dab5AFnvotwvahyjY65pWwNXwNEx%2FsZw%2FT6eQ3RFZ9pAYL18PL0s4redYLvGng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cf-ray
82eb9ba8eb9ebb85-FRA
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-92S0CM3WMK&gtm=45je3bt0v9119025529&_p=1701436622421&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1641055854.1701436622&ul=en-us&sr=1600x1200&ir=1&_eu=EA&_s=1&sid=1701436622&sct=1&seg=0&dl=http%3A%2F%2Fvaughn.live%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1265
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92S0CM3WMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-92S0CM3WMK&cid=1641055854.1701436622&gtm=45je3bt0v9119025529&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92S0CM3WMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-92S0CM3WMK&cid=1641055854.1701436622&gtm=45je3bt0v9119025529&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1592633140
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8029a89b-2992-462d-85a0-d709d2ee200f
player.ex.co/player/
Redirect Chain
  • http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
  • https://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
563 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3efc3794018834e00311554c46ee0abe573bc94f56a8e727579eebeccf53274a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 13:17:02 GMT
via
1.1 varnish, 1.1 varnish
age
5513
x-cache
MISS, HIT
content-length
183739
x-served-by
cache-iad-kcgs7200082-IAD, cache-fra-etou8220064-FRA
server
nginx
x-timer
S1701436623.782181,VS0,VE2
etag
W/"8cb02-AYDMe3eKEvIvaF4UTIK5YSGz+ho"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1

Redirect headers

Location
https://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: cdn.vaughnsoft.net
URL: https://cdn.vaughnsoft.net/fonts/font.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.vaughnsoft.net/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 05:25:45 GMT
x-content-type-options
nosniff
age
28277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 05:25:45 GMT
shazball_large.png
thumbnails.vaughnsoft.net/1701436621/fetch/live/ 		327 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436621/fetch/live/shazball_large.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d62482763f933bd99789dfe6d5a3113bc58f1b86a6cf37b90759108e57bba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:14:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc32-51a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYTlizUqra2mC%2BKbeOzkb0rPtqp6Mn3X6gHC%2BxfuLsih2XpPM%2FB6D4Gk9zXMvMmT6VXI1oMFH%2B0hK8ToiIolAWg%2B5GeeSxfv7aev2K5CTHPkGVqk8%2Fs9hw199o%2BtHjb2%2F9SK70lf2%2FUR9NIvWWvIuwGIPzXkcHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9baaddc8bb85-FRA
vaughnmas_large.png
thumbnails.vaughnsoft.net/1701436621/fetch/live/ 		409 KB
410 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436621/fetch/live/vaughnmas_large.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f078f2ac48452abbabfa5d92b4e795299047f08835ded453f9a3879804c79e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:12:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dbac-6622b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=348Se%2FEtgBmkqjGeujMZaqLOz54p02Rrjt8v9o72irBGyDTN3vnyESXYi%2FERqlgXvPt1tyUsioQooHGU45sCl3mr6xa8DvPtO73C3x1It9C%2BrZ0d8xs36mg6Z%2Bs%2FPM3h9K%2BDI%2FLrwfUMDdpH6laAyuCg1k1TxRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9baaddc5bb85-FRA
tech_corner_large.png
thumbnails.vaughnsoft.net/1701436621/fetch/live/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436621/fetch/live/tech_corner_large.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fc8d53b041321fb8113450851e9404c715dd85c4a62bb43a82615f29cc7f04

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:14:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc2d-401cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fPPUwt2lN%2FCRKcEDe9u%2Bh13CvHKC34dm0mk%2BjS8DzhRb2s6DP6i21TW9MOX6Gf0AIQo%2BwjMwxbg9v0eCnQn2%2FYqcEmkRK7b64%2F1KHp5rn2EHzhDucGmhnT1CRMd7oyg6AQZvjsIoMJ7bFfMVZei%2BBFbDay3WLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9baaddc6bb85-FRA
browse_coverart_default_peopleirl.png
cdn.vaughnsoft.net/img/vaughnlive/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_peopleirl.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49399aee73ef45aa70590e5c8a0baea72474178e9960f5b713a2ae59dae3bae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:41:42 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
7186
ETag
"63d1cc46-2c149"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M35SHE9QyZ%2BJ%2FqqXzXw06IuzkmN8SBoELSDkvxw8Og3Cv%2BsSJJYlnr6eWVpnd09jvZ%2BBJ4IysWcpQdqY4AGullac7reGXlUiGaHkogjrfO%2Ba%2BSDjm%2F6zrAGDO6YU73Hv89U8zYmeMlAQEvzhuiXb0A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bac9d8d0bc5-AMS
Content-Length
180553
browse_coverart_default_music_cafe.png
cdn.vaughnsoft.net/img/vaughnlive/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_music_cafe.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224eeaaad2ad5b35da30ecc19e9ae3beb1680e2421d5b1ca3aa07c0349c50580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:46:14 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
7186
ETag
"63d1cd56-2c46b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKMNmStHAeWKxFs8xCGd4OKuH1kr6rPy2UATwbEihivRtvjlFSSEgaETBg63DUt5Q8Cu6C02c6jDW%2BeVnG2%2BtiknwODckCBS5PHYs84yzYwK1DnhuZ5ZbRdgIEndppalG%2BGGH5a4uB4BTGRDDV2Vvw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9babec540bc5-AMS
Content-Length
181355
browse_coverart_default_city_cameras.png
cdn.vaughnsoft.net/img/vaughnlive/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_city_cameras.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06ad7c734846b19c3abdf88407cc45defe96c471989155955f2b786a27dab0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 26 Jan 2023 00:56:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"63d1cfce-2c8c5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCiUn7CAnfxtsuDR%2FA%2FGS0VC6dslZpU1u0poOROErRNyI%2FNBtFm5ArtWaNropS1SLiDych6QJIeKuX%2BuZsvUq4HznVKNfU9qDBM2kgW0iMSVxa1g1cbFk7fbQ7jhe2PhPp11PPfIHUbf0uCT3pQmCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bad189f9191-FRA
Content-Length
182469
browse_coverart_default_box_breaking.png
cdn.vaughnsoft.net/img/vaughnlive/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_box_breaking.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd933a8639dbcf7b0b0b74c122713ac0e2122ef6dc94a2b9d52de39d24aa3d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:57:53 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
218
ETag
"63d1d011-2c66b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIQVPt7eyjWA4VN3Z7slw7PHaDTIyNEjUlSKv0dFCri%2FZbPGl7DFmt6u7iyzCVrI%2BEHJchUg8xf74fHYJR1%2FykO7zXyldTSXvngQ2YvN5Tz7sT3qujenPkDfkluT%2FJCFnLsR3Df%2FHBDM4cL3Nfr6sg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bad1c376961-FRA
Content-Length
181867
browse_coverart_default_gaming.png
cdn.vaughnsoft.net/img/vaughnlive/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_gaming.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40cd24c50755e183f5ba41bebd68d1d610f59ca0911b9b226a8e925ff2537da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 26 Jan 2023 00:58:16 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"63d1d028-2bf90"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9mWEH%2F1Q4MV1c49B5CYTp%2F5NrMb0ruw8r9urOHPSj4eaBK8wIvOOuNm03cogK8Ifg9KK98RHeCtCk55CY3zlUu9TrPaYmOIbeCiudzzmCBBqdD0UecXt5G9e1UPbAJEoIg1QJPaarWbG75DEBbIug%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9babca6a913c-FRA
Content-Length
180112
browse_coverart_default_news_tech.png
cdn.vaughnsoft.net/img/vaughnlive/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_news_tech.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d822a35edd20eb93a085df69fec5741bc7675b181ce5092338b8a5ab77759b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:58:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
7186
ETag
"63d1d04f-2c5e3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp8c%2F7eAXBjwS370j7L23A2GxQCFcrXESZoLfa9RrbocuvkJ06gPLBgWxKWEZxDROhmeCVCf0JcFWf4WutUPdAcsRLK70nqCqpUJdraUXdrxTqg%2FtN5LsnBirYoS%2BeigdH8NLoTrwDeAPyNxjjSV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bad1e360bc5-AMS
Content-Length
181731
browse_coverart_default_lifestyles.png
cdn.vaughnsoft.net/img/vaughnlive/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_lifestyles.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d072b667943b9c54be6e11105b09e7d31eeaa33dcd062e0de0b40fca4078eb7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 26 Jan 2023 00:57:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"63d1cfed-2c23a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivdwQwxIzFn1h%2F7wPR1S0QfSd%2FzO7w1ViZbAs6TNlWXjFK2t6DzxHgmtzBz7np9HkkD2aNkGnvqAPBYQlqNjYLYAUWGU8G2dDYjy0Tgs2yYYvd2ly98mcDRWhn7FDQthSkgsJRuaqwXzUw64Ww6CfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9babdb841e5b-FRA
Content-Length
180794
browse_coverart_default_creative.png
cdn.vaughnsoft.net/img/vaughnlive/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_creative.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
972f1081f1e1f79c72d077b85c5dc03c433452932ecbd02cf58ba3b9e5679777

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 01:00:02 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
218
ETag
"63d1d092-2c1c7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXJKaTrnRix3O3Y0BFLbHrkgPfdKdDC4IkVLJPPQyTyWOlyii4NEtlfFWTVH87wntN8SsWmyPR17VgOtdSrKun7Qqcgzrjv1%2FfpeU4WQuJXrfhi3t8FLhDWGpJTzLqJTMG%2BrU96MKAooC24FmkU6OA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bacfc206961-FRA
Content-Length
180679
browse_coverart_default_nature.png
cdn.vaughnsoft.net/img/vaughnlive/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_nature.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08706c74de90df1ce5bc708310efc9f5326696f682ed3ade855a31c4cc740f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:59:38 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
7186
ETag
"63d1d07a-2bc1f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CgytbVgdCGWom1bLzNHDt%2BmQ7eIRKPXqJxikTQkPmEJoQBWsqWRycb%2BlmdOzaaLm2aSOwtH77ByZOKQEQK02%2F5%2F03e5PrU0kYiYFj7oeYePDGm9mHaH2%2BdqXlew3JSJvZBBRuG0kFXYuZooqv1kqw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bac5cfc0bc5-AMS
Content-Length
179231
browse_coverart_default_espanol.png
cdn.vaughnsoft.net/img/vaughnlive/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_espanol.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2275f2d790ab43c7b5a2b3bb7354ea3824d28659a356a45218fce5c943d14994

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:59:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
7186
ETag
"63d1d066-2be92"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwC54L%2FoLDq24Nhp8S%2FvcVgo3m%2FQlN2FsYwstIMQtF7M1guBqGLBCI27ovE0R%2BAhAvFcLxnRtSZpzXBehmNCmf4ML744A2yJFWMzRQeqD9uhtNY7byD3YHVXYELW8tlVuGVKAyNLAULjQVj4506ZDw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bacdddb0bc5-AMS
Content-Length
179858
browse_coverart_default_misc.png
cdn.vaughnsoft.net/img/vaughnlive/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_misc.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef3af5395e01dcfc0ca6cc70f5c05c5be813e265280932b68532b38bb472a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 26 Jan 2023 00:42:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
217
ETag
"63d1cc63-2bd2e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UCgJJwLXH1S4fmMI2efL7usx43UKpCnqj5LU4o%2BHJ41uDEdL%2BGaN%2BmoLoxpmgKXYkkiyX%2B4QeiH72f99J7gP9doyETjDvrGKvpvIl1Mw2UcBN3tgDzVZvmWsEpES27Jj9561E09Mbjduwof1z8KDA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bacbbe06961-FRA
Content-Length
179502
browse_coverart_default_all.png
cdn.vaughnsoft.net/img/vaughnlive/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnlive/browse_coverart_default_all.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
378e6e02d1982fb9f0c18d4f707ea0fc6ec5de5c60681ec51a9f3f045b3327aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 26 Jan 2023 01:00:41 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"63d1d0b9-2c393"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi2YmJAB5a0LMhUAGIVkscz7XFsf1Z9hdLgcuWk9w%2BrOKu1ToFQUYLiaq2ULG9S4ZlNJUwX0GosBfBzFrlmMSoKlnVRDXhTmk0Obqn6OAxXvOSiSbmVQ%2BshLi5VukQ0NyPk5XxvnQqjDJUcwS%2F4zJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9bad2be8913c-FRA
Content-Length
181139
main.js
vaughn.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame ACB7
Redirect Chain
  • http://vaughn.live/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • http://vaughn.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a3358840fca77cfde10ebec4f635950ffe8cde786f08323654713af95967ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvsoLHGwCxxXGLAUMxaRZISmu9YoEd%2F4q%2BsyxD7aBDIaGsWCTneig3%2FwiL6H9R2GUVmw93YhnN4SRCdFdPo7H4RPCiuUsl9wRaCbHfFM%2Ft44NNNyWZrmTQwDtBnMc02ZBw5lWCEnM%2FnL"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
82eb9babcc96bbdf-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Li9f4VHQ5ZBdOkcdia5R55MuK4lEenxmIVNUODTRboYlqdVDR5IJblQ4yaV%2FdtdOOZKJbmsStW3IuIJJtvQDbgNl8q3QF1qM1HXpDylE10CedKZWztEJJy9IWoKk6j4x3VJByBWbSI9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
82eb9bab4cff6958-FRA
alt-svc
h3=":443"; ma=86400
vaughnsoft_logo.png
cdn.vaughnsoft.net/img/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.vaughnsoft.net/img/vaughnsoft_logo.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:3776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb04cf9516c210f12b558b7d0320926d28cbe0bcaad97592496bb2ecd0864081

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
CF-Cache-Status
HIT
Last-Modified
Sun, 19 Jan 2014 17:09:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
217
ETag
"52dc06da-59b6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umo6wSTq4idtmFseNa0ZPGbOl70Y92SCieyI2W4nH2MhTZHNfDnh2%2BFBfYjX4QqWJtj3mSx9YRaT%2BXop2BcRs%2BWgndJc49YspcJg3oeZSVp8mPT1oNg6ytP1CAxwi8%2Bfi3MyYx0NSUSmEXoqVj2tKg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2073600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82eb9badacb86961-FRA
Content-Length
22966
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
367334
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4cWkLK%2BnDjcioT1qcerudB6TLywkKs%2FWvq8CLyK878%2BmKRGSgXwyQQ1jAILg%2BRG%2F%2BR6k0xWmO5St%2BuQ28kievN%2B1TgIJbvj4IXtycmth8E8IZ3ZbJIM1bx4UhkTjOjajbFCM1MrR2wuJnhn"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
82eb9bab78275d8a-FRA
hb
ssc.33across.com/api/v1/ 		65 B
139 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1995440b1a4a3a21bcff790321c341eb4baf51996e46fe2ef7770560c331f7b8

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:01 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hb-mm-multi
hb.minutemedia-prebid.com/ 		83 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
93b26829df278e1cf5bf2329c36b799ab8123bcfacb4ff29cb5f7054071b12be

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_1%23leaderboard_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=1014e2a91d312db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_1%23leaderboard_1&slots=1&rand=0.19860715913985905
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f7ec495a4de075056e338c3a75eadd063ee4a4e00225a9a3cfa655c3782d85a8

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		93 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f6f702a4eaf2402bc457468a8bf38b59db6523a163bc51a4e3dd9d67c5a38b99

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ 		145 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7cf940afbc739187db3bff801c1900bf3b89ca0c62c5c4fb27ac46a30839e33a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
an-x-request-uuid
3acc1588-80d5-43fe-8c1a-f9cbc8418702
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
pbs.nextmillmedia.com/openrtb2/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
1f990996678595bed949fdd4ed3d6d057871fb29a29b2bb012c9611ac6f46f0c

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
adreq
ads.servenobid.com/ 		622 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2843
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3c59ea6f17ddc286d0012122ef73e15fc4a0dc0f1f95e80848aabc70dbc1d962

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
adreq
ads.servenobid.com/ 		622 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6480
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4df5a35f682f9004ab2d9beff4ca6776660e83a3849b18d9d2690f736662d10d

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
58ddcec9c22f8a479e205fabec0f1ceb30b7f83d1808da86b3df3e6ac36626e1

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:01 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		94 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2992433fee88fbb8599a2d255c54a25725a072e9ad9f1a97bb9e94e63111e78f

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
hb
ssc.33across.com/api/v1/ 		66 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9302d32f45cddde9ba74e49c49c27dd23297756ba4461caa737e299caf916b7b

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auction
pbs.nextmillmedia.com/openrtb2/ 		96 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
390273f55a22c69e159c9295ab18803a2881c054b8cf136c3e8491236d6ce267

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
96
expires
0
translator
hbopenbid.pubmatic.com/ 		0
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cc2ee4b95ff33cf425cd212695372db2792c77b21bcab38c6654d15d11477cfe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
an-x-request-uuid
4fdb483a-fc1f-4538-a441-d43e04df188b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_2%23leaderboard_2&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=414dfbc2c468eb9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_2%23leaderboard_2&slots=1&rand=0.1362184545536167
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
96136c3248499a4c9b6b110aebfff3a85df00eaa09def5344ebc02c4147a946e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
77b2c55917f8171ddca83883c02abac21a44ec10c02a82dae05dd78a597b6a95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
an-x-request-uuid
11e2f0be-9802-4d56-8ea7-f249e785fe5f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4cd0f28dcdd3523887cacb5b04d889c6fed2c83afd72a1257be46e22b00974ec

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
adreq
ads.servenobid.com/ 		622 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3218
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
66f1018a7105303fde2c29f27bf6ceccc6dd374a9b5ed67fd471140edf9f257f

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		417 B
927 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=15&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_4%23rectangle_4&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=521f8d0ff42b30c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_4%23rectangle_4&slots=1&rand=0.5600271417072304
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36073e90289d2338b15fef8a8d16fc53f18f4b0601101314fb4aed80bdee6a3a

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
417
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ce5b66598ec6944f4c2cd1be59786f1a8d40f16637caf6d5d26132c69d838216

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
c
prebid.a-mo.net/a/ 		0
44 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
bb3d769ccb3c88e3eba055d24cda03417de730a356f42abaa2d6012ba243c958

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		145 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9665ce09123562483c9b7835e2dfc2022a8df2291351d3b9fddacdad50b00f8e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
an-x-request-uuid
ab35e728-34f4-4bd2-bc0a-db8d52cee8a0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_3%23leaderboard_3&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=69740595d9797a2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_3%23leaderboard_3&slots=1&rand=0.2681830846887059
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c06bd606297783eb77bb3d478c5181e55467d6496909397b3e997d224a1eb70e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
bde876fba9c9e880cd9238ce74a0049273fcba6859f31fd3bf9eaf379e5dc74d

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
01bf2c70ce18e07a5e39be6cf7e3a42fe9e900e3b0be03bbb73bdaa52493f1e8

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
ap.lijit.com/rtb/ 		94 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c2f863fe1dfec2cb9320927458d4dcfc712fd2696cf223c2fab703f7803c777d

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
auction
pbs.nextmillmedia.com/openrtb2/ 		95 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
502e4d213006f59b58ca876cf4fb6dfde75dce067779bcdcfc70152755316b15

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
95
expires
0
adreq
ads.servenobid.com/ 		622 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=376
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
56068fc790f2362c82d9ef959a95f2dfa599ffb2a574a4db6906e0f6e16779c8

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29273
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
basedmovies_large.png
thumbnails.vaughnsoft.net/1701436621/fetch/live/ 		316 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436621/fetch/live/basedmovies_large.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd9d0b7c518865eef1fe625f015ef13c099ba3f0d39d380161b65bc9a9b3508

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:16:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dcaf-4ee3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eEFQH33gRpN6eaXPRk%2Fny%2BisXoscb2VUtZEdWxasGTDBjyO3P8kDQVwyTuWHgeCmAokVmwp%2BLxEDsIxZCOcDqtcC7rYEQtV1VP%2BS1LBqgTqS9Vn0gLNFBgtyitVtnmnm%2BdgJqtFdvPQ0NNp227nxeAUat8UTd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9babcf55bb85-FRA
atpshow_large.png
thumbnails.vaughnsoft.net/1701436621/fetch/live/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436621/fetch/live/atpshow_large.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1899e77771b42540e72ad632f30aa82770375240cd2394119b561b77a8a159

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:13:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc0f-5fac2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApG0uwn20DZy6U1D6LcGfycQ5aSZIo7fdjEt6mThvOwMADuX8bOiHd41sR7hABwkyurwGVzsbQ2W2gz9CDCoYiW%2BVQu0nTvo015F2SoD4ds0SFC37%2Be%2BPC7Pef%2BJTf3Gf4edvYkgxHjjEEuiVB20iLEO1uxqFY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9babcf59bb85-FRA
jabooty_large.png
thumbnails.vaughnsoft.net/1701436621/fetch/live/ 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436621/fetch/live/jabooty_large.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb260eed999dddaa089d2f974af1f96904aa0dac2be9cfd7b796d326a7e1e2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dbc9-4a84e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA5bhuiaUQiseHjkJd%2Fj7J1a7%2FU9XW4vU9%2BZiu04aQFxF%2BmWXu1V6DnDtmPqeYl8KLzgy8RdeYsUgh5atiTGRvL0SkxqKgSB3flLd7Zihet23vdnHjoWO58fs6fHPS5ZkvnmFUzXh946kB%2FdQ7tCbblMeyNKJhI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9babcf5cbb85-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJBCJW1TVFe6CqLyN428aDPA4gW5EOkm8VfjfAhwTgG4qr1m3kmGWK7mUURyo2zY7BvW8JR6yY%2BDflSt4hC0Sg5e%2FIUyCa3kaRPJ0l4fuRAArmhoQtzC%2FaFO%2B41dBN0YlmcPXX%2FuyjGcBViE"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
82eb9bac38f537f7-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
6054
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138259
x-xss-protection
0
server
cafe
etag
16445146976575771301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Nov 2024 11:36:08 GMT
82eb9ba28855bbdf
vaughn.live/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ACB7 		0
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/cdn-cgi/challenge-platform/h/b/jsd/r/82eb9ba28855bbdf
Requested by
Host: vaughn.live
URL: http://vaughn.live/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzXqOVz46tpXymrxl%2FiZ0aBchyJS84e0ZG%2FDIRECtuNSl9U2%2BXUhqFy1FGSWJX2Q5ML9AZGTR05GOb86Xp%2FbeCCEKtBh2Kc3H%2BTXxMHbkSkbOY6t32x8PsF2Wl%2BNAu01KTa74OvBKkNc"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
82eb9bac4f4971dc-FRA
alt-svc
h3=":443"; ma=86400
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6181de2b8022002ffc27530fa936535d38d76538f96896aebce771f472419eae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
an-x-request-uuid
21799750-8d0f-43ba-b0f2-48fa1512e178
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:01 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb-mm-multi
hb.minutemedia-prebid.com/ 		84 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
6237da4207bd47c28982a90ba0d2cf1f73114cac6f04c7381bcbc482f0d1208e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
fastlane.json
fastlane.rubiconproject.com/a/api/ 		417 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=15&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_5%23rectangle_5&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=948e5b5dba796d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_5%23rectangle_5&slots=1&rand=0.497999438618276
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
be62c72f68cd3dfe90729c7da3ed0197cf18902cd8823949078d933cf0a0f5f0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
417
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		622 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9746
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
35b3a364e4aed4da9fe3341818f62776837cb4ea7925bcb0faa174e5286d049a

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
777d0c7116ed8a00c3df311e419f62aa6d660e38ffcc575ea8611267ecc3582b

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
ap.lijit.com/rtb/ 		95 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d0abe79546c356716a9716bf179b933c35e4dd4546703f5b9f76688dcf09226f

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
30c5d1ffb7ea0e52523ea083054433d52b64bb5bc4ff91d0534a86e0fc21879d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
an-x-request-uuid
740fe5fa-c48d-485a-be19-76c21c32250d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3f6d4695680ae5087fb173bd76515520a99419fe00d2a0eeedb9a95d476679e5

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
2bbc5bb2bdb47d048c3746e0e0e8633556b0e7c1f0702155f94ec13c8e007540

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
bid
ap.lijit.com/rtb/ 		95 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
3412a2565807edb825ea87dd8f5762e9f9058c9427749450bca6d1d167969be6

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
adreq
ads.servenobid.com/ 		622 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9670
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5d1ac3346d389b6bda1b1a697527504a657829108dff22d5bdd45f3c49b2c86e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_4%23leaderboard_4&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=1185fd71e3948c63&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_4%23leaderboard_4&slots=1&rand=0.5444266497590255
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c30fcd154c07f44986b9e38794d7cb0aafc06d4f521e2eb29caf0fe5437752e9

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
pbs.nextmillmedia.com/openrtb2/ 		97 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
32f0c0fd6be20b69ec515407c001e98e017f1ce6dbac02c95969bf4896611488

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:02 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
97
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=1595353335548027&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Crectangle_4&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=1&didk=3701212231&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1701436622839&lmt=1701436622&adxs=1204&adys=2218&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=409x-1&msz=409x-1&fws=4&ohw=1600&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Drectangle_4%26didna-refr%3D0&adks=4044964805&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2f9f1a7dcf1bfbaa1392e4062c771d10d8600d53a012d440c4e84665562a06c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42446
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 234B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
versions
player.ex.co/
Redirect Chain
  • http://player.ex.co/versions
  • https://player.ex.co/versions
630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/versions
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9dab75c3f483ccf49539a8153583a8600f35647814d61a44abafbb553277fd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 13:17:02 GMT
age
9414
x-cache
MISS, HIT
content-length
630
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-etou8220040-FRA
server
nginx
x-timer
S1701436623.896083,VS0,VE0
etag
W/"276-JLQIHLIXBECP7jB1jWM75bonJD0"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 97

Redirect headers

Location
https://player.ex.co/versions
Non-Authoritative-Reason
HSTS
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
Cross-Origin-Resource-Policy
Cross-Origin
events
collector.ex.co/main/ 		17 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:03 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:31:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 13:17:03 GMT
thumbnail-720.webp
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/thumbnail-720.webp
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eae8becbf14b20a3f18f2851bc6da830f3b7f66f81c4ca2ca31e0a324db0515f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"647ee987db6540fee9ac4a4560e275ef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
12201
player.js
cdn.ex.co/player/ap/3.69.0-718fc94/ 		445 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1eab1e9dc54c9f5a117797d135197e3feda52aef3e8bf640d51da444f70a3611

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
119983
last-modified
Mon, 27 Nov 2023 08:29:28 GMT
server
AmazonS3
etag
"1a963fc534a4efa27bf467f555853430"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 08 Dec 2023 13:17:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=3868987824830652&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Crectangle_5&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=2&didk=3701212224&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1701436622945&lmt=1701436622&adxs=775&adys=3204&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=409x-1&msz=409x-1&fws=4&ohw=1600&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Drectangle_5%26didna-refr%3D0&adks=4026811336&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bff93a1b1d67f0f2f124a2287d6b5659c3eff1bded6ad667b521a3bf29ea1035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11167
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
383d05d0e04c268cbcebceec515358eee573a355b23054130878882c11a53ee9

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
76888dfb602f4431804f3c1ef42e7be737cc3139e6bb20a669b7f5b6987566ef

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4290bc6033d90f564d225d6cd3cbac79eeecefc981a85f542d4de22291412e5f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
an-x-request-uuid
1b960b43-1462-4c69-be58-fcd344c2c800
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
361a6ded9de36fc3544b65cf167bb7b1ec97287ac52a1e77410751b1940d72cd

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
adreq
ads.servenobid.com/ 		622 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9900
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b69b9c600973695ac5b6002a4880adfdac5c7c0a91b0ee35bfd8f56e6d217621

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:02 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
pbs.nextmillmedia.com/openrtb2/ 		97 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
37ecd79df4a5942831c0f0f3a019121c0272b8e828a79c53571db4074eca5a89

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
97
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_5%23leaderboard_5&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=1409391107f11836&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_5%23leaderboard_5&slots=1&rand=0.21221876436296738
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0d4009bf860d48e03809cc4222ab13b8f26e085af42bcfb52f5c6048f018e9a0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29273
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
ads
securepubads.g.doubleclick.net/gampad/ 		94 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=3883448788937884&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_4&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=3&didk=3855194977&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1701436622982&lmt=1701436622&adxs=561&adys=171&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1600&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_4%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D27865623825fc006%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=2143607945&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5edb3c9a7dc0aae9b11856540f49376873d287e575119f94b79cabbcd4961bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44021
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adreq
ads.servenobid.com/ 		622 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6533
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b192ef9f1e7c42c68bcd0d0f93a2b381d4e42aa4b99f3afb8c3685a2addae13d

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		95 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
af57e781b0b7e8ad700109f53f9888f2bbb42ab71471ca81ed2c37214dd46573

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d18240e501d25b8b28ef89888026b95c3e17550fde4ffa8e04b41d60b1f0d55e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
7ae3e9d41fa0bf376770fc406a5f615320db3d36aa6bddbd57089f7766e0e848

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
auction
pbs.nextmillmedia.com/openrtb2/ 		97 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
aba69239d03d61a71bdf2e3adc50dfa26eff20db7f30c7d28985a122738d711b

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
97
expires
0
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e32a1b4082baf7a318078fcd9d30919dcc35bab1788bee14b9e02568ebbf108f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
an-x-request-uuid
f7ccd7b2-37a4-45bf-a1fa-ee9fa261bf8d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_6%23leaderboard_6&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=160f6aade1ed25bc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_6%23leaderboard_6&slots=1&rand=0.05016067954852077
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c663e6e1f6910c42a5b65b5ce5e0ce93c02e0eb7179ded8bfa91909a74b819ca

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=3056402047542128&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_3&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=4&didk=3855194976&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1701436623010&lmt=1701436623&adxs=561&adys=2254&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1600&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_3%26didna-refr%3D0&adks=552540739&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a53052cce00657c7ed8df28609c714076979bc4f3e05f01c602c2fbdc3494c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42533
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy.php
vaughn.live/app/ 		2 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/app/privacy.php?a=blocked
Requested by
Host: vaughn.live
URL: http://vaughn.live/1701436621/js/vsm_65.js
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464

Request headers

Accept
*/*
Referer
http://vaughn.live/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN9s9qgtzfd1JVRXg66GJinDz3%2F9g%2B5180x6LtTPe0eNuFLq8EB7p4XBDuP%2Brm%2FSYauoxg3XI3KwYP90P3s3ncMyFD8zdbAC3jqjm%2BWoPpPJUcCWpCPB5E5gDrMMYijChZRTXqNQIq4y"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
82eb9bade90e71dc-FRA
alt-svc
h3=":443"; ma=86400
content_menu.php
vaughn.live/app/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/app/content_menu.php?a=trending
Requested by
Host: vaughn.live
URL: http://vaughn.live/1701436621/js/vsm_65.js
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065764f29009a91c6f4f51bb16a03e3c60cd4e8ff3fd590758eefc9168dce459

Request headers

Accept
*/*
Referer
http://vaughn.live/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jako4j00R%2BNur9Xxhlj7VIJ%2BbPxr2L%2F20ObscEjQ68aWf%2BfgHUmlfHh08AlZcWHr%2FrPARC9HyPtn1fJJu5reY%2BoJozVDmG64eEIdarzsqnJqEzXOtWZIMjOytb2rICiAncGCLs1r5PBh"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
82eb9bb039bfbbdf-FRA
alt-svc
h3=":443"; ma=86400
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
1c99297ead50c1eefdc985eecffac20b6e36decf9ec41c95f22658960054ac15

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_7%23leaderboard_7&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=16450b8a3410904e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_7%23leaderboard_7&slots=1&rand=0.7849189635081781
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9dca7502752e7c51927294f2c54ce7c5f1960cea02234501b0991810998619f2

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		95 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
3db5644e2e36feace62de3ce7cb19b77dee4c84f77b1e55dd8b1b6304e141e7f

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
92585388247155e52dcd17c67560b69bae96afd11368b81597505add624a12bf

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adreq
ads.servenobid.com/ 		622 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1267
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5d1ac3346d389b6bda1b1a697527504a657829108dff22d5bdd45f3c49b2c86e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
pbs.nextmillmedia.com/openrtb2/ 		97 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
9051b1b7822941564fed39f4a22c4b7f30bf50a893648863b77a25799b7e69fa

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
97
expires
0
prebid
ib.adnxs.com/ut/v3/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
18dc3b8e3ab8d67ef2747ec80b86ab91825ffe4065c5e07c0e375c223a1a7672
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
an-x-request-uuid
ddc0c7f6-bde9-437f-804f-a497ca1ea3c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidResponse&bidder=nextMillennium&source=pbjs&placements=29273
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
ads
securepubads.g.doubleclick.net/gampad/ 		96 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=298485155000744&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=5&didk=3855194978&sfv=1-0-40&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1701436623460&lmt=1701436623&adxs=872&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=729x90&msz=729x0&fws=4&ohw=1600&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_1%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D283e09a357c7b4ed%26hb_bidder%3DnextMillennium%26didna-refr%3D0&adks=243108928&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4459ff47c8f6edb3074f4d9def9632d14e53703a4d4e87c10297239db248dfb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45017
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adreq
ads.servenobid.com/ 		622 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=970
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
66f1018a7105303fde2c29f27bf6ceccc6dd374a9b5ed67fd471140edf9f257f

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
52c9b8e49066fdb909f3fb88e434c3b2af83ce296c1d386e1c88bebe8fed45b4

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
733dd84a8b0dd02231807ac34d81392dae16116cdf0d6b8c9f5d576be32d65b5

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_8%23leaderboard_8&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=1940869962fd9468&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_8%23leaderboard_8&slots=1&rand=0.9862508707390776
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
10cbd972e721a009ded131c4fbd3810f96cac0ed69087e2c76e92dfb9b63137b

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		95 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fe8f8f8c37e0b0c7d8c228f2baf075bae1878355b19e27f2a17b0693f742ca0c

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
auction
pbs.nextmillmedia.com/openrtb2/ 		97 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
d819bbd2b1ba397240a7b2494be6a04280041871c384eb3d658f8ff76547fa0c

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
97
expires
0
prebid
ib.adnxs.com/ut/v3/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0e5966611a421d4d1a87ceefd5d5fa5ef1c09f2066e874c80966e9b1bf78ad85
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
an-x-request-uuid
9f71828d-db05-4cfa-ad1b-2e829727aa6d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		420 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=2&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_9%23leaderboard_9&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=2028b39385b59f8b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_9%23leaderboard_9&slots=1&rand=0.475956836737665
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
15f92a60ad265b03b074b3706b3fd70c2d22f61bf7014ac07217012987d80bf2

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
420
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		95 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
947d0e45c7617df08c6fbaaa17e212521ccf61daca36882aaf0db0d6c1643c3e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
816 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
10925cb81778999fd98ce70b35e3cc6737fc3aacdc4a2ef116b5d88094f9a91e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
cca8544d-89d5-4e8a-9c8c-b8330641a876
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
pbs.nextmillmedia.com/openrtb2/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
d95dd198c004fb63f532c90ea07c95c653f815fc23b568c6615d1d8742a0929f

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
842ba25ae727ac08d632520bcab53319fe85d1b7d9bd08cd334fdec6f667c1ff

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ed3005961bc732cc1c7a80f6841b00bd4c1a490859b082a535131545d6dec0dd

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
32
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
adreq
ads.servenobid.com/ 		622 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2351
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b69b9c600973695ac5b6002a4880adfdac5c7c0a91b0ee35bfd8f56e6d217621

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
adreq
ads.servenobid.com/ 		622 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2685
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
df455ece5e4b902ed2ed68c72b81d6f1dea6e73fe3405077467ba2ad76d0f49d

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		417 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=15&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_7%23rectangle_7&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=228b53579766ee3a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_7%23rectangle_7&slots=1&rand=0.31234041219583775
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d9b67ad9e1dd1bf6efe08ffb9f2696d679ddf316d6d6ff92b4a88716990b81c1

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
417
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b3705dd6bfe251dcfcc6d5da2ef190f43115714216d8aa309d82747bb89c91e3

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
10a6620d72396cfc54a1fd985d1df59c9cfb81810fa29dfc133b1101e486cb0d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
an-x-request-uuid
1a085bb7-68d9-4e36-956f-fd3eddfd1553
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
75e66458c2583e4fad39b4a058f6fe737714226ecc32ca522369e8e422783a7e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
02a5cc3a6868bc434cbd795c40a62390170e2d90de0192d0500955248367512c

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B97 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=2063674986140526&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&didk=3855194979&sfv=1-0-40&eri=1&sc=0&cookie=ID%3De859ed10423c8e68%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbjF_gBG6CGCLhNNGo9dBptIWnzEA&gpic=UID%3D00000cffbe4755c4%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbJSY3X01mXlgnVGXfaS8L6pRUBdA&abxe=1&dt=1701436623519&lmt=1701436623&adxs=561&adys=1611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_2%26didna-refr%3D0&adks=1126163979&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4a941ec5ffcce80f53cde03c772adb69681da813097f51490fa3ee2f3017852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43797
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=3937976669043499&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_5&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=7&didk=3855195006&sfv=1-0-40&eri=1&sc=0&cookie=ID%3De859ed10423c8e68%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbjF_gBG6CGCLhNNGo9dBptIWnzEA&gpic=UID%3D00000cffbe4755c4%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbJSY3X01mXlgnVGXfaS8L6pRUBdA&abxe=1&dt=1701436623526&lmt=1701436623&adxs=561&adys=3363&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_5%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D28758adeec6a5074%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=2050268132&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9b146801b53debe2034b72afe1c9e399d065e8883003398f80357e1e471a6d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44006
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=2815580178831464&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_6&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=8&didk=3855195007&sfv=1-0-40&eri=1&sc=0&cookie=ID%3De859ed10423c8e68%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbjF_gBG6CGCLhNNGo9dBptIWnzEA&gpic=UID%3D00000cffbe4755c4%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbJSY3X01mXlgnVGXfaS8L6pRUBdA&abxe=1&dt=1701436623531&lmt=1701436623&adxs=561&adys=4332&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_6%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D2890ca31ee1db2ca%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=2671006173&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19ba43d2cab1457de7ee79245e116fd981719a8982bba209882b6d9b4297022f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16287
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_sync.html
cdn.ex.co/sync/0.0.1-1082b4e/ Frame 6219
Redirect Chain
  • http://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
  • https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
370 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
must-revalidate, proxy-revalidate, max-age=25164, s-maxage=31536000
content-encoding
gzip
content-length
255
content-type
text/html;charset=utf-8
date
Fri, 01 Dec 2023 13:17:03 GMT
etag
"6c913cf53e2f19bb85cbce59bc48565f"
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-server-side-encryption
AES256

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Non-Authoritative-Reason
HSTS
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-92S0CM3WMK&gtm=45je3bt0v9119025529&_p=1701436622421&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1641055854.1701436622&ul=en-us&sr=1600x1200&ir=1&_eu=EEA&_s=2&sid=1701436622&sct=1&seg=0&dl=http%3A%2F%2Fvaughn.live%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=7&tfd=2375
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92S0CM3WMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D906 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0C32 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWI0ojZBC1k-wkFGIYFRglrp3Ri4mBAdE4Woyxp-K2Ns5mDM8b2_JaK8pWzNNuXe1CriBECk_yX7MS0yjeHUqZ8rsbC-_M0seUB3oVwR6rMwOBtqbtaTz9I7ENTmFkY8C88vfLgnEAMWKRAPLLUwMtjvu6TRhMEdJz3W0riyIh2v5RbF08_Ra8cOyQmoVMmojPYJa7lxywlb-5sQhFOhn1nfYj3og
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Fri, 01 Dec 2023 13:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8B97 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B97 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AfpjMb6Igzl-4wACbF2V5PlK23Z4XY3IlVH4qXbw2o4KJGRioiEtkAQgOV1COlxEuxu42IW9CDMZ9mmggEmQy8n8zWuypvOUMDSXuPtAwjI5Ou9e0
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B97 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2021843440994647846&x=1&ct=77
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8B97 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8B97 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8B97 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
sync-4b7ae961.js
cdn.ex.co/sync/0.0.1-1082b4e/ Frame 6219 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f

Request headers

Referer
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Origin
https://cdn.ex.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
1365
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
etag
"ea77f73013f99623af0cfc02bdf7a34a"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 08 Dec 2023 13:17:03 GMT
auction
pbs.nextmillmedia.com/openrtb2/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
1306072c5be3ec24abe51ba81a6f817fb5d4dec53abc260b12be6687a7b9e2eb

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ 		140 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a1635a0d56fe15822fe03b93f45911993b03a058bacedf2bb6623d805ead0dfe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
755e24c0-76fb-4c45-98b9-3e43ddbb23b7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		622 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8616
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2e834d3e51e3a908c620e926703104f6abc317de1223330cc0f4640d8f41b973

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
35b39726f7587564af59316bd8c4f1608155986708331b954face3c02cc4cd4c

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
927d1ec16bbf300dec6c4e99c27497fe14bc1f8d9b270080e3df2d378703841c

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ 		95 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cdaf0f0a462ce8bd314cb87f35f4b8ffe9c407585855d2de86aec1e0f09f55cd

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://vaughn.live
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
fastlane.json
fastlane.rubiconproject.com/a/api/ 		437 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=15&alt_size_ids=43&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_8%23rectangle_8&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=259735cb7b6252f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Frectangle_8%23rectangle_8&slots=1&rand=0.8736496876230477
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4486b2f96f28a91cf43922ae255e63e15ab0627d19c88e4dda60eefc309e54ff

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
437
expires
Wed, 17 Sep 1975 21:32:10 GMT
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29275
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA14 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
shazball.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/shazball.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80cbdeda5fcc2d942c379724738f5db68cda40a4d0e7f8d037d23b93812e6aff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7YXxsv4rveELKu0ayeykifDiDcYQRMNUiV9AFEAKoKgJo3c1b%2Fs%2BEkpQks2y3amt7GkPx5eLLySWba3fICE1yAyeB6UTJyDggqKhs3Lu28SG71XUVr54KKhDgUxzVLR24U6Ug4ncMVENz7Usib43g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1bfaebb85-FRA
shazball.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/shazball.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b9d697c749a8f9c2f3f5796ecef3518c86f01e78b0df461ae3fe7ccd00f769

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:14:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc32-9f49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKV8HsLbnkLqFe3Ij9NJIpybVD8F5%2FVxyDKbQbCdFghIxWmax0ST2oeDBXzw7btq62pPPbhjdnYq92%2BB7NFnNRlgjkbzU7dcW3Xt5oR6pvX9v%2B5wL8hCWnXFULY0LombJtjHwszJHLrL9eauH192czz9eAlfBEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb1bfb1bb85-FRA
jabooty.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/jabooty.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b4759408f47129cb0807e1ce7ae1508db6b4345c392228e8884a4d5d4e6d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRgBXBS3q6Y3W%2FuW2hAO2lV9xfLbiD9e%2FVz4WKCc5LszgtwGqVQlgqxgGSazrY867TVBR0soSl3Ugk%2FNkmp68wvf9BuKUilSL9UmdgyrFXNWym27LcX6O4ZSsFBI2pLNZssTmn3UF2KvcUFcl71lSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1bfb4bb85-FRA
jabooty.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/jabooty.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9613d13c8f837d194f87fa944f27b571cfeb899062ef8ca8ce0a341e5f5623a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dbc9-a794"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmPPPNrBDQuboMl1i0VtHObzpB%2FhGXo9NwxbplJz%2BAtaoYzcridWEvVZBc3I2S6USOJKESKP1YUSQ2iSomfoNg0yGuRRQn7ZdA%2BYuZG16N0BS5C87VNOeCxLahWAls1zDobx5lcAvhLS487y%2BEXZsno9Fq02Rzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb1bfb7bb85-FRA
rhapsody_rad1o.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/rhapsody_rad1o.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9373caaee3527dce23f40d59b6265d1a089c5fcff50b3937e99793df2493e63

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smnS6Qw68rkJor%2BWqKLwFx3vq916T1sci50dLYvViwKmNcqqhyCFa74MJewv%2BM2RB%2BGueIeT9BVQKN6WjtRTqLsl4W6J2ajEE7gLDJfiaDV%2Bm4vmZAXqMVr0L6AoqL%2Ff3c9DQXMSFuh1ValcyWr8jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1bfb8bb85-FRA
rhapsody_rad1o.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/rhapsody_rad1o.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d28fbfa2cf05f31c4b6d087abb9f972cad20a54d4de425ff66745dc1c06a21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dbea-7886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiJjqm0X43vuNMnPmOwUiXYJ4370a3U9gatV2ne8%2Fc14yNh0bbnVuTKv2H5DbOTCwu0ghcnBcq%2Bo1sb9OyJwetynvHmLuumCU4nuhWjpq%2B7tj1xvDrgdMTsYFUNZcShVpWtZnpRSyf5DsSesMZzzDF5kLWm69rw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb1bfbabb85-FRA
garystrainlive.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/garystrainlive.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c813495c0b87e75e3775b59b1cc18553a686e478d9b07fccd876bfc0cbfcc82

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te2yBaMqgP5o4OxOI4OuIkj4IntyWGuFuQyKHoFXUmy0kQ2DItqi3qiM7cSMkHzU2qhdR%2FOtcAKHuaJR53dqQTYxhavRP4FtZwdY5A2hnn8u7viGBklxU7z7w3prEJnCcnLDb30xRaeHnLq0IjKX7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1bfbcbb85-FRA
garystrainlive.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/garystrainlive.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e768bfc20221ad3f62b792e1f8ce03de71b077f90af479339bbc447c8292050

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:16:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dcac-4b07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqzMQkdVclqzoXQ%2FWSSgspcWSDIZbOEAUM9EmUOL82xfDdX0oGGulLE2CUTvpZ3w7X8KDx1k2GfFhMbz9dVD%2FLU6BFmlm%2B%2F1WSz2S2kTcjV%2BCawfBX5RCHVxu9RVm0S53f6wAWuQ2T8ET5iNjF%2Ftm0puR0RqMQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb1bfbdbb85-FRA
thejedshed.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/thejedshed.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1829ea59f9bfd959b687837863531f29f6b365ad2bf2b91d637e96af62e32a08

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze5eZi3n5MBWbje0T2LfsZTfQgnbaXSleZY2qnNJ5OL3WbYucQPZfj1H78uoIi1CU1ElhzFPCNQ%2FSFp59LkCQlSjP7A%2BYNHgUlods9oKPithIcI1RHUhN4vEyfphw0ND0Oorb3NAwIw1%2FF45Lludyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1bfbfbb85-FRA
thejedshed.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/thejedshed.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d2a65d814d433d28ed773e3b6736cf062cf451bfc081275bc0c572ba1f5b58

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:16:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dca6-dc42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MV6lYmuafHMRr0AdAsr8Q2O4g1%2BDObL3xRrGmc7bo1Ck0XWND0jnKUVwtYU0z0dFZHFt2M4jKjtMCFgtoBre3SVtFSUCH%2FhJ%2FDSIx5QMIa8CzO1aClHYHziazZ61v5BGkKS3K9W3fNtSkJqBkYTSm4q78lYocs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb1bfc0bb85-FRA
91fun.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/91fun.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159576ef17c7b7419b2122f600ff450719d87640a9da1788c840ec9677b9b0d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLkzBB4C0tmZ9LyzHGkQiD7Uv0MBgQ5aQyEn43lMGqrW%2FQl%2BdODynrTHUOdI8pMIxRxye3kLzDhrO4WvdW6coCICObkFmNUEY7SvTVIVa0sfGSrddH2SbKv3s6RuU7G1lgI5NlBT%2BcwviExYHbCvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1cfc4bb85-FRA
91fun.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/91fun.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefdd84514b034af275b32954bfad128174ee1ea1a5f773fd7868689782aeebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:16:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dca2-7919"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q16KdtViEIrX%2BZJjpVn%2FPMy6v8et%2FJ%2B4skDoO6ZpYk5%2Fn7XqIPR8iYLh6kAKae06SEyNzI8WxzEgOJb7P%2BMPhBmRcnHQR4xjL%2FWH8kXINAp6poTkbxggHFygqdbCgbq9rAf%2FvY3dtHxLq7CbvllzieIaw1bpfyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb1cfc5bb85-FRA
bobbymagicradio2.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/bobbymagicradio2.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e859bfaf4f7e3520e30e5665baa1f909e1a4e782aaba862fbf337bcd1c0883f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8ioaDAmndvn9UI3HKrZPiK%2BVGa8%2F7nV2F6jiUV8eioKBaxe1rLGDdCCJp3bW8loNhBU0Ql4B2wzEuzZExC11ackus2u0QiChTKJyI6B0idV673DSlKSub9JHF57aB9DiT6bp1iRaP%2BgWzfnrMG4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1cfc6bb85-FRA
bobbymagicradio2.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/bobbymagicradio2.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8f40fba90294f35a9ebd2a48287f2f39ee3114ad5230c2a510e6149bc093ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:14:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc27-67b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl%2B7UPj9skU22cK7ax6sg9N3DEhbmxr6A00%2Bu7AONgklDEB7GK734cKhVQJ%2Fdonrul5G81k5ptFQCS9yt4FX4d%2BLw9dGC1T5PQcAXmavoHUhFQU4ZIWYJjznj2kll7Geb81jmzgorIwpwZIiQftdNkwdu4s1SdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb2f98dbb85-FRA
70sgreathits.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/70sgreathits.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38f84773591a756800a22a2053a8a0783312ddb6a374836a9cb627632e09dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6HzwC2zOYMprjU%2FW%2FFSPwUPMZKVrZXpolFgcHckNM%2BvzE5ltRMTwu0VFTSehhVjKEuBfH55Na2PM8zpImIfqAFLwphTcZe5FVdl8gy6CImUZj7RE%2FvpLQVUWzYumRuo%2FQBajtfgSCA2PDRLYQHs5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1cfc8bb85-FRA
70sgreathits.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/70sgreathits.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d857a15cfce9ec117b65c540415b4d269a622bd3c6d3808e4464d77add78d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:14:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc26-67a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHoflZzFFLtCqDJKESWEVjXYL4PUC7M3iWYZDARMeX8iah%2BX6k9N3hTh2htnUYl2WHB17B0pVg8ffREmr4NqFv7EmF%2BzVbPkKLuT24kaqHGdHDL23AIa94xCj9gvSpW6xflESiztScYvYLpDslCQnbQAddSxBW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb39a93bb85-FRA
glaucusandoval.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/glaucusandoval.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc313b5efa1345772ed5374058a36525862c8657b926ab014f5a727eea3dd2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmMTg608OV8i%2FxkQif3N0IWKKyetO4fMb2bVcqnwmkP%2Fa9w2QBHctI4esA3uKCtniLQX5TOG7TdmMROaBNvBgdVDd08OVm%2Bp%2BusiTZHowSzvFKbQLyCKsbJZ5ZpMwS7qjx61sqabipYdttxRX64kpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1cfc9bb85-FRA
glaucusandoval.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/glaucusandoval.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e884c749f5e0c38499841d17b03c2098b64a960c786865033bbf44341ec403a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:13:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dc14-9e61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWBy2klx9c9NuCyue6l2NtxLHibnlZt7RRaQeTfOVnST7tpK5goufMID5pOTYHEErNMyNRFQWp43D7r1eVbHpqQfS%2F%2BX4pzDOmnnlQr9XTQ3WX8TiPX8l5L91ql6NQdU9X8gzW6OEGZSuWageoNvoTeJMRu%2FI6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb39a96bb85-FRA
garystrains.jpg
cdn.vaughnsoft.net/profile/1701436623014/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vaughnsoft.net/profile/1701436623014/garystrains.jpg
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044c5de4225c0f5ba98e5f8807647433288741d51536bb8912f4efcd93581943

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOjt5FGYpN1Nn1OAbjCdodPKWYFif6Gu9V9qgKz1KJ1LDqFTBKIf3ynYju6FofJ5vvXYjw1wGnzn%2FRv%2BAGxNjMeAfReAi%2FHS7A%2BkgS23mNZrBXjuXSoU%2F7ekzSLPeKZfg9jqhh61TWS8yKqGa07tiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2073600
cf-ray
82eb9bb1cfcabb85-FRA
garystrains.png
thumbnails.vaughnsoft.net/1701436623624/fetch/live/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnails.vaughnsoft.net/1701436623624/fetch/live/garystrains.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:93fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77f1d4b33991300381ead8aab71bfd25cd14e46e418f221f672a9429b54dfb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 13:13:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6569dbdf-c064"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hffk4ZWSBofoek9XztpBaoJGh7xSeJfcAh%2BWBzT4T7db9MsMw6jS8s6XqEnw2O1XDEqBDexWa2Avr%2FczoOOZ6B1ccV6K0QuAEtc1lG4WsFhdbuTaETeD9rogh1DU7f5V03NwOLsHxKFaW5W%2FbKcgCVXI5%2BuRXe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=2073600
cf-ray
82eb9bb39aa0bb85-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 720D 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNUrzm08JiaVVMZ-B0K96rkhEarZffw-3o5dgw97WWi_uimzQZV9q6lGkke8xhTUqGCFjVGjXr7r-N8bqK1l6D2xc5UxEOCkYsfdhY7djH-WN7V4qmqRcoQLpekiKhQOuk8gNR4UE0Zab0M7PO1DpInRZdS_20LEu7vresKsAOhuntyq15NkAoRnj3Wtrk8MG8VWVZRvKWDJ7gf424A2emJskaKTbg
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Fri, 01 Dec 2023 13:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame D906 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame D906 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame D906 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvOGqJcoPQL9PJVBvK2S0WjYyBlNp6MKz8WOT_g7cKzES-eR01WS5CiYXGuYZvy-EE0KtyRRjYjo1PmPv0mfZGEwj6NlFCKVmKFllQojFkz5H0aaZ23nWO_gSWMILuBJP9hR6kWzmKasN4m96C7uSP5ScD0byLYtcRIvo8ZtI5nCrSPXIkdfKmaEufqoGQ0HJ-SG_fnMXn5O68Ww_n7-xlNn163XjdOYkf20b3GdqxzKBng9vfe8KlV4ySEjCfF5rEwoyGekDuOREGNZhRLSMIff4xqR_aIZSszkHV-SKE2KubiU28ox0OrPuGL1e_-6h6wAtQaYJUFSSnOzdIjz3K1i0VDyNhKtky-GfZxferbV-6uUWFHxk_-d76jAuUYR6EDYqMArg-35HHSMFG7lqecLFHhWDH1DOn-QpRRGj0dGqX91XQUlg7TYKZbbV3EZ0YMAhuX0CDDYSjU_vqo1MxLt5PluEErXowmbEbt3uVKTYcBxJU7_kY6_mzy5seuF8as-eNgUORhMxQFpePokrPxfmMXZEP8j0W2wAIodpv9vNCh_bG-fMzRzJ4RxAzpCbwjtoYDGpFfXM3xADf2CVjCp7XStLcMqnla2ySQ9QG6joLAuf-3KHM4-xClzmOGu_o1pbosfF2y6g_LET8344d-hn47pX6mYS2gECALG6qH7inL8Mqb22mgS2_01h0yHByNfM1bCQ0u4tZEkzQPhnLtgjuhflvTvnTmK66zKhYgdzr2MaPCBlotXXjWEXy32cIoyb0JWD56mMgFf9WsUi4xjE7SDFwNXW8Zegva0uP2AhnYw5ZtJp7QcvnO99ABDtvGqDARPUAHKGdHcJuanCNFg-YtsrnTogxK_CCK5gZE9EOm-DaLQrfWsgUXE0U4pSv--7Bbhnl8xu_oHkTtZ6szJ4rfGkUfknUUTQd7oub4uL67VVf1jt-tSLbTNx_NaSHeVF-AdV0Y0XmejvNFSW8YOI1xVkK_ol5iOoPHmbVekvYFu1BowsY97bmuci1GJ53PoNuwCKk5-nu2DDz4WEcywwG6xzoHCaA2fOtFN8Grq3yabLpCHRVQfEzSB3x3hXxQAiK7obsm6vurfz3yhCcQOyasUFijwdaqq8P2DQ3AL26odIG68C6DMZ1GqLD6zqaOV76Uehk9SG6j6AaPrO09izTMvvtN1dfm7dho_VjOzDe2QwCnlMtqSN9kuk4TJuBcKtA9R4bI9gu7g8sToyOLqDj1UOmyksD5rwUAel-iCKIiqi7JL2qyhlBTPtjUUoRS993rX04XieMVtNb9NsPDUUsTbuB8PQ5qO-eibu6BUuj68fX8u1-TiOUhqVCfZrxYfZnehlH05w&sai=AMfl-YT2hl7ZHtSbAVPdQl2Q9qkhTq9FIYY1Z8s835DFWkL1cGitWiik7e1wKtYq-MZ_B0-3UUJc_y7DEkNy4xJbgf1YfQYx4Ak76NuIs1RQV5uiW6QLzfLoYhHFuVta94qVrRUoNO7-cnuQTLBS-IacWLKKwzdG-bxjZD9dHmW0coMd-mEKudu5QLc6zHAkzN-VHZGLuuS_L_wzqS_641ITXlsOgm0-7YFJmkvTSrPODLRTDxubXEiAXFYv399jIo7Hv8pOSBWKwF3RYskyy_znVTNDBu8ser3SwaAHvZlJw4T5WY9vWuNmjTAzUkeKuv3lV5xfY6qSPZLMWPKFkVJZZtTYrEnWL42IgAnpQj0hKeiNlB9Wnw6gINN-RbgsnrMV-oiwS8Mzc--dwyi-m2UcAyHAFtSn4JArLexrZvenzAbEH9iGxnajEj62UV-trBz2qtvy2LoHwxLAvNLbCn3V2Lq2kBLdU1fYwdoSu41C9al1V_yvpZdp-czWEYLMfjdqqhkmY90&sig=Cg0ArKJSzF4QBI5H-rFYEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.82729&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D906 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D906 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D906 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D906 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZ2ZLOIZfeR_ZwBUrZEsZhB1hHLLhkbajiTdNsnzol9V1RI1BbiGh_PEIZ2_zbjEWYSr_VsQTNvhGE1EsfuXjLEP5O2P5tvfXjxrvqdnr_rH4LDNg
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D906 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
7604246044395771258
s0.2mdn.net/simgad/ Frame D906 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7604246044395771258
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
892e54b1b4120c7da83c702e2ed1663ae5f118c3062124edb155d4c3bda6e7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:13:25 GMT
x-content-type-options
nosniff
age
518618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80599
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 13:13:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 248D 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNVilSsu6ZjDAo9lGOciKwBM3cz966epIUTTQsHkg4hE_bTiqjWgNE90SmSDwyFAqqMzvtccCX1rwpOJKNgyYsNJ0ifGWlcWeuTgbYs78HGYfIDHJwMrQW3tpKH639fNJPW3VEQ3KNiRWmMIDo2AAVuTJQW1LunITsMcyNDex9qwmiHIwOKbVpm855pGIUuOYogk1i_FRL9DLiPfE4nn3AN1jj1Cug
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Fri, 01 Dec 2023 13:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame AA14 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame AA14 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame AA14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvQeqFTZQcuosrMudEPgflzRFkJnXRFKT_oLWNcp20oRNeoCQOGf7B5x8C43DdlZFR-4uykf2C5FRGnSowCZ_0T0tZey7AaRnNtSH0Jekcp0NORtAoz15ApX-22sB_KC--fdG69Q2AU2nyzhdjA-wRQ4HdS_OG5rmWJklfv2I3nj75-vhRN_oUhSog2KgJw3cfDd2dO8UEeqekXYDEmpo6nrgISYv-oxM4M7Xa5n93qLTMPRXEbLgdMYjdIl_4H0E7ImzLf5ja7N18NqhyfcZJE7KV-I7CAXf8a9fhHkNQ1MWw1LX1cJ6z5UqX0Va_Bew4irCd1Lr1hxnKjvKBrdOqZxRQbDAatozmCMby8qq8wSgGcWHh6pr8Hwwr2u6N6Mg9uES6CTjI_nVtkHfljidzQhz9vwC_Hakdo1_LnX9CCLTI_lVlry_XGVqld51zzw8JLYLN6hyg9tConJpmlas9pBPPnqyxbIK298Zzf7AseSn47u-WQ2H2_JWAe6nlQoAW8rRilvzP7LWBbCwduCowJ8T0tvizHFfjksoEXCb8A-nOKmeruYuOg4jpnxdl4rJHvv_nECwsCjsUdpMTdt6VoYp3iw09KlPLRBxbqBHiFI7T8D3H-GpKXVix_aVrprcT1ygHWVLGHV5mFB5WwWXUG61tu1dxscs3cicVJoCOhpke0mMLa-PtmFdKQuIHzymwOk_N0Ig1Q9RnQTodOzPiaJ6px2fwQx9klhkYfCELNgSpb4ZC3Kb2QHlk8ruwL7ghVv0WZOKDcHgZ4NMmAAnv_dh8d3NX0MTLHURQK3JoPaIsfxDaFAN1mx_rjNxQEjZmzQAe6tVO3n7QYHc5Nfg8EXERxw53TjhKeNd4-WiAeezTZKh_Ol550U46nL816Qd-HOTnjuqDL0V6bBkboZXtP7wAbwi92OsWnmOb0t6-dwlDt3ZySwLxLk1oKHtmM0pQFOywKqTzHY5l-msqf0OhWo-A2FReNaccpfV2qmlLE-c4cwUwITTIE8whHvo_Sj5o0uc8j50v_8I5w919OdavizrOwPxchfA7HWcPVTha8htjwmFuqykZnbTrRJOlYoR1Xk4UbGr0VICdiycYnkIMusvhOngvyQb9rctLZJWr-uKeQ_lqyLpe3t9dCI4Gm5W_jeOMLTccVyDsT1lRsL63wQ1iLtFX_IvOhA2DzqoZ_I3oomxu-gKmGT30uhRxofjIhf9dizN8feiomYAdtSYcsFVq5kOrWYpuCRSCCGXI7CxdHH1Nw6lAGhfCKXhQZ6rfGYybLDAOrywDxCjYw5iEfp79zL5pBcdxE4v0uAg0j1nxvQb0HG6OxtENkrsq-NsJyd5Ah5lehBstuTFJ54iCa6VE&sai=AMfl-YR5No1Ixtp1McnOPFgauUseE8F7TXayFcH7vrpzOGAO6dUVq6F-vG5eXP5OyKtWT52yfJiIG_NCVxEzuXq3G_1AzW9OlTUqh__hgH6fBT4DIrSQZ2GyavfjlDAm_MzTTzQ1RDIYRHop7_ljFYPfsWpGvHY0IWYWEVgTQYrife2nfURt20h3f_y27yUNyNvodlK0tcPS7SmXLtFevMJdaDbZTu2B49G35Fb_mqjBnPsuLVrELSHn_sTWy_aEktgfzK1L3YUl7aH-4q79RQj76SxyWgRqRDVoygLBSou5knAlyDmp7CLwMfqsJ5sefmuGaK52Hc8hyKIgM8wS5G1W59GBgqdY31NYLTjzgaAWpwNmQ8vVJdeH0RAvVSZjaj3Kgl9QY89WIyqT6Fa4UyqxStfdgN16ciaUiSkk3gCuHFSO8l5Db6BiAbJvHk5Jm0Z0IEY2I09TI7e1bMl4QS77Rt2x29ZTm941W9nk15Dpz7I0ZYU6yKZo0GGJAvwjsv_BeegdgCotbUaF9Q&sig=Cg0ArKJSzAXhXl9vDoMwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iZWtvLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.85583&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AA14 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame AA14 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame AA14 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA14 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEkFiQY9wybh26-42vONx2oTq4SHDFo1hxECkn2WzzT58OPaE2g1k62XFLFMIda5M4nvdTFYJbT55Tady49-VnwXojNYJzdPYjJP1rDGCikhsIEPo
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AA14 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
8649293865786170783
s0.2mdn.net/simgad/ Frame AA14 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8649293865786170783
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be34532fabadfecc4bb68618c6b2a13221cedbba7cd7b56081e95bb5b99e932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 06:47:14 GMT
x-content-type-options
nosniff
age
368989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101402
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 11:18:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Nov 2024 06:47:14 GMT
adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame AA14 		35 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=11857683&siteID=N192603.1972103DOUBLECLICKBIDMAN&creativeID=204956342&placementID=381087023&rnd=1471405230&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Fri, 01 Dec 2023 13:17:03 GMT
P3P
CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
unsafe-url
Vary
Accept-Encoding
X-Frame-Options
ALLOWALL
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires
Fri, 01 Dec 2023 13:17:03 GMT
cookie_sync
sync.ex.co/v1/ Frame 6219 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/cookie_sync?network=368531133%2C924398626&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.44.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-44-187.compute-1.amazonaws.com
Software
/
Resource Hash
7f808d0b5fbe31581c062f43ef03dbe93be86485253e5e6dec76bb2d26d20fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.ex.co
date
Fri, 01 Dec 2023 13:17:03 GMT
access-control-allow-credentials
true
content-length
1818
vary
Origin
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=2714925051756108&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Crectangle_7&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=9&didk=3701212226&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D9ac495416413cdf9%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MaCaAiEnIgaisfW5fJ6n2jujc8i0w&gpic=UID%3D00000cffbe7eb5e5%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MYUAvfEvBZJeuV2gmu90hYjOEo9nw&abxe=1&dt=1701436623695&lmt=1701436623&adxs=776&adys=3236&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=410x-1&msz=410x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Drectangle_7%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D296ba807b50010e%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=3035616696&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b3f93c63e2c8821a9d09b157ec64ab286ccda5caebf76e425cee5302359420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12793
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D906 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7717af407f8f8c1ff345dc4da70f0cb30559c5cca06c613bb012cbe2b4391745

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 0C32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPSQbFBvHcaWKpuvxXDBWRc&google_cver=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPSQbFBvHcaWKpuvxXDBWRc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWI0ojZBC1k-wkFGIYFRglrp3Ri4mBAdE4Woyxp-K2Ns5mDM8b2_JaK8pWzNNuXe1CriBECk_yX7MS0yjeHUqZ8rsbC-_M0seUB3oVwR6rMwOBtqbtaTz9I7ENTmFkY8C88vfLgnEAMWKRAPLLUwMtjvu6TRhMEdJz3W0riyIh2v5RbF08_Ra8cOyQmoVMmojPYJa7lxywlb-5sQhFOhn1nfYj3og
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxsuwV6a6Gtwr9gL5r6vPFzkvkugUfV92zNQXyEi8N%2FAY6LgwzbCkqqhm%2FDITq7BkztOomAUAXv7ymRgPWGtIedNB1XhlbYnP8CMv8SBTVIbFnHWYxuHJGRO2CuYpdOcPNx%2F2W%2FHmkyv3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb2ff3f37c6-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPSQbFBvHcaWKpuvxXDBWRc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0C32
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWI0ojZBC1k-wkFGIYFRglrp3Ri4mBAdE4Woyxp-K2Ns5mDM8b2_JaK8pWzNNuXe1CriBECk_yX7MS0yjeHUqZ8rsbC-_M0seUB3oVwR6rMwOBtqbtaTz9I7ENTmFkY8C88vfLgnEAMWKRAPLLUwMtjvu6TRhMEdJz3W0riyIh2v5RbF08_Ra8cOyQmoVMmojPYJa7lxywlb-5sQhFOhn1nfYj3og
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfE4Sz23KNuSUGTv48ZiyLNXpR18Ta%2B317EsSq%2FZwEhkxMCLt%2F59yo%2BAv3iA7FLyZ%2BvuV8HVVMKxvVX3ZQ35m5vJ5qhFU9ClE2MMAIRYBa8ZGMbQsTwvaAKQdNrMxMleWtSLhhBPsKNYiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb35ecf3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0C32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKqC6qfIQ-UYTFRL-p8y914&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKqC6qfIQ-UYTFRL-p8y914&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWI0ojZBC1k-wkFGIYFRglrp3Ri4mBAdE4Woyxp-K2Ns5mDM8b2_JaK8pWzNNuXe1CriBECk_yX7MS0yjeHUqZ8rsbC-_M0seUB3oVwR6rMwOBtqbtaTz9I7ENTmFkY8C88vfLgnEAMWKRAPLLUwMtjvu6TRhMEdJz3W0riyIh2v5RbF08_Ra8cOyQmoVMmojPYJa7lxywlb-5sQhFOhn1nfYj3og
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
9226815a-8123-4e6e-bfea-2e1e318782aa
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKqC6qfIQ-UYTFRL-p8y914&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0C32
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWI0ojZBC1k-wkFGIYFRglrp3Ri4mBAdE4Woyxp-K2Ns5mDM8b2_JaK8pWzNNuXe1CriBECk_yX7MS0yjeHUqZ8rsbC-_M0seUB3oVwR6rMwOBtqbtaTz9I7ENTmFkY8C88vfLgnEAMWKRAPLLUwMtjvu6TRhMEdJz3W0riyIh2v5RbF08_Ra8cOyQmoVMmojPYJa7lxywlb-5sQhFOhn1nfYj3og
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
5c1c8aa3-fd83-4e20-b0e4-606f73f66e4b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:03 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
pbs.nextmillmedia.com/openrtb2/ 		97 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
40da3a40d250048c54cc046ab746867acaee3361ef7715297ca7d9f53e95c5c7

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
97
expires
0
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5134352004b22224e842727050e5d496190383c64f261d0545e0bd614363ef2f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
an-x-request-uuid
2b58142a-2fbd-42b8-9685-a3af247c3550
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
adreq
ads.servenobid.com/ 		622 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=777
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a2d042df368c8a6d0186948c8472eca3956fc2fd5702bf2dafd70f59fc6afcbb

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dVaqIEv0Cr66eeaKj0P0Le
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2eb8051b5ff31e11944a5a3a7ef3cf40cb6e4af1660ba6109f2b9172b72ca546

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fastlane.json
fastlane.rubiconproject.com/a/api/ 		423 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=472940&zone_id=2804118&size_id=43&rp_schain=1.0,1!didna.io,4169,1,,,&eid_pubcid.org=58370163-1c65-4087-85a8-70c831b3ea05%5E1&rf=http%3A%2F%2Fvaughn.live%2F&tg_i.domain=vaughn.live&tg_i.page=http%3A%2F%2Fvaughn.live%2F&tg_i.name=vaughn-live&tg_i.pbadslot=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_10%23leaderboard_10&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=273226c2665eb94b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C7882738%2Fdisplay%2Fvaughnsoft%2Fvaughn.live%2Fleaderboard_10%23leaderboard_10&slots=1&rand=0.6827275533765063
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3f4628a448738c0d00c46c7aa18abcb42ded8fee014f500ab0bbd85d305b8409

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
423
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		85 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
cdc88cf798b26fa0469b4e5a81f9078a2521b3545ae9dd35f5b3d3c6b08cbd3e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E158 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=2492443713735097&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_8&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=10&didk=3855195005&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D9ac495416413cdf9%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MaCaAiEnIgaisfW5fJ6n2jujc8i0w&gpic=UID%3D00000cffbe7eb5e5%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MYUAvfEvBZJeuV2gmu90hYjOEo9nw&abxe=1&dt=1701436623716&lmt=1701436623&adxs=561&adys=5047&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_8%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D294062ef61a569e5%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=4083063456&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db1c21669f776d93a53e115618e13a3cf8284fea1611b0135c179adcaf2884fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43883
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9FCE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F327 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AA14 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
286136383c86c2359ffd88cc99a219fe9904bae6c264cd9dd1db51332affb37c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=2095573089771498&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_9&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=11&didk=3855195002&sfv=1-0-40&eri=1&sc=0&cookie=ID%3Dca44699ce194aedd%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbhJ9ARoDFXnlb3uacsSWDHU2gt1A&gpic=UID%3D00000cffbe925316%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbvyHgzMuBDM4IJnUtw-WW_4si7HA&abxe=1&dt=1701436623769&lmt=1701436623&adxs=561&adys=5527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_9%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D2989e8744e2e24ea%26hb_bidder%3DnextMillennium%26didna-refr%3D0&adks=4039423330&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f731df98edc9bd560477f16cf6a9a14207dbe8f835df58558e96b2ace938093f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44243
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B97 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9864159992246&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B97 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9864159992246&version=m202309260101&ct=77&x=1&cor=2021843440994647800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8B97 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPSVUCSXetMEpn1t8qrUEgXww1aRX-lNJa6HnK6cCQUbAbzndQvgngJT4or6T7ZC76mMnadRkhOTOQe3XLNRyuMCKKrmCQ8yrcLWQp49zQDannWxNP7mmFzwQT7vc2muHh7_mb-YxjoS9SQxSmZDB_CKpMevPSv1PsdEukMnmeuKi_Uo0&cry=1&dbm_d=AKAmf-Afy2FLPppfw89OTzbHRYBAl8pve17GQAjmJniOev49Edo8HCRc06G8f3Qb6GRINNz7SUcLd5S1-qYk2ZJER4sxrMih64VRJWlMbpDcegY9XiVuITslgx2RenzfwM3kzXSb7K8hWdbNsKFBjJjwblCprGcfdU0P9JOmF-2sLDi2NZF37ZkttKJSp7_gY2LSCznPJFFZkMC2lFVz47hq7bvT-o8P9pRIaMNtfdWzE5OaG_k8vH6RpZlAcKuyDGRSryyFMg9IH2_n5mJEujdNEh9XFdZyQwaeP2VsVYO5box98ZcJYBJXuIDarN7s1Hh9AnhhVkG3NhFAgQ-xG-AiJ7DsYQZVMvjZi45bk84xMAAbtTZwvKy1txzEPs5D6T9aWXLQK0InTyCEIeHR1AqeMjwl1BVQkOxyeTTYanJKFlE5wBvbv6XozUWhZxGDWCsDHFn8Uza5ch9ABk_76-zNOtda3JP_Tq6qePs-g86Apq_XOpkARuNCrvC1QfaApksNuQPRd37xOVyUd0L5M0AQWIIpJ5DEa3kGj2jdbccZTMBxo2w52DD6i_81BBtiSwa07GyNO__rmZrgHY8qqlXMTAPysTgW49IN4OmR_gVmd_Va4MVbGkEGR-SsCn4nIiuNRTtA0Oh4ui7T7y70p4ELywa0DpHg_jvix5Sx8dy2W2AK215NTa1cpoJec_KAPsoDobF_P2TZJR3UhkRTz_FWxKPE6Gv_LNnBIFnaplVby6XRB-GIbPJU6NMwDq7TDP-uvPVwJy6CerRNsqqYcsoS9gXZkojiu_LfSzQuXp3euy3FtxIrbhhGDK3dXwkSrWiRQsjjFO6GWVQjvLdumFNtXqLs6oqs3c8f45rsIKIeeEIM41lEeX8eVLI24QlKNvF3xgzhZg2sZ9FNFu4q-QJRymUkDxYYRitI9Ddtdw-CAK1XWCor-osf0msshVVLep6D1yLmBjJt3U5MrQ8sHDI0XogYI7RCbe_RXI9yrobr3HIfMy1wiUWuMv5TvNjk1C6j4nav99GALS3N7F6UEfN_74L0XEOawO1oIhtL4MbcUO9whVJodlBOK4mIlE9Z2rUqCPWOdpkMmouXny4vpuWx15oa3WbUZVdSJNkMbm6Sdwwb4lM-txHzxgu0VJrJSUbl14kcdeEVYVdAHB6d5ms6W9iGE7TBSS7dVxFyo3pdW792VSs_NUDuYySCgf1YVEhXxK1FzLfrA9vUtbhPPfkaDS6k7Uo6C6KVMK7On93BBuZ_Z5U41YBd2BqE9CpbKpb5NbuN6x5jT_j0n1L_M778UK6eWCx44swxY2FDwUG6sk67-n8Ft7WF_cHBdrLFEc_Bi0mh4CKf8xV7kpVg_y_VmwknlsUVQ8x_I34cC_24NNPZlriJMY_IwGcj59F7uKnEeW3PktI0gUl-5pOEL-r3ocFl7BEPjUJMClAGJLoOIxvpjOS-cOVmj1QMkSiGoHEPEUN3A-0FSdXyw8OEAg9Gv6EgqNqnPNPedCfnl_NpI5cN0uPlWUJP8epHyMwjFmCH7wj-_kGGTjtsuOKZjLw8xw8i8uJlh_QMDSEvxDTSXagVkqr-LSu0ZZx0U8k65irHzHx1c6cUiHBTBE6O9EHJE7RnONQcBOmMdAPI_5Q-1okzsREiTCQTq_759iF39YwuSqP7jVe1W22X8d_p2fSpXOKenOG30mUhJcdDktciZy7PqtabieHyc6IPd96t9oXC56orYU33QfWSMkjg25RPGnPq-3JnUfcAG-ZLOSZYuciJm4kGLj_yk9jeWKTjgpJ41NBxyTHjU-dKdM15kE5m4vSF4yxyOdoNEHPjyj6FkRsIwuWN7Xylm5cppm3vz9XNB0YH3Oo69Dc25LG2jO2Dz7mwra8IPifDPHuQ4FKEjOo4AqvRf1fGivHLMVk0IHR_syN8ke60S1pohbvrDYSMsMBk4W4FTm9S55oA_Yl7FKbVGEXTSjmNF2YhygVg275TqyhIMIXwBAfzOLMmPyn6O9dnkLOS5GMLLwDAzHMEH-f859HbkZAMpLHYJJKA0TbKy0gTJZUbFXhUw1M6aQCQJXkInDtGns1Gx9s4nP4HY_MXa7o4y4aJdrzoLUVMDVlwndBF_8UURxSlUyMCaDsxUnq3pdJ_j4PryPWK6sYfqH0coZTitZ3kQoFaQpgAL9UKii_EcaFl_3fbUWICKPpdczfwxD1DSilSuJjwHZ3tlCTOw79l0cPwJoAxmeixN9JtNccsbQQJq9HTsKsPd3mb5TsDTEAUr92Vir-s5BiedcfT49T3JeA3HmKvR5ZazeVKwtuzKFTSQNRwBTTL_E4aFu9ASvQxSPCjH2E-UD2UW18zIt8zj9WozMSDLnWVFeDzDRCRsXfwTs6CpoFZtoZ6YBaHGeWMioZmLltlNIKD61VVnRlAmNnRmSR0nXOAA_0r_JehWCfBcchCg5QG4E4V1bGXDRVQ_CTiPZ-Pq6R8DK77I0w1DwIzuJQXFo57ug-XeV3S9SqvTiwCn3_jktBWzENEc7T3_TzUkGsyHRfGqXPac9UpthT1DBOHg7PPLvY1kNzYpFbX0LUbIBicwXGKEE8dA_UPt5tJkxlZjZFzdQdsUrysjIr-0jWzcVMN37_8OCl6dftnxUoe4-RTtHgoSZBieHbD_XZBud2J6Afg2DNJCliplT7crIccOLUuGIJHS_oy9TH8YpdKBmyuctDuerq-U1VJ0WT_7DJcPc0FCexNSHZh9SSn5ZzYyP5Snvkiu8aVgNfnrBhBBGBPYQiEozRQD0fcuZubucLcD3DXD36pDFP5Ld48mlbRkoyNu4qC70oaUgx2SbA4WQz6nsMqStu1YNCF6LebQk5g-dApdtW3FschwAO7W1LLK0K4uYoFtroSbEkKzW8KK4maxlcGRoMWW8-MHrdJ3UkeLvORIjeLNHvxAZ1CPAXld0q3RyMjzuUl0mhiKsmEOeCuAYl92hDF7oSGLjA69Z0Aksk5AEBGiZJo6RLhmYWnuNLlIkb806ET30wnEMEqvJqnZpSHy_eYblEENixVXw0n8pJh7Zbu1DX6zxz53TIX2BgDCA0cFB4ePRnITctf5G-8hsJuiL4yW2B1T00FrC13ryYzJ9xy3x9EdvxNnxvy8aDP92wRtKECi38Y9zuuLHBtDXYzDUSJaALaxKp0v_-ShpTo35KhTu-GUe7Q4NykBWAIm2iMuoOYFvSvMAzuyPlvpHm9Eb23HZA-RdECS-TjUTTxKcJSWjZhTZ4XK2nYRi20HydU7n_G-5t96xhkJeiyr_UYGOaIzBn1mGxO0J3wYJksLbS2aky25fOw3BODv9zYfLK--w8ovYWdojyjB6MMLJLd3j9N75n2YfiaIQ8PuIz14tCu8B0rIUMjAKZkudxytZ9wCUwG8A_klkyLg9wEFMKrhc92Ilogmt14BqrWW12YvNJhXH_l86LJZKLznZAhl07pAmF9SVPW4Pnw9TsYIEHHYcs7ydxukro2lbBzaeKogrstiD7AwLaJAKqOE0uttZABRf_4KecSawNMstrVKijK0wPSIooXVWh9giIcjUNQn5VNEHmPQjuhoftmczo6P_H2_2KcAHZeE7M-0uFZ34SRm-qdBUoFdb2dMC7acJEGSpzr5xm2BPZ-v8SxSllPYVtdzA-OHjX2sJjtaS0LofVMAHVqyaSWj35bTwTen9vWn9dUSgUIxwn4EOGprfU-HL1cvPP69IOHWpKdYm8KKVmuaITqLcBXD_ksOpkjLCZhaxopQClV7_qxE8MydvO0JnBZMKfIh08Q2zXfVn2FsvYo1lBr1woqn66h5HvSuswbRaXcPN9_iWH9r8qRp2du9Ozy4DLFkNHeNHLjsHv_oXOmJ2oCniI8jQ&cid=CAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=http%3A%2F%2Fvaughn.live%2F&ds=l&xdt=1&iif=1&cor=2021843440994647800&adk=2923430907&idt=174&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7010462b293ff3fb17b87cedfa800ee30d48616e9a6156d64acb9d406fae9477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13908
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 720D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNUrzm08JiaVVMZ-B0K96rkhEarZffw-3o5dgw97WWi_uimzQZV9q6lGkke8xhTUqGCFjVGjXr7r-N8bqK1l6D2xc5UxEOCkYsfdhY7djH-WN7V4qmqRcoQLpekiKhQOuk8gNR4UE0Zab0M7PO1DpInRZdS_20LEu7vresKsAOhuntyq15NkAoRnj3Wtrk8MG8VWVZRvKWDJ7gf424A2emJskaKTbg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQVrOmQD7LODlIVufFxJjHPB3eJVJBxA81fQlyCqDuP9U6JRGYFHCwiFtXy50Kuniy75reFkGWpCz%2B%2FiHpkdTzUaoSh8lC1pE86mIBj9MyDSKSn9zEfWfj4j2z7iQLM4y00g9LDg91bZ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb31e8e3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 720D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWnczzs-8lD7S6IMlhHYOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNUrzm08JiaVVMZ-B0K96rkhEarZffw-3o5dgw97WWi_uimzQZV9q6lGkke8xhTUqGCFjVGjXr7r-N8bqK1l6D2xc5UxEOCkYsfdhY7djH-WN7V4qmqRcoQLpekiKhQOuk8gNR4UE0Zab0M7PO1DpInRZdS_20LEu7vresKsAOhuntyq15NkAoRnj3Wtrk8MG8VWVZRvKWDJ7gf424A2emJskaKTbg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0wCp%2BSMnKsjUmroQJItfabw4ZfluxGVvdF%2BJFBlX9lAWvgUwuykQVkkl6gMZ5e%2FCOTp6Zh88ucSII89R011q%2BDTyCilcxhAyucm%2FLYa8ODtuBNaxYxwSiQg%2BH%2Bk5MYDE%2B5TZErWu6jVNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb37ee83731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 720D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNUrzm08JiaVVMZ-B0K96rkhEarZffw-3o5dgw97WWi_uimzQZV9q6lGkke8xhTUqGCFjVGjXr7r-N8bqK1l6D2xc5UxEOCkYsfdhY7djH-WN7V4qmqRcoQLpekiKhQOuk8gNR4UE0Zab0M7PO1DpInRZdS_20LEu7vresKsAOhuntyq15NkAoRnj3Wtrk8MG8VWVZRvKWDJ7gf424A2emJskaKTbg
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
9fd41bc7-4e65-4eaa-92d1-4061be0e6c3d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 720D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNUrzm08JiaVVMZ-B0K96rkhEarZffw-3o5dgw97WWi_uimzQZV9q6lGkke8xhTUqGCFjVGjXr7r-N8bqK1l6D2xc5UxEOCkYsfdhY7djH-WN7V4qmqRcoQLpekiKhQOuk8gNR4UE0Zab0M7PO1DpInRZdS_20LEu7vresKsAOhuntyq15NkAoRnj3Wtrk8MG8VWVZRvKWDJ7gf424A2emJskaKTbg
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
b72215f9-0127-4a55-af9d-5b237203af5f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 248D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNVilSsu6ZjDAo9lGOciKwBM3cz966epIUTTQsHkg4hE_bTiqjWgNE90SmSDwyFAqqMzvtccCX1rwpOJKNgyYsNJ0ifGWlcWeuTgbYs78HGYfIDHJwMrQW3tpKH639fNJPW3VEQ3KNiRWmMIDo2AAVuTJQW1LunITsMcyNDex9qwmiHIwOKbVpm855pGIUuOYogk1i_FRL9DLiPfE4nn3AN1jj1Cug
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mfYvvWkvIZY%2FevoEWUlxfr%2BcRQWTtHlG1kJy9xLiQ3Ag3UCkiNo2AL9aVoKDFmqEk%2B6PoGcuA4Q08Syg1RHEmlvCd2s48YtnBq9PfCVn1hO6cibd8SNl1b%2F%2FDqi6dLM1VmzCohfeMEltg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb32e9a3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 248D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNVilSsu6ZjDAo9lGOciKwBM3cz966epIUTTQsHkg4hE_bTiqjWgNE90SmSDwyFAqqMzvtccCX1rwpOJKNgyYsNJ0ifGWlcWeuTgbYs78HGYfIDHJwMrQW3tpKH639fNJPW3VEQ3KNiRWmMIDo2AAVuTJQW1LunITsMcyNDex9qwmiHIwOKbVpm855pGIUuOYogk1i_FRL9DLiPfE4nn3AN1jj1Cug
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OJRxuyG6ldvy2gQYoHld%2FkQPgU34t7vhV8Uobr3YxmgbB75dTcboxK8Awx8RNEG6YHTQEe7VYXrf1rUcpvQ6xrgm%2BtfAW5cj%2FBkOyKOkS6WEEECJFLCu8Q94eA%2FHwTEjoe6YdzEtmRFLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb35ed13731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDxzGaupjqb2UHXdIHoaV0E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 248D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNVilSsu6ZjDAo9lGOciKwBM3cz966epIUTTQsHkg4hE_bTiqjWgNE90SmSDwyFAqqMzvtccCX1rwpOJKNgyYsNJ0ifGWlcWeuTgbYs78HGYfIDHJwMrQW3tpKH639fNJPW3VEQ3KNiRWmMIDo2AAVuTJQW1LunITsMcyNDex9qwmiHIwOKbVpm855pGIUuOYogk1i_FRL9DLiPfE4nn3AN1jj1Cug
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
0d3d7726-33a6-4a6a-bab1-15fe2f6c530a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEN-LAmio9-NsAGbYdS48p9E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 248D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNVilSsu6ZjDAo9lGOciKwBM3cz966epIUTTQsHkg4hE_bTiqjWgNE90SmSDwyFAqqMzvtccCX1rwpOJKNgyYsNJ0ifGWlcWeuTgbYs78HGYfIDHJwMrQW3tpKH639fNJPW3VEQ3KNiRWmMIDo2AAVuTJQW1LunITsMcyNDex9qwmiHIwOKbVpm855pGIUuOYogk1i_FRL9DLiPfE4nn3AN1jj1Cug
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
45182f23-75ad-4e3c-9060-0ca0a72dc46d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1FFA 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYkuTm7QEwAQ&v=APEucNVInSJFt_8K1rygAYBmtCsrGNq--OMxMxat4pU6fp8NIecixhOI_UQqwFlpQNQfHbV0c72kF_k19yHHj3jB2QJKtfl_-JAxs3eTS1elEIdzmIyT0Ft5VEX7tzrToOeZNbGbicRVszXalvckfRC9rAy-VbmmThiI4wKmaG5S2WRUhPBShitMia9XjevpfWeRlXrzw_NnqxeF0TCd6Uw6V7_ojwSWlQ
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame F327 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame F327 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame F327 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvalYP-5s12g4ni-ZHD0y-VRlqpySekKlTnALze5BuUGU9cSAfb_1iNyR6F1-vMctzVnRT_Z9AMc4IIjCutMm3ojhKXwFJyiiB0sSb-CGjzp38nEseKGrr5DXnUcQBku8Lxzj8DF0UGPemAHnmi0YgrQ3Edt77wluUrtSM35vdjHlXoPmlTtkH8UAoj3HKh62X9Jbv4wPHX6WKBRdl-tIDWdwkj3mkxs8P_PGB-gBfAh1Kr80I7LEbjuv_LToGA8rkRJZASFhWnABjy7TwpDy0-29ZPR0C0qSjTMuoOmdAA-mKhXD39BdnCTAlLNXRNJNL0AyyUWAMR2Guuyu80WQVAEqEgsgjBw0sSs96JV26129vftrpt9NYkX-DYoWKYlyLBp-FvFLxI-wevS7VGpmXH-Dfxlt_izyh0vGl3Pl-udzg3EIqz-8mohuFUGqTBR-vDn_oT0KrJkZuszywyjlrJhsS3jdSVFch4xL54nDtDCMKgF7_EBAo0sP-CBHoQHNhLPiXtOWSJYEu1MpCpk7hm1eyN76bAlScRq08yc5Kd_8_eTXT7MVVm2yVpkXqPaoBEOh7pGop_mzECqTGi51tYdNy2nWZP-jND-5bK4yrhKU7w_lBxuGukeGi-_2OB-tjawiS-nAWVYbAiLgkGUPHdJF-kygwSCzwU8fik2Cyq67gp9C5HyWFxyWDE38GQwWKB31vnIVZ8JG7aNN4qeVWKYIeYoTm9pjkkFzAR9BvjUXEA3mnkD1x_7HuhH2JniUtDVqBa-fosF9Ov1xfgeGDXADoK4eMZ4_4Eny5eZb5e4zCoFsmsB3pWhSll6KmXVTDchW4K5C_yuQDE1pe3hNylLGvST0iK2LACMJAEir_4oA4jNuo4wGoG6utFCcCEQUVNaWkljI421nbGghXC2w0ltsSRxad92c1bPrLh0mV-zegSdeQ1AwLtSvzIwP3mGkW2hoodyYgnMpBJYmm8vw36FMloLrnE0YwE7mXsMabjwxwUBdjhrBt43NEF5FbhwidHZJ-w300DTWwc0dR7vFV1AGK0X9ljyRHDGntZcrEdzbQjtMW8lQ2OnIsSuv2FA3PAr3NX6LuejKidz1SWr3DNJGS29qfENEcdbElmzp67V2qCp-HqmFvhS5FPOA6Gz6xYWiyfcYYgTFvJ4mHjr-LGe5vHMWDvJ7KhLjN2e5EgzaoEcefDGj4JOjuWqS-QBg8WAbgrbjEclBvNQIu-DSxSlgu8X_6eb0TixdVRKHXyuXzpp5EuuMhc0L-IUyZNQ7EmeYe_KatVRm1dbzkyVMMPhSGOiDwKyOV648OklL1yzjsNejKRfJKGTEF7kQ&sai=AMfl-YSjuhpKAy46gZS_S7omWq-1ciJWO_MGdUFk20hWqR22_ceEgux2PUmqCdNuY-3Q6OeV-03K1_1BdW9cdDqlVPHp4SkdvpWGKUvsprjytW5QIV2EjbvX14hHCfBhCwwyV_uAMpfqV8hIRWyEH3GY7-Avc_vcewYSvVhm4ZlBQL0FIsP2yNfsM8ZdsnftinKdvgXcaXwsqIgcixig-rSBIG3rL2oe4fwAGf8VOD9WjmmsGwaeuQyXxt2qc-pYV5y5PlaG1_Sfp75V64kSmXZFjuF0OPl0xymQXhy0YbeXgpPmKAD9XuNaSPJIesiTU7uFZlg4wS6O4uyLj5JbuI0axOurOosv_ER9g9LCbDw6pnijW_jAAkLdTNCX__iZUmIwmVK8Yvl7AQLMf_dERgUDYaDPp0IS2QhEtCfF9QU2hwRHV8WA4MPy11wx4KlY1VWWYMH4wTBb6omwBeqZ46dQfo3PxbVFL44RMed80Mc8yK1GoHr442A2cPZY1k6BQQgDZ9m9KeAjLHtbIA&sig=Cg0ArKJSzKqsKvd7OwIHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20231129.59123&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F327 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame F327 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame F327 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F327 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdOtQ4hJ1iWah5W8MkpOfYS44JgYEe1Ae25j1xZuFvIWv7iszpus9Pvsr917oz6kNwHCvgCHAZZrGz2_sJD_9Xo0Z06Pt4c1x5k-DLKrSvV7KGavA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F327 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:03 GMT
10233368416642623986
s0.2mdn.net/simgad/ Frame F327 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10233368416642623986
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11ef28ae2c4333ff566ee981ee4f56dffc89713a172401a7607d026098a460a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 05:32:45 GMT
x-content-type-options
nosniff
age
546258
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114699
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 05:32:45 GMT
view
ad.doubleclick.net/pcs/ Frame D906 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvOGqJcoPQL9PJVBvK2S0WjYyBlNp6MKz8WOT_g7cKzES-eR01WS5CiYXGuYZvy-EE0KtyRRjYjo1PmPv0mfZGEwj6NlFCKVmKFllQojFkz5H0aaZ23nWO_gSWMILuBJP9hR6kWzmKasN4m96C7uSP5ScD0byLYtcRIvo8ZtI5nCrSPXIkdfKmaEufqoGQ0HJ-SG_fnMXn5O68Ww_n7-xlNn163XjdOYkf20b3GdqxzKBng9vfe8KlV4ySEjCfF5rEwoyGekDuOREGNZhRLSMIff4xqR_aIZSszkHV-SKE2KubiU28ox0OrPuGL1e_-6h6wAtQaYJUFSSnOzdIjz3K1i0VDyNhKtky-GfZxferbV-6uUWFHxk_-d76jAuUYR6EDYqMArg-35HHSMFG7lqecLFHhWDH1DOn-QpRRGj0dGqX91XQUlg7TYKZbbV3EZ0YMAhuX0CDDYSjU_vqo1MxLt5PluEErXowmbEbt3uVKTYcBxJU7_kY6_mzy5seuF8as-eNgUORhMxQFpePokrPxfmMXZEP8j0W2wAIodpv9vNCh_bG-fMzRzJ4RxAzpCbwjtoYDGpFfXM3xADf2CVjCp7XStLcMqnla2ySQ9QG6joLAuf-3KHM4-xClzmOGu_o1pbosfF2y6g_LET8344d-hn47pX6mYS2gECALG6qH7inL8Mqb22mgS2_01h0yHByNfM1bCQ0u4tZEkzQPhnLtgjuhflvTvnTmK66zKhYgdzr2MaPCBlotXXjWEXy32cIoyb0JWD56mMgFf9WsUi4xjE7SDFwNXW8Zegva0uP2AhnYw5ZtJp7QcvnO99ABDtvGqDARPUAHKGdHcJuanCNFg-YtsrnTogxK_CCK5gZE9EOm-DaLQrfWsgUXE0U4pSv--7Bbhnl8xu_oHkTtZ6szJ4rfGkUfknUUTQd7oub4uL67VVf1jt-tSLbTNx_NaSHeVF-AdV0Y0XmejvNFSW8YOI1xVkK_ol5iOoPHmbVekvYFu1BowsY97bmuci1GJ53PoNuwCKk5-nu2DDz4WEcywwG6xzoHCaA2fOtFN8Grq3yabLpCHRVQfEzSB3x3hXxQAiK7obsm6vurfz3yhCcQOyasUFijwdaqq8P2DQ3AL26odIG68C6DMZ1GqLD6zqaOV76Uehk9SG6j6AaPrO09izTMvvtN1dfm7dho_VjOzDe2QwCnlMtqSN9kuk4TJuBcKtA9R4bI9gu7g8sToyOLqDj1UOmyksD5rwUAel-iCKIiqi7JL2qyhlBTPtjUUoRS993rX04XieMVtNb9NsPDUUsTbuB8PQ5qO-eibu6BUuj68fX8u1-TiOUhqVCfZrxYfZnehlH05w&sai=AMfl-YT2hl7ZHtSbAVPdQl2Q9qkhTq9FIYY1Z8s835DFWkL1cGitWiik7e1wKtYq-MZ_B0-3UUJc_y7DEkNy4xJbgf1YfQYx4Ak76NuIs1RQV5uiW6QLzfLoYhHFuVta94qVrRUoNO7-cnuQTLBS-IacWLKKwzdG-bxjZD9dHmW0coMd-mEKudu5QLc6zHAkzN-VHZGLuuS_L_wzqS_641ITXlsOgm0-7YFJmkvTSrPODLRTDxubXEiAXFYv399jIo7Hv8pOSBWKwF3RYskyy_znVTNDBu8ser3SwaAHvZlJw4T5WY9vWuNmjTAzUkeKuv3lV5xfY6qSPZLMWPKFkVJZZtTYrEnWL42IgAnpQj0hKeiNlB9Wnw6gINN-RbgsnrMV-oiwS8Mzc--dwyi-m2UcAyHAFtSn4JArLexrZvenzAbEH9iGxnajEj62UV-trBz2qtvy2LoHwxLAvNLbCn3V2Lq2kBLdU1fYwdoSu41C9al1V_yvpZdp-czWEYLMfjdqqhkmY90&sig=Cg0ArKJSzF4QBI5H-rFYEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=218&vt=11&dtpt=217&dett=2&cstd=0&cisv=r20231129.82729&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame AA14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvQeqFTZQcuosrMudEPgflzRFkJnXRFKT_oLWNcp20oRNeoCQOGf7B5x8C43DdlZFR-4uykf2C5FRGnSowCZ_0T0tZey7AaRnNtSH0Jekcp0NORtAoz15ApX-22sB_KC--fdG69Q2AU2nyzhdjA-wRQ4HdS_OG5rmWJklfv2I3nj75-vhRN_oUhSog2KgJw3cfDd2dO8UEeqekXYDEmpo6nrgISYv-oxM4M7Xa5n93qLTMPRXEbLgdMYjdIl_4H0E7ImzLf5ja7N18NqhyfcZJE7KV-I7CAXf8a9fhHkNQ1MWw1LX1cJ6z5UqX0Va_Bew4irCd1Lr1hxnKjvKBrdOqZxRQbDAatozmCMby8qq8wSgGcWHh6pr8Hwwr2u6N6Mg9uES6CTjI_nVtkHfljidzQhz9vwC_Hakdo1_LnX9CCLTI_lVlry_XGVqld51zzw8JLYLN6hyg9tConJpmlas9pBPPnqyxbIK298Zzf7AseSn47u-WQ2H2_JWAe6nlQoAW8rRilvzP7LWBbCwduCowJ8T0tvizHFfjksoEXCb8A-nOKmeruYuOg4jpnxdl4rJHvv_nECwsCjsUdpMTdt6VoYp3iw09KlPLRBxbqBHiFI7T8D3H-GpKXVix_aVrprcT1ygHWVLGHV5mFB5WwWXUG61tu1dxscs3cicVJoCOhpke0mMLa-PtmFdKQuIHzymwOk_N0Ig1Q9RnQTodOzPiaJ6px2fwQx9klhkYfCELNgSpb4ZC3Kb2QHlk8ruwL7ghVv0WZOKDcHgZ4NMmAAnv_dh8d3NX0MTLHURQK3JoPaIsfxDaFAN1mx_rjNxQEjZmzQAe6tVO3n7QYHc5Nfg8EXERxw53TjhKeNd4-WiAeezTZKh_Ol550U46nL816Qd-HOTnjuqDL0V6bBkboZXtP7wAbwi92OsWnmOb0t6-dwlDt3ZySwLxLk1oKHtmM0pQFOywKqTzHY5l-msqf0OhWo-A2FReNaccpfV2qmlLE-c4cwUwITTIE8whHvo_Sj5o0uc8j50v_8I5w919OdavizrOwPxchfA7HWcPVTha8htjwmFuqykZnbTrRJOlYoR1Xk4UbGr0VICdiycYnkIMusvhOngvyQb9rctLZJWr-uKeQ_lqyLpe3t9dCI4Gm5W_jeOMLTccVyDsT1lRsL63wQ1iLtFX_IvOhA2DzqoZ_I3oomxu-gKmGT30uhRxofjIhf9dizN8feiomYAdtSYcsFVq5kOrWYpuCRSCCGXI7CxdHH1Nw6lAGhfCKXhQZ6rfGYybLDAOrywDxCjYw5iEfp79zL5pBcdxE4v0uAg0j1nxvQb0HG6OxtENkrsq-NsJyd5Ah5lehBstuTFJ54iCa6VE&sai=AMfl-YR5No1Ixtp1McnOPFgauUseE8F7TXayFcH7vrpzOGAO6dUVq6F-vG5eXP5OyKtWT52yfJiIG_NCVxEzuXq3G_1AzW9OlTUqh__hgH6fBT4DIrSQZ2GyavfjlDAm_MzTTzQ1RDIYRHop7_ljFYPfsWpGvHY0IWYWEVgTQYrife2nfURt20h3f_y27yUNyNvodlK0tcPS7SmXLtFevMJdaDbZTu2B49G35Fb_mqjBnPsuLVrELSHn_sTWy_aEktgfzK1L3YUl7aH-4q79RQj76SxyWgRqRDVoygLBSou5knAlyDmp7CLwMfqsJ5sefmuGaK52Hc8hyKIgM8wS5G1W59GBgqdY31NYLTjzgaAWpwNmQ8vVJdeH0RAvVSZjaj3Kgl9QY89WIyqT6Fa4UyqxStfdgN16ciaUiSkk3gCuHFSO8l5Db6BiAbJvHk5Jm0Z0IEY2I09TI7e1bMl4QS77Rt2x29ZTm941W9nk15Dpz7I0ZYU6yKZo0GGJAvwjsv_BeegdgCotbUaF9Q&sig=Cg0ArKJSzAXhXl9vDoMwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iZWtvLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=211&vt=11&dtpt=210&dett=2&cstd=0&cisv=r20231129.85583&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=3135147152191271&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_7&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=12&didk=3855195004&sfv=1-0-40&eri=1&sc=0&cookie=ID%3Dca44699ce194aedd%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbhJ9ARoDFXnlb3uacsSWDHU2gt1A&gpic=UID%3D00000cffbe925316%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbvyHgzMuBDM4IJnUtw-WW_4si7HA&abxe=1&dt=1701436623887&lmt=1701436623&adxs=561&adys=4737&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=10&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dleaderboard_7%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D2929d415c5f39d52%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=3310743748&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7a61a7f661497d51a6189744389086d50274206a8c5ef6bad0347d885f5e6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14607
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E158 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9FCE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
view
ad.doubleclick.net/pcs/ Frame F327 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvalYP-5s12g4ni-ZHD0y-VRlqpySekKlTnALze5BuUGU9cSAfb_1iNyR6F1-vMctzVnRT_Z9AMc4IIjCutMm3ojhKXwFJyiiB0sSb-CGjzp38nEseKGrr5DXnUcQBku8Lxzj8DF0UGPemAHnmi0YgrQ3Edt77wluUrtSM35vdjHlXoPmlTtkH8UAoj3HKh62X9Jbv4wPHX6WKBRdl-tIDWdwkj3mkxs8P_PGB-gBfAh1Kr80I7LEbjuv_LToGA8rkRJZASFhWnABjy7TwpDy0-29ZPR0C0qSjTMuoOmdAA-mKhXD39BdnCTAlLNXRNJNL0AyyUWAMR2Guuyu80WQVAEqEgsgjBw0sSs96JV26129vftrpt9NYkX-DYoWKYlyLBp-FvFLxI-wevS7VGpmXH-Dfxlt_izyh0vGl3Pl-udzg3EIqz-8mohuFUGqTBR-vDn_oT0KrJkZuszywyjlrJhsS3jdSVFch4xL54nDtDCMKgF7_EBAo0sP-CBHoQHNhLPiXtOWSJYEu1MpCpk7hm1eyN76bAlScRq08yc5Kd_8_eTXT7MVVm2yVpkXqPaoBEOh7pGop_mzECqTGi51tYdNy2nWZP-jND-5bK4yrhKU7w_lBxuGukeGi-_2OB-tjawiS-nAWVYbAiLgkGUPHdJF-kygwSCzwU8fik2Cyq67gp9C5HyWFxyWDE38GQwWKB31vnIVZ8JG7aNN4qeVWKYIeYoTm9pjkkFzAR9BvjUXEA3mnkD1x_7HuhH2JniUtDVqBa-fosF9Ov1xfgeGDXADoK4eMZ4_4Eny5eZb5e4zCoFsmsB3pWhSll6KmXVTDchW4K5C_yuQDE1pe3hNylLGvST0iK2LACMJAEir_4oA4jNuo4wGoG6utFCcCEQUVNaWkljI421nbGghXC2w0ltsSRxad92c1bPrLh0mV-zegSdeQ1AwLtSvzIwP3mGkW2hoodyYgnMpBJYmm8vw36FMloLrnE0YwE7mXsMabjwxwUBdjhrBt43NEF5FbhwidHZJ-w300DTWwc0dR7vFV1AGK0X9ljyRHDGntZcrEdzbQjtMW8lQ2OnIsSuv2FA3PAr3NX6LuejKidz1SWr3DNJGS29qfENEcdbElmzp67V2qCp-HqmFvhS5FPOA6Gz6xYWiyfcYYgTFvJ4mHjr-LGe5vHMWDvJ7KhLjN2e5EgzaoEcefDGj4JOjuWqS-QBg8WAbgrbjEclBvNQIu-DSxSlgu8X_6eb0TixdVRKHXyuXzpp5EuuMhc0L-IUyZNQ7EmeYe_KatVRm1dbzkyVMMPhSGOiDwKyOV648OklL1yzjsNejKRfJKGTEF7kQ&sai=AMfl-YSjuhpKAy46gZS_S7omWq-1ciJWO_MGdUFk20hWqR22_ceEgux2PUmqCdNuY-3Q6OeV-03K1_1BdW9cdDqlVPHp4SkdvpWGKUvsprjytW5QIV2EjbvX14hHCfBhCwwyV_uAMpfqV8hIRWyEH3GY7-Avc_vcewYSvVhm4ZlBQL0FIsP2yNfsM8ZdsnftinKdvgXcaXwsqIgcixig-rSBIG3rL2oe4fwAGf8VOD9WjmmsGwaeuQyXxt2qc-pYV5y5PlaG1_Sfp75V64kSmXZFjuF0OPl0xymQXhy0YbeXgpPmKAD9XuNaSPJIesiTU7uFZlg4wS6O4uyLj5JbuI0axOurOosv_ER9g9LCbDw6pnijW_jAAkLdTNCX__iZUmIwmVK8Yvl7AQLMf_dERgUDYaDPp0IS2QhEtCfF9QU2hwRHV8WA4MPy11wx4KlY1VWWYMH4wTBb6omwBeqZ46dQfo3PxbVFL44RMed80Mc8yK1GoHr442A2cPZY1k6BQQgDZ9m9KeAjLHtbIA&sig=Cg0ArKJSzKqsKvd7OwIHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=46&vt=11&dtpt=46&dett=2&cstd=0&cisv=r20231129.59123&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8B97 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPSVUCSXetMEpn1t8qrUEgXww1aRX-lNJa6HnK6cCQUbAbzndQvgngJT4or6T7ZC76mMnadRkhOTOQe3XLNRyuMCKKrmCQ8yrcLWQp49zQDannWxNP7mmFzwQT7vc2muHh7_mb-YxjoS9SQxSmZDB_CKpMevPSv1PsdEukMnmeuKi_Uo0&cry=1&dbm_d=AKAmf-Afy2FLPppfw89OTzbHRYBAl8pve17GQAjmJniOev49Edo8HCRc06G8f3Qb6GRINNz7SUcLd5S1-qYk2ZJER4sxrMih64VRJWlMbpDcegY9XiVuITslgx2RenzfwM3kzXSb7K8hWdbNsKFBjJjwblCprGcfdU0P9JOmF-2sLDi2NZF37ZkttKJSp7_gY2LSCznPJFFZkMC2lFVz47hq7bvT-o8P9pRIaMNtfdWzE5OaG_k8vH6RpZlAcKuyDGRSryyFMg9IH2_n5mJEujdNEh9XFdZyQwaeP2VsVYO5box98ZcJYBJXuIDarN7s1Hh9AnhhVkG3NhFAgQ-xG-AiJ7DsYQZVMvjZi45bk84xMAAbtTZwvKy1txzEPs5D6T9aWXLQK0InTyCEIeHR1AqeMjwl1BVQkOxyeTTYanJKFlE5wBvbv6XozUWhZxGDWCsDHFn8Uza5ch9ABk_76-zNOtda3JP_Tq6qePs-g86Apq_XOpkARuNCrvC1QfaApksNuQPRd37xOVyUd0L5M0AQWIIpJ5DEa3kGj2jdbccZTMBxo2w52DD6i_81BBtiSwa07GyNO__rmZrgHY8qqlXMTAPysTgW49IN4OmR_gVmd_Va4MVbGkEGR-SsCn4nIiuNRTtA0Oh4ui7T7y70p4ELywa0DpHg_jvix5Sx8dy2W2AK215NTa1cpoJec_KAPsoDobF_P2TZJR3UhkRTz_FWxKPE6Gv_LNnBIFnaplVby6XRB-GIbPJU6NMwDq7TDP-uvPVwJy6CerRNsqqYcsoS9gXZkojiu_LfSzQuXp3euy3FtxIrbhhGDK3dXwkSrWiRQsjjFO6GWVQjvLdumFNtXqLs6oqs3c8f45rsIKIeeEIM41lEeX8eVLI24QlKNvF3xgzhZg2sZ9FNFu4q-QJRymUkDxYYRitI9Ddtdw-CAK1XWCor-osf0msshVVLep6D1yLmBjJt3U5MrQ8sHDI0XogYI7RCbe_RXI9yrobr3HIfMy1wiUWuMv5TvNjk1C6j4nav99GALS3N7F6UEfN_74L0XEOawO1oIhtL4MbcUO9whVJodlBOK4mIlE9Z2rUqCPWOdpkMmouXny4vpuWx15oa3WbUZVdSJNkMbm6Sdwwb4lM-txHzxgu0VJrJSUbl14kcdeEVYVdAHB6d5ms6W9iGE7TBSS7dVxFyo3pdW792VSs_NUDuYySCgf1YVEhXxK1FzLfrA9vUtbhPPfkaDS6k7Uo6C6KVMK7On93BBuZ_Z5U41YBd2BqE9CpbKpb5NbuN6x5jT_j0n1L_M778UK6eWCx44swxY2FDwUG6sk67-n8Ft7WF_cHBdrLFEc_Bi0mh4CKf8xV7kpVg_y_VmwknlsUVQ8x_I34cC_24NNPZlriJMY_IwGcj59F7uKnEeW3PktI0gUl-5pOEL-r3ocFl7BEPjUJMClAGJLoOIxvpjOS-cOVmj1QMkSiGoHEPEUN3A-0FSdXyw8OEAg9Gv6EgqNqnPNPedCfnl_NpI5cN0uPlWUJP8epHyMwjFmCH7wj-_kGGTjtsuOKZjLw8xw8i8uJlh_QMDSEvxDTSXagVkqr-LSu0ZZx0U8k65irHzHx1c6cUiHBTBE6O9EHJE7RnONQcBOmMdAPI_5Q-1okzsREiTCQTq_759iF39YwuSqP7jVe1W22X8d_p2fSpXOKenOG30mUhJcdDktciZy7PqtabieHyc6IPd96t9oXC56orYU33QfWSMkjg25RPGnPq-3JnUfcAG-ZLOSZYuciJm4kGLj_yk9jeWKTjgpJ41NBxyTHjU-dKdM15kE5m4vSF4yxyOdoNEHPjyj6FkRsIwuWN7Xylm5cppm3vz9XNB0YH3Oo69Dc25LG2jO2Dz7mwra8IPifDPHuQ4FKEjOo4AqvRf1fGivHLMVk0IHR_syN8ke60S1pohbvrDYSMsMBk4W4FTm9S55oA_Yl7FKbVGEXTSjmNF2YhygVg275TqyhIMIXwBAfzOLMmPyn6O9dnkLOS5GMLLwDAzHMEH-f859HbkZAMpLHYJJKA0TbKy0gTJZUbFXhUw1M6aQCQJXkInDtGns1Gx9s4nP4HY_MXa7o4y4aJdrzoLUVMDVlwndBF_8UURxSlUyMCaDsxUnq3pdJ_j4PryPWK6sYfqH0coZTitZ3kQoFaQpgAL9UKii_EcaFl_3fbUWICKPpdczfwxD1DSilSuJjwHZ3tlCTOw79l0cPwJoAxmeixN9JtNccsbQQJq9HTsKsPd3mb5TsDTEAUr92Vir-s5BiedcfT49T3JeA3HmKvR5ZazeVKwtuzKFTSQNRwBTTL_E4aFu9ASvQxSPCjH2E-UD2UW18zIt8zj9WozMSDLnWVFeDzDRCRsXfwTs6CpoFZtoZ6YBaHGeWMioZmLltlNIKD61VVnRlAmNnRmSR0nXOAA_0r_JehWCfBcchCg5QG4E4V1bGXDRVQ_CTiPZ-Pq6R8DK77I0w1DwIzuJQXFo57ug-XeV3S9SqvTiwCn3_jktBWzENEc7T3_TzUkGsyHRfGqXPac9UpthT1DBOHg7PPLvY1kNzYpFbX0LUbIBicwXGKEE8dA_UPt5tJkxlZjZFzdQdsUrysjIr-0jWzcVMN37_8OCl6dftnxUoe4-RTtHgoSZBieHbD_XZBud2J6Afg2DNJCliplT7crIccOLUuGIJHS_oy9TH8YpdKBmyuctDuerq-U1VJ0WT_7DJcPc0FCexNSHZh9SSn5ZzYyP5Snvkiu8aVgNfnrBhBBGBPYQiEozRQD0fcuZubucLcD3DXD36pDFP5Ld48mlbRkoyNu4qC70oaUgx2SbA4WQz6nsMqStu1YNCF6LebQk5g-dApdtW3FschwAO7W1LLK0K4uYoFtroSbEkKzW8KK4maxlcGRoMWW8-MHrdJ3UkeLvORIjeLNHvxAZ1CPAXld0q3RyMjzuUl0mhiKsmEOeCuAYl92hDF7oSGLjA69Z0Aksk5AEBGiZJo6RLhmYWnuNLlIkb806ET30wnEMEqvJqnZpSHy_eYblEENixVXw0n8pJh7Zbu1DX6zxz53TIX2BgDCA0cFB4ePRnITctf5G-8hsJuiL4yW2B1T00FrC13ryYzJ9xy3x9EdvxNnxvy8aDP92wRtKECi38Y9zuuLHBtDXYzDUSJaALaxKp0v_-ShpTo35KhTu-GUe7Q4NykBWAIm2iMuoOYFvSvMAzuyPlvpHm9Eb23HZA-RdECS-TjUTTxKcJSWjZhTZ4XK2nYRi20HydU7n_G-5t96xhkJeiyr_UYGOaIzBn1mGxO0J3wYJksLbS2aky25fOw3BODv9zYfLK--w8ovYWdojyjB6MMLJLd3j9N75n2YfiaIQ8PuIz14tCu8B0rIUMjAKZkudxytZ9wCUwG8A_klkyLg9wEFMKrhc92Ilogmt14BqrWW12YvNJhXH_l86LJZKLznZAhl07pAmF9SVPW4Pnw9TsYIEHHYcs7ydxukro2lbBzaeKogrstiD7AwLaJAKqOE0uttZABRf_4KecSawNMstrVKijK0wPSIooXVWh9giIcjUNQn5VNEHmPQjuhoftmczo6P_H2_2KcAHZeE7M-0uFZ34SRm-qdBUoFdb2dMC7acJEGSpzr5xm2BPZ-v8SxSllPYVtdzA-OHjX2sJjtaS0LofVMAHVqyaSWj35bTwTen9vWn9dUSgUIxwn4EOGprfU-HL1cvPP69IOHWpKdYm8KKVmuaITqLcBXD_ksOpkjLCZhaxopQClV7_qxE8MydvO0JnBZMKfIh08Q2zXfVn2FsvYo1lBr1woqn66h5HvSuswbRaXcPN9_iWH9r8qRp2du9Ozy4DLFkNHeNHLjsHv_oXOmJ2oCniI8jQ&cid=CAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=http%3A%2F%2Fvaughn.live%2F&ds=l&xdt=1&iif=1&cor=2021843440994647800&adk=2923430907&idt=174&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTQzNjYyMzgzOTMyNwogIHNlcnZlcl9pcDogMTc1NjE5NDcxCiAgcHJvY2Vzc19pZDogMTY4ODMzNDUKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogMTE4Njg5NDMK...
ad.doubleclick.net/ddm/activity/ Frame 8B97 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTQzNjYyMzgzOTMyNwogIHNlcnZlcl9pcDogMTc1NjE5NDcxCiAgcHJvY2Vzc19pZDogMTY4ODMzNDUKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogMTE4Njg5NDMKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzU1MjQwMzQ4NDExMTkwNTQwMQpkZWJ1Z19rZXk6IDExMDM5MTA4OTgxMDkxNTU3ODgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTAxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU4OTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNzA2NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x469a8f224f96a0970000000000000000","13":"0xbc793de4b0f5241d0000000000000000","14":"0x3b0d55e8ba700130000000000000000","15":"0xfa26f06fc7cf14250000000000000000"},"debug_key":"1103910898109155788","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"3552403484111905401"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYkuTm7QEwAQ&v=APEucNVInSJFt_8K1rygAYBmtCsrGNq--OMxMxat4pU6fp8NIecixhOI_UQqwFlpQNQfHbV0c72kF_k19yHHj3jB2QJKtfl_-JAxs3eTS1elEIdzmIyT0Ft5VEX7tzrToOeZNbGbicRVszXalvckfRC9rAy-VbmmThiI4wKmaG5S2WRUhPBShitMia9XjevpfWeRlXrzw_NnqxeF0TCd6Uw6V7_ojwSWlQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4cYtApZzA5VUd0YKjrRnJ95KgkFnkvU0ECEcQhYYwyjvWv6fBzdJz5fr3baAMAFhqzq7wqxaMq5si1QFQr3Gdhh3zvhbG%2FNvfrFYm0ZZ4MxeAbgsrMlfMNrhElQZCXa4aY95AZZ7zGX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb3bf253731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHhk5nAwXTC6ApuEIZcFkw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FFA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYkuTm7QEwAQ&v=APEucNVInSJFt_8K1rygAYBmtCsrGNq--OMxMxat4pU6fp8NIecixhOI_UQqwFlpQNQfHbV0c72kF_k19yHHj3jB2QJKtfl_-JAxs3eTS1elEIdzmIyT0Ft5VEX7tzrToOeZNbGbicRVszXalvckfRC9rAy-VbmmThiI4wKmaG5S2WRUhPBShitMia9XjevpfWeRlXrzw_NnqxeF0TCd6Uw6V7_ojwSWlQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWts1Hsoew%2BOVylgqm7i3AaSsy95j2rrxoVETUsHQCPmLJn5JUS9FRD1XQM%2FheO5HwSxq4rieNHwy%2FUNKG7hfKiH8bYbW4z%2BMBiZYGa07CQcDS6fJBWc5Xd1xoR2EVVYAZN7D%2FiXzIlJpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb3ef4e3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1FFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYkuTm7QEwAQ&v=APEucNVInSJFt_8K1rygAYBmtCsrGNq--OMxMxat4pU6fp8NIecixhOI_UQqwFlpQNQfHbV0c72kF_k19yHHj3jB2QJKtfl_-JAxs3eTS1elEIdzmIyT0Ft5VEX7tzrToOeZNbGbicRVszXalvckfRC9rAy-VbmmThiI4wKmaG5S2WRUhPBShitMia9XjevpfWeRlXrzw_NnqxeF0TCd6Uw6V7_ojwSWlQ
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
6f97f573-36a5-4e2e-99e5-1aff3f466823
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1FFA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYkuTm7QEwAQ&v=APEucNVInSJFt_8K1rygAYBmtCsrGNq--OMxMxat4pU6fp8NIecixhOI_UQqwFlpQNQfHbV0c72kF_k19yHHj3jB2QJKtfl_-JAxs3eTS1elEIdzmIyT0Ft5VEX7tzrToOeZNbGbicRVszXalvckfRC9rAy-VbmmThiI4wKmaG5S2WRUhPBShitMia9XjevpfWeRlXrzw_NnqxeF0TCd6Uw6V7_ojwSWlQ
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:03 GMT
an-x-request-uuid
b2b6024f-79cd-45b1-8f08-f90f185f81d6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame 8B97 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1701436622993420&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6aa5e9c33e0af53e222a9508ba5a4673c16c5f7bf816448ac412a465a67fbc43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4188
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 98F5 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F327 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c29157d46d14b0d6992d881b79541643a70ffd9a17ffb11beaf6b3c8c63dd467

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29275
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=1278826778898544&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Cleaderboard_10&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&ifi=13&didk=1466714154&sfv=1-0-40&eri=1&sc=0&cookie=ID%3Dca44699ce194aedd%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbhJ9ARoDFXnlb3uacsSWDHU2gt1A&gpic=UID%3D00000cffbe925316%3AT%3D1701436622%3ART%3D1701436622%3AS%3DALNI_MbvyHgzMuBDM4IJnUtw-WW_4si7HA&abxe=1&dt=1701436623977&lmt=1701436623&adxs=765&adys=6007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=11&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=822x-1&msz=800x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Dcopy_leaderboard_10%26hb_format%3Dbanner%26hb_size%3D320x50%26hb_pb%3D0.00%26hb_adid%3D2991ece77e079c8e%26hb_bidder%3Dappnexus%26didna-refr%3D0&adks=966697250&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c048b30a853532e5832a291b139cb5f1450d7dc871492bf65f1effc3a16095f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43922
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E7C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D39E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidResponse&bidder=nextMillennium&source=pbjs&placements=29275
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4058331024228082&correlator=3665774872863139&eid=31079832%2C31079856%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=170737076%3A7882738%2Cdisplay%2Cvaughnsoft%2Cvaughn.live%2Crectangle_8&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C300x250&ifi=14&didk=3701212227&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D0aafaef5899ebb5e%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MZCx_ibCoSLKzIu4Zxk-k5zieEuOg&gpic=UID%3D00000cffbe6d0568%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MZMekaODupxwrlOmrltkrcKY61_aA&abxe=1&dt=1701436624040&lmt=1701436624&adxs=766&adys=4515&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=12&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fvaughn.live%2F&vis=1&psz=410x-1&msz=410x-1&fws=4&ohw=1350&ga_vid=1641055854.1701436622&ga_sid=1701436623&ga_hid=686840266&ga_fc=true&dlt=1701436621503&idt=1277&prev_scp=auid%3Drectangle_8%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D301bf72746fdcf79%26hb_bidder%3DnextMillennium%26didna-refr%3D0&adks=1916539333&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94776cf8ada4fa2b1ebb7ccd87b79364132fbfc07985d49ed6f32b99402c54be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15859
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://vaughn.live
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9BF6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900026.redintelligence.net/ Frame 8B97
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7b7ee4b2a42e9b29aa88e3b16f6355a29cca9881a9e13b6a7da6a7b8ce0d2723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40138400096789704444554012525026
Connection
close
Content-Length
1329
Expires
Fri, 01 Dec 2023 13:17:04 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 01 Dec 2023 13:17:04 +0100
dr
as.ad4m.at/ad/ Frame F03F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hex55wpbrej231m41beqtydh725c38pm14p82jycszz3vb0cdmjvjsvbgware5ya55td74ybc1f081d4sc8gf6y9y10ypptb9pdh9562a0ynts99jvwh5v2x1cg9fk3dj9gcqfgb34w37583byxknqm21awj2w636n35nww0ns2w1dq6f1yhzwmz7zs5qvdrbgp49k9gbna4twvj737ncx4a6aj3f1c1kc3655m6taqnxddy05vxs6s5ncza6jctehyrptm0k8adpfk1zkgsv15vpz6nswpe9na4kb1rqer55x2qymkhpryc0q9w0xxaq1erwp0qt65v290xdmxswgrn2k2k7cp7saswhaeddx25kpqaj6ytwr7jf18mxwfvt51xqwn6q8z8kj6vfwkkbnxrngp9qkdvhyaeatcp20wnz3d62hpcvhj1x0ssn8hnexa1dz1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%26num%3D1%26sig%3DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%26client%3Dca-pub-2829411399762487%26adurl%3D
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34314f37d5552fd8af78d87100a3c05206ce31bfaa148263f58685b4cd963478
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82eb9bb4c8a55c7a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0C96 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D26 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0C96 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
l
www.google.com/ads/measurement/ Frame 0C96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQINvtgNh8xY7EOayLmueJP63Pp9w4DI7iUaC8MpupKfpxOLyZTsP5SUOHU7-KferJXSxneheHPiLCqtXqg5LyjtfUY9w
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0C96 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
244031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Nov 2024 17:29:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0C96 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B007 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNV81Cpgq-yVA-nAu1MzPnvAV204wZQqpcSK1KVn7pOJFJIENeAioBKrHHZolLYvw64N-E6_McGdGB0kxE-7tyZ1MnCO3Pq4RgTqFMnAK-07GVSZv_2J7g44DPFAHSDvqRAxlmQjNXtMsmHJr9irfAksN6gu9BJGSDaISRN7zgIIu8yDl-nQqpE0nitO7cC3quQCHG76KfWzn4UuqPzApjsq5JrA-A
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
8649293865786170783
s0.2mdn.net/simgad/ Frame 4E7C 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8649293865786170783
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be34532fabadfecc4bb68618c6b2a13221cedbba7cd7b56081e95bb5b99e932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 06:47:14 GMT
x-content-type-options
nosniff
age
368990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101402
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 11:18:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Nov 2024 06:47:14 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 4E7C 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 4E7C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame 4E7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsut2ZDGRJMRApDdQM1614QTYMOwz7n1QGXUdghn0yNaBBsR4KKJ6DjKc8oc56Jc6sskLUKfL154jNnQD8b4yvzBdcZPCPZur9bar5XdvQHYP1CR4AwLXRzbJB5OHfMgPGdy-IILVoqY1nB7I4fZoml5sY38RMooMzUcfZ5Rj-nQHfATfcRG8SJgj4h8tQ86AfHJbm1gUkA0HJwOsufc2NGclpg2e8yXyRxydAU50ds0LylXGo5-TLSg2EqgQaMFcY1OpJ__VmNCGQ_msm4QAp5HmQbc2pd7EQ7OnQzgtCw4zoyUaaOcW9Tnh75yiZmO9yuH7zFNswslEqdkeat2boaqdBsb2U8IIpWZG_oSeNgjQKR3GoYrs6dFhTzZSB53baTRkqXzSFqKJ1IexUzBhsy-fUTgMoVDwJbuMSlkLuUS4i85q138W_UzDFMhIFm5U47Vb1wW141VZhw6qVyY7HwKT6qqtfrf0iuczNEekIKEhA3e_yONWK9Sxq_1fUe7KJ-QDQlnvpzBReFnhnU-P9ekLL3-alGobQwW7tYhXaNP09PiLGawH3ZLC18KOii9YLUFEBUCqUqGhP5v2bGkqz9vMlDtOs6fkKpbxVX53BjsMyvw-hiazdvePz_DXDaobY7QKVdZmzplsqx08LOolYhr1bW_bAu-diLWYrldmBpZD7Qy9yIffX4gdO_PXdDGaYYiaQyRkp78qPN7M2dG1LBbJhw_IS8DsN1mbbnczEQXbL0fxpxz58QuFz-EXF8yh8WagJh1y9yv-C-E7eqBPnkwDjGckxTqYyiEifG3aqoKcqJJMbJL04s88rVKnb6bGRF9Ovnt79-sV3QpPJIqJ5tHTDmz8EUdRoH1CRLpE2TNswKhdRaDnBMfx-jSL3FVNKtemAK8Et_zElPzDPshY_79hwRmjatJwwiI1Ol930HJdjhdenNCR1vZlNT6MJAOSbC4XG5xN5t3oiDlCv37d1NgpWJaZSqJgWLCK6jvK4DPIlPVGPuoVPItWwiUF7QD8Qd0jrT-C-3Qwj8He6pEKpwor1gU3tofR2oLFjWh9-NSmMPF7AtHHruMfMsSZpqzx-KaA0iQJU03W64yDIBaVDvFzYrTl5kSypdvnhh6JIysUuE73KR7oupmcNlO9Ro72SSQQYa6AmSb4atVDFfL46mMnO7VB4Qu45l_uMLtKD1aonREfq56DGU3BVFvvWoxphvydhq1eTmg2brAHfqyrjNUOS8ToJH4omSRNNBzfQ_URkBQbcqrOaP43DM5n3jgmFdcd759ELT1b2i8wjMS-BzelTsh7Tp7w0MWDL5nu0n9B1awqKZ2xAsKtgU46LVfEyuCLJUvp0y-tgr991Y&sai=AMfl-YThVtyNksJwnMuxg383vVN7qR9uSRa8pm7aBgSCZNLXrW10HG5KE-0XO_ZYCC2VEnWaiBaDKz2Sc_72130PnL_DhYJe3cmDYXw7Y2pMNa95XTgFUTPGrxQ_aD9DyT2cBP89j8DQJTBpAnarmKr2sOvDoXuyxc4ib8DiG2w5SnMH9Moyg73HJ2ZOUTnWlvxODx0yZLbTuFFSlfB3SNm9O7SLBqJy-HUel7H2w1_46NOls5LtpX2BqJi9OKpII1G4Vy6jJh5Cx3OEXcjzPd3F0VIK4Fb7BlW1ow_KDlm_4p1kOUkVtWd3tIkcDInq5fIrZd0Al659XS4bkmWvD4wjn978TtclmhMQx_UDIWNRrM0eP0_ILUXA5oXnOiyzIBYGZrj_KKY7RDxwVaGjDqb_MaY6FdiA7ukBWDeXBfXy&sig=Cg0ArKJSzC4UBG0bY7JYEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iZWtvLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.26897&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4E7C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4E7C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8ACF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4E7C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E7C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFlcVpeQHGD0GeWcg92lhn2_GmLtW7XwSDTDdaRcdGorRvhu-5nToX48FTlP88LlLDpBfky_5iFercoWj4TNa1EhqAZmYRexY6GbK1ze8uhlHHGf4
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 4E7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkvhxRqb4dz6MJtNZzykCKCJkgQPnSFlLBSkBhHzYACP4mmculWJHCiZ6GbmPx1-Kaf9JTFv8KCX9-StMohaxhceZJ7g
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4E7C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 4E7C 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=11857683&siteID=N192603.1972103DOUBLECLICKBIDMAN&creativeID=204956342&placementID=381087023&rnd=4256092819&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58c::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Fri, 01 Dec 2023 13:17:04 GMT
P3P
CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
unsafe-url
Vary
Accept-Encoding
X-Frame-Options
ALLOWALL
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires
Fri, 01 Dec 2023 13:17:04 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 98F5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E551 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39004
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
Sat, 02 Dec 2023 00:07:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame E553 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d78c5287e68d767ca2e2b85d695f706d132ea54d6082dd3155bf22001546d9

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82eb9bb4c9ce37c6-FRA
content-encoding
br
content-type
text/html
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H69Sw2eERn92sF2ntbIHNKVwl47FKEpCIkKlGI62mtJqSfvTKtkui9pZxHCV9FOIBKtXRlgXeS4I9OFH6OEFBs2s4bS1Ed%2BYQjSxDaUrKI0gvIrHZnXBH%2FKmNnRdoEaxJlPwG0TvPoZyEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5BFF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 13:17:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 01 Dec 2023 13:17:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
server
AkamaiGHost
setuid
sync.ex.co/v1/ Frame 54A6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3684&gdpr=0&gdpr_consent=
  • https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=39f1249259da198312c99b8dc6669
86 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=39f1249259da198312c99b8dc6669
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.44.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-44-187.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Fri, 01 Dec 2023 13:17:04 GMT
vary
Origin

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Fri, 01 Dec 2023 13:17:04 GMT
Location
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=39f1249259da198312c99b8dc6669
Pragma
no-cache
Server
nginx
x-sticky-vk
1701436624097036-546
sync
ssbsync-global.smartadserver.com/api/ Frame CA69 		0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 01 Dec 2023 13:17:04 GMT
setuid
sync.ex.co/v1/ Frame 6219
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=880adae2-b84e-43dc-b484-01e0ae796a1a
86 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=880adae2-b84e-43dc-b484-01e0ae796a1a
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
34.194.44.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-44-187.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=880adae2-b84e-43dc-b484-01e0ae796a1a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dmp
vop.sundaysky.com/sync/ Frame 6219 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsundaysky%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7Bssky_uuid%7D
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.147.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-147-92.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length
43
expires
Sat, 1 Apr 2000 00:00:00 GMT
setuid
sync.ex.co/v1/ Frame 6219
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1701436624551
  • https://ad.turn.com/r/cs?pid=45&rndcb=6356034667
  • https://sync.1rx.io/usersync/turn/9098278066350391065?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-3c440...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003
86 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
34.194.44.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-44-187.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 01 Dec 2023 13:17:05 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003
date
Fri, 01 Dec 2023 13:17:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3c440b4c87b24a2d8dc3008fa08feaa1003
content-type
text/html
setuid
sync.ex.co/v1/ Frame 6219
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=5657527055004491837
86 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=5657527055004491837
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
34.194.44.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-44-187.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
2af8a753-ba03-4dd5-9858-54f20f60e7c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=5657527055004491837
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 6219 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Dec 2023 13:17:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A761 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV1tGOgCUqXdy07JIZvfEeuYHkjDMTbacx0FmOq1Udv1_4HbyweLZxFlSKWhlM3On-ERE6s71tg2LLog1Af9Sdii06kjoJUR5OlerfzOUSxqT5NjY4j4GYXRQS1Q-hbxTHVwAtxMaGWhNbU-nd6OMVSwnd7O8oQDzeL8gNBDmD8uVDvpLOsFfoJTelRWucxVL6JRhvZ3FjSewDhoE4Xec5yrknGiw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7604246044395771258
s0.2mdn.net/simgad/ Frame D39E 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7604246044395771258
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
892e54b1b4120c7da83c702e2ed1663ae5f118c3062124edb155d4c3bda6e7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:13:25 GMT
x-content-type-options
nosniff
age
518619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80599
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 13:13:25 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame D39E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame D39E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame D39E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsudYA1kOU8mkOA_TrzunL2jWGPBysq3gqYTYThpZ2uiXeZyd3SPB05nwXZ6Ygna-lXddvCU2BFivRsHRW7BckigHJq-745JQ6eluY1cBka7sYepeEzwC9MaYurgj984oLXCN6soxIKHLfAYKCbR-fzJzONi7icv5J2ih094Cq9MX-LWqOR-MFM9wcqzGuJpomrzwOSJuc3_GCLW3AsRwNExJBg6EaXMvTvPZUxWC-CAqZmkkZmHBNqMEQk6dadB0xZpPJ_UHtdTG0DG52xNoUG8nAMKAlUIv3at-EXnNXDsOya12ttZ3Q97QVCn6GryoHtMyda1eb8HYAcAQdrttUR7jfGiELcJrll3JPhzVpfrbqURmfsRZXfLqrV6mledeR6Rbhye5il-oDqO1NNg8MEiy0URNRDTxblf9SPEVDbVvoDNm_fFPPZGosVi-1FrjQcZtFqz_AB6mO7hMPulgdFkNPJTjueXQWuyRCdppFSsDvBvLtkiDpwjU_02BZUL_cuDmCAVPSZQNfODzRaGGxD3T_xifuRyROFzg2l2mX7H1RnaShINO-GHTY517PGGncxjJp5plxAVoSuip1-2KsnFpX3YvpiBjr9h5Wxf3yUrVXA2X17uhv2whCCp2p4HPAOCuP4hoU7ntYoF6Y8IL3_o_R73_Co5z1YHbCtu0teweG7jXoXydy-8OBjksLynbDT3nkj3G2T-H1W1eAFdknAnKDk4OSa3E9AZjOKUWPpSLFjqzL_coNcoUmPBiZr46LK26XuKVp2Zno7sXy_6cIxvVBwIW43uIVBVUppp-mFuKFMFpaEw347QRZZ8zcgbYWnkAPKQWVG-VY0Qj0G4FPk_nZXbk2BriI_iA9_r7W7zM_3WLw5JXgYO1IRSSiGRavd6OgpV0lPIVY8ybeMXe9zOfvLo6aq8rfKPDSD709mH1QLFcd7E3wDYn2xUsShtlSHNFubd-M_e4vx15VDJ_HEf-cdlMI7jVvjqh2C4wlqRUYi6UipW-x_tRG-lkRjUB63wQfYRSYLkfxu8eJneJJivQup36_TNoD6G6xU5zqCDBSYgxBEr8ZAjq88Ac7Zv9DIDRANi1LmNCK0K6Lk_ZT1T5z-3_h3fd6rHxPQ4gW9haSyzxa-WgS1i6DPjop8ytfTrHvugmQyqRkJvI6eRbZdvjycmIpAiDXgyY4lFzFxsyLLZ2fYl2v9qlnfLrp4PaVOzkMKYoEAQqRb2nrFSrv8kHPqhDqgEAZeN8yd3csj9zoM_0olg88672bWvJweEIor-JD5gRQcpOfIP54bs0V8pGSRrbh4d1MNLwUzo-_2AB5lgTVDCf6EO-nYEu4RGFXXr-lQ7QQohVDucYPh-Uw&sai=AMfl-YSeeTiWdUOS4DnStU80TxZ1213Rq9xW6xz4e6lT9rtdmmwXoDIyoFRnfMD0E02q-pzcIsqtPpn4gN1zC3p1zRH9KdJ40nZTeJ1EkhOZ-29YVtRz5wSicXVy8IJESJghGmlTdaIqjiWxRUZSQYupacMTuawYJZCQ_qwN89wAPCSS5y12IDwXBU6FhLkmNMlNbybdHHwEx8YTQw4IWhmzGP0LmaycvrMbaKNlY3vBlIbLhL0E3UjiWz6hUhhRIWKYkfzRyDYgrvLkylvfh8mvLocoMsJOY3jSeiNGi_ownTvj89L1ca1FWNJhW-qaE3rpAnHALB_FnRmEXNZ3ByfGC1QtR8tGnnu9oS-LzpFvt8b1rgKeQ9zq12wuHKMs_rmOmkMTLDd44uNCrMc3Wevh-TVAZclUYx76vIXrH3hFpBFl&sig=Cg0ArKJSzG0rfZAAauVuEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.93079&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D39E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D39E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A931 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D39E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D39E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7PCQmBuC1-PVKcy1fp_XsDHLGZ53wShn36AMGnAiA-Yp0XydX6IuSW-c98WWrU9dQYyoRe7lTPIJt5EmJYlLrN-qKjvuzHYPVYTXPXITDpbwPn60
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame D39E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPyz5RLD4ptPbUv6gCYmaxl3cWP8xw7RZFSEmiMlq0vBQumfcktCyxgdi9NBl74MTIXpKHRGVZ4N7VHPVjVH70AuxkEQ
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D39E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:04 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=1065849310&cb=8724d591-0012-4214-ab4c-831b4e57ee56&d=http%3A%2F%2Fvaughn.live&schain=1.0%2C1%21playbuzz.com%2C0016M00002LRH4nQAH%2C1%2C%2C%2Cvaughn.live%21didna.io%2C4169%2C1%2C%2C%2C&w=300&h=168.8&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=default&sid4=3.69.0-718fc94&pub=1&pageLoadUid=e5c850f5-7da4-40e8-93c9-81d52041d888
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.158 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
5351db0c71d4b459b2b3c0901e03b93e46a9ae8d1c1d93b6ed654b2a77f1ea8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Fri, 01 Dec 2023 13:17:03 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%22e5c850f5-7da4-40e8-93c9-81d5204%C4%A98%C4%B0%22,%22country%C4%8D%22DE%C4%B2%22browser%C4%BCch%C5%83me%C5%80os%C4%BCwind%C5%84%C5%91%C4%B3networkI%C4%8C%C4%8E924398626%C5%80hu%C4%8D%C4%B9ue%C4%B3p%C4%BC106584%C4%A3%C5%B7%C5%80%C5%A2%22http://vaughn.liv%C5%8E%C4%B3u%C5%86r%C5%A1%C4%BCgb0xizckt6zh0nso%22}
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.182.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-182-209.compute-1.amazonaws.com
Software
/
Resource Hash
38e1082563ce01e43f5cdf5322aad3632a3c996f1be43ac14aee62dfcaf1d06c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"69a-EsOlekYkElQPdnuWbuuuxg"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1690
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D789 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 4E7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsut2ZDGRJMRApDdQM1614QTYMOwz7n1QGXUdghn0yNaBBsR4KKJ6DjKc8oc56Jc6sskLUKfL154jNnQD8b4yvzBdcZPCPZur9bar5XdvQHYP1CR4AwLXRzbJB5OHfMgPGdy-IILVoqY1nB7I4fZoml5sY38RMooMzUcfZ5Rj-nQHfATfcRG8SJgj4h8tQ86AfHJbm1gUkA0HJwOsufc2NGclpg2e8yXyRxydAU50ds0LylXGo5-TLSg2EqgQaMFcY1OpJ__VmNCGQ_msm4QAp5HmQbc2pd7EQ7OnQzgtCw4zoyUaaOcW9Tnh75yiZmO9yuH7zFNswslEqdkeat2boaqdBsb2U8IIpWZG_oSeNgjQKR3GoYrs6dFhTzZSB53baTRkqXzSFqKJ1IexUzBhsy-fUTgMoVDwJbuMSlkLuUS4i85q138W_UzDFMhIFm5U47Vb1wW141VZhw6qVyY7HwKT6qqtfrf0iuczNEekIKEhA3e_yONWK9Sxq_1fUe7KJ-QDQlnvpzBReFnhnU-P9ekLL3-alGobQwW7tYhXaNP09PiLGawH3ZLC18KOii9YLUFEBUCqUqGhP5v2bGkqz9vMlDtOs6fkKpbxVX53BjsMyvw-hiazdvePz_DXDaobY7QKVdZmzplsqx08LOolYhr1bW_bAu-diLWYrldmBpZD7Qy9yIffX4gdO_PXdDGaYYiaQyRkp78qPN7M2dG1LBbJhw_IS8DsN1mbbnczEQXbL0fxpxz58QuFz-EXF8yh8WagJh1y9yv-C-E7eqBPnkwDjGckxTqYyiEifG3aqoKcqJJMbJL04s88rVKnb6bGRF9Ovnt79-sV3QpPJIqJ5tHTDmz8EUdRoH1CRLpE2TNswKhdRaDnBMfx-jSL3FVNKtemAK8Et_zElPzDPshY_79hwRmjatJwwiI1Ol930HJdjhdenNCR1vZlNT6MJAOSbC4XG5xN5t3oiDlCv37d1NgpWJaZSqJgWLCK6jvK4DPIlPVGPuoVPItWwiUF7QD8Qd0jrT-C-3Qwj8He6pEKpwor1gU3tofR2oLFjWh9-NSmMPF7AtHHruMfMsSZpqzx-KaA0iQJU03W64yDIBaVDvFzYrTl5kSypdvnhh6JIysUuE73KR7oupmcNlO9Ro72SSQQYa6AmSb4atVDFfL46mMnO7VB4Qu45l_uMLtKD1aonREfq56DGU3BVFvvWoxphvydhq1eTmg2brAHfqyrjNUOS8ToJH4omSRNNBzfQ_URkBQbcqrOaP43DM5n3jgmFdcd759ELT1b2i8wjMS-BzelTsh7Tp7w0MWDL5nu0n9B1awqKZ2xAsKtgU46LVfEyuCLJUvp0y-tgr991Y&sai=AMfl-YThVtyNksJwnMuxg383vVN7qR9uSRa8pm7aBgSCZNLXrW10HG5KE-0XO_ZYCC2VEnWaiBaDKz2Sc_72130PnL_DhYJe3cmDYXw7Y2pMNa95XTgFUTPGrxQ_aD9DyT2cBP89j8DQJTBpAnarmKr2sOvDoXuyxc4ib8DiG2w5SnMH9Moyg73HJ2ZOUTnWlvxODx0yZLbTuFFSlfB3SNm9O7SLBqJy-HUel7H2w1_46NOls5LtpX2BqJi9OKpII1G4Vy6jJh5Cx3OEXcjzPd3F0VIK4Fb7BlW1ow_KDlm_4p1kOUkVtWd3tIkcDInq5fIrZd0Al659XS4bkmWvD4wjn978TtclmhMQx_UDIWNRrM0eP0_ILUXA5oXnOiyzIBYGZrj_KKY7RDxwVaGjDqb_MaY6FdiA7ukBWDeXBfXy&sig=Cg0ArKJSzC4UBG0bY7JYEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iZWtvLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=79&vt=11&dtpt=78&dett=2&cstd=0&cisv=r20231129.26897&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame B007
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNV81Cpgq-yVA-nAu1MzPnvAV204wZQqpcSK1KVn7pOJFJIENeAioBKrHHZolLYvw64N-E6_McGdGB0kxE-7tyZ1MnCO3Pq4RgTqFMnAK-07GVSZv_2J7g44DPFAHSDvqRAxlmQjNXtMsmHJr9irfAksN6gu9BJGSDaISRN7zgIIu8yDl-nQqpE0nitO7cC3quQCHG76KfWzn4UuqPzApjsq5JrA-A
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N3A7SI59ft6rC3Rjz9kewCtj7W3VpI9b1eKIPDfdPFSEaKFS7sNGFQti2plAFGUPp3RqUPeLuJyfoX4ilYltuHg9Q14eUlMg2b0yLjPgjGVcbSJIohgZlI5ALKzrAnBBeI6q3lUw3%2Beew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb558db3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B007
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNV81Cpgq-yVA-nAu1MzPnvAV204wZQqpcSK1KVn7pOJFJIENeAioBKrHHZolLYvw64N-E6_McGdGB0kxE-7tyZ1MnCO3Pq4RgTqFMnAK-07GVSZv_2J7g44DPFAHSDvqRAxlmQjNXtMsmHJr9irfAksN6gu9BJGSDaISRN7zgIIu8yDl-nQqpE0nitO7cC3quQCHG76KfWzn4UuqPzApjsq5JrA-A
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1JF3QFgz90uDg%2BDNPVJwnecwL7QYOIFfMUVv%2B00BrU%2FDmCkTJJzKB%2Bb7yTIGohKBNKj2WcfhuD06qZ33FfSxc9MuiQcmx7dQwyKOpZxGMNaqM7h%2BOb%2FpPeloSWdTRW9D6ad5TT0ajN80Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb639bb3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B007
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNV81Cpgq-yVA-nAu1MzPnvAV204wZQqpcSK1KVn7pOJFJIENeAioBKrHHZolLYvw64N-E6_McGdGB0kxE-7tyZ1MnCO3Pq4RgTqFMnAK-07GVSZv_2J7g44DPFAHSDvqRAxlmQjNXtMsmHJr9irfAksN6gu9BJGSDaISRN7zgIIu8yDl-nQqpE0nitO7cC3quQCHG76KfWzn4UuqPzApjsq5JrA-A
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
50dd35d8-e9a1-4c58-8ee1-473900ddc8a3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B007
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPecKRDXsqT2Axj_k53-ATAB&v=APEucNV81Cpgq-yVA-nAu1MzPnvAV204wZQqpcSK1KVn7pOJFJIENeAioBKrHHZolLYvw64N-E6_McGdGB0kxE-7tyZ1MnCO3Pq4RgTqFMnAK-07GVSZv_2J7g44DPFAHSDvqRAxlmQjNXtMsmHJr9irfAksN6gu9BJGSDaISRN7zgIIu8yDl-nQqpE0nitO7cC3quQCHG76KfWzn4UuqPzApjsq5JrA-A
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
920c6ea3-254b-4d73-ba99-5ae696249c09
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D26
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBMXhSQhPhI2-_BLoY4ZYOQ&google_cver=1&google_push=AXcoOmQQzJoOjuoa-xGQKVqS44m2UpnOSmwbnKmbMxcGj5-qYuRguUyZo7o026zFDnFsNIgB4RP85...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQQzJoOjuoa-xGQKVqS44m2UpnOSmwbnKmbMxcGj5-qYuRguUyZo7o026zFDnFsNIgB4RP850soltd-B0VB5yhxSORegXgYMIs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQQzJoOjuoa-xGQKVqS44m2UpnOSmwbnKmbMxcGj5-qYuRguUyZo7o026zFDnFsNIgB4RP850soltd-B0VB5yhxSORegXgYMIs
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 13:17:03 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 16CCAD9C0D31469DA291E18271486824 Ref B: FRAEDGE1721 Ref C: 2023-12-01T13:17:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQQzJoOjuoa-xGQKVqS44m2UpnOSmwbnKmbMxcGj5-qYuRguUyZo7o026zFDnFsNIgB4RP850soltd-B0VB5yhxSORegXgYMIs
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLcpWY1h+2dOaz2cFIRg==
pixel
cm.g.doubleclick.net/ Frame 4D26
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJjfp3g-S3bjjW5RQZ9NsuM&google_cver=1&google_push=AXcoOmTYekw8_6OdZG8nktDk52125DsrLl-eKUwBXdfx3H4RSWK64v3SiWWBMOHHR3fecLVRMg8xVAaQhgeHaR...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTYekw8_6OdZG8nktDk52125DsrLl-eKUwBXdfx3H4RSWK64v3SiWWBMOHHR3fecLVRMg8xVAaQhgeHaRinAr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTYekw8_6OdZG8nktDk52125DsrLl-eKUwBXdfx3H4RSWK64v3SiWWBMOHHR3fecLVRMg8xVAaQhgeHaRinArcK3fzagdz595o
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTYekw8_6OdZG8nktDk52125DsrLl-eKUwBXdfx3H4RSWK64v3SiWWBMOHHR3fecLVRMg8xVAaQhgeHaRinArcK3fzagdz595o
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4D26
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEMAH1xxEwqzSBZH-LTSPhJo&c_param1=AXcoOmQziaHGnkxwwdPXS44XAwDAqz9xAGJuaVcDvGCWI6z6PrnUl5LOGNV34IEEOkzJdpeNDmx9Fd5mIYC7F_Vv5SVqtfkfLGINSEs&gdpr=%%GDPR...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQziaHGnkxwwdPXS44XAwDAqz9xAGJuaVcDvGCWI6z6PrnUl5LOGNV34IEEOkzJdpeNDmx9Fd5mIYC7F_Vv5SVqtfkfLGINSEs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQziaHGnkxwwdPXS44XAwDAqz9xAGJuaVcDvGCWI6z6PrnUl5LOGNV34IEEOkzJdpeNDmx9Fd5mIYC7F_Vv5SVqtfkfLGINSEs
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQziaHGnkxwwdPXS44XAwDAqz9xAGJuaVcDvGCWI6z6PrnUl5LOGNV34IEEOkzJdpeNDmx9Fd5mIYC7F_Vv5SVqtfkfLGINSEs
date
Fri, 01 Dec 2023 13:17:04 GMT
server
nginx/1.23.2
content-length
0
sync
dsp.adkernel.com/ Frame 4D26 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEGLDLtElDiDoF5ZAIHYn3Zc&google_cver=1&google_push=AXcoOmRZmVBLCrACjjAsjquFz9c0eJTQZ7NXjQ26BO2x15XX2Qhodi0jVsMWUKPKIAoN8CHFtqq0BoEYhAPNMf3pGUx0aD6xQLY7gIw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
report
sync.teads.tv/um/ Frame 4D26
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK4qOePl37Kf...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQKZP_XXnSR-pDf_jApWr1R66UBl-SHt-zsAQTeE_3IoF0PEzFwaMcS_ELzaTt5-JoJWd_3pIFViWTdklbwijD4ZjQn3vuq7FON
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 13:17:04 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D26
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEAtOWbJVf-moi0dB-r3bxtQ&google_cver=1&google_push=AXcoOmTVwLDzQqaxfRP9d6BO7UlTCm7au5uWHBQoQXB9Td5tZrLAdm65dJkQZ0bs_FJvQVNmWzlSPRFdrQ-oun9Q9LB5z-2ae...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTVwLDzQqaxfRP9d6BO7UlTCm7au5uWHBQoQXB9Td5tZrLAdm65dJkQZ0bs_FJvQVNmWzlSPRFdrQ-oun9Q9LB5z-2aeGfIJ6H9&google_hm=9d9fcb00c3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTVwLDzQqaxfRP9d6BO7UlTCm7au5uWHBQoQXB9Td5tZrLAdm65dJkQZ0bs_FJvQVNmWzlSPRFdrQ-oun9Q9LB5z-2aeGfIJ6H9&google_hm=9d9fcb00c3ff4f881gmz4l00lpmnfpmw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTVwLDzQqaxfRP9d6BO7UlTCm7au5uWHBQoQXB9Td5tZrLAdm65dJkQZ0bs_FJvQVNmWzlSPRFdrQ-oun9Q9LB5z-2aeGfIJ6H9&google_hm=9d9fcb00c3ff4f881gmz4l00lpmnfpmw
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4D26
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAJhlspYRfoI6l2SR9gSRls&google_cver=1&google_push=AXcoOmQPWYa1n3FvMJsQy8YGCv57PvMdI49pTEZmn3HIVpAUfNKFGosDxCF64Hwa5IR...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQPWYa1n3FvMJsQy8YGCv57PvMdI49pTEZmn3HIVpAUfNKFGosDxCF64Hwa5IRQZWKgxf0Rv9UVsVUrsoVZJ44_WCt--rh_0Dk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQPWYa1n3FvMJsQy8YGCv57PvMdI49pTEZmn3HIVpAUfNKFGosDxCF64Hwa5IRQZWKgxf0Rv9UVsVUrsoVZJ44_WCt--rh_0Dk
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
7609957e.d9b79f03
date
Fri, 01 Dec 2023 13:17:04 GMT
x-bytefaas-request-id
202312011317042525F051E450041E7558
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-121-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time
123,2.16.121.74
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=35, inner; dur=32
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202312011317042525F051E450041E7558
x-cache-remote
TCP_MISS from a23-222-3-136.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQPWYa1n3FvMJsQy8YGCv57PvMdI49pTEZmn3HIVpAUfNKFGosDxCF64Hwa5IRQZWKgxf0Rv9UVsVUrsoVZJ44_WCt--rh_0Dk
x-bytefaas-execution-duration
29.87
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01f6be43465a12ed6f674215fbfc8fb5f0474f769543d063d69f29bee1d331a493d29732d14c70e3366eca19f4d42cc35ca288d8e47e338a7620c0e6d63d5532219183109fcb32c09f57ace2de9e1531fe3d0a00f4b08ea680325f4b143d96d4bc3f2c4f32c4f1becd1b72613a1cf31c15
x-origin-response-time
36,23.222.3.136
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4D26 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITYsl6ZYVf8i7Mt1Wg_kuizgTB_a6lHc-T289vlDjJrydg5P5CSK2re2_2gI9uHNRP_wECF_M9
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usermatchredir
ssum-sec.casalemedia.com/ Frame E553
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMnN7WIX0BKNVt2-dz_nlXY&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMnN7WIX0BKNVt2-dz_nlXY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrvWEINTkpeMGJAnrqrMlNosX%2BXOxuItXJpvtHtBOwOvL6HC00r8Gl90X81v0boKc6NA2YRLh2kI8ZoEOXCI9UGcq7iDiQIKs7X6xnw7vASH3R3mbzr2YTvJZKwRwQgi%2F07uHtFi8mV%2F8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb558dd3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMnN7WIX0BKNVt2-dz_nlXY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E553
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWncz8bzbm7zKfdQm559AwAA%263236&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWncz8bzbm7zKfdQm559AwAA%263236&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0eadefce1820416586bfa6d08204b375
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Fri, 01 Dec 2023 13:17:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
casale
match.adsrvr.org/track/cmf/ Frame E553 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame E553
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F79VC89W9RHP7SPEP70B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1E30HHRFN4DE05DW9P33
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E553
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1ec105d6-6efc-49d5-8b92-474be54103e0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1ec105d6-6efc-49d5-8b92-474be54103e0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URWlFfLrBb%2FtgRW9Lvbl4Foly5JLlIDz%2BRxw6dFnpn7sy11BN6UP9f5kd89B3G%2BMVwmwudNT6A%2BSsPCz%2FbmXMRy%2B5IP2blTTz4Mp8YWqL73lmX1p%2FseXKmVKn%2F1rWocQCQq8c7LMLPW%2F3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb669e83731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1ec105d6-6efc-49d5-8b92-474be54103e0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 01 Dec 2023 13:17:04 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame E553
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236&tc=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1LMol11AT3VIAflVXfTKSFqNIYWit6Zq2RdveDL29w4sOjpKtnyy29mIzucPbg8P2u8W%2BctW5mBhp98%2BjY4oMlgq2ZUXGuu34BN66LaJIN6rRZ5zPOAby7%2BDHXGNGZMEuXDDDuBLapxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb68a153731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZWncz8bzbm7zKfdQm559AwAA%263236&tc=1
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT, Fri, 01 Dec 2023 13:17:04 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E553
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5a6ba79b-f103-4544-8930-969f8cc4b098
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5a6ba79b-f103-4544-8930-969f8cc4b098
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FdFmhifA9urdNismc1RCE9M%2Bl4T0plHxOvDcmQOWrMHeswJQc%2BZfiAtIPigi1e9IdxZdHscJN%2FHCxIoZI5mlqhIvnXLB4brdojhsKDQCmVPeYesIo0W8s99zoa%2FkAw5mB9ONJlLFsAvwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb669e63731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5a6ba79b-f103-4544-8930-969f8cc4b098
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
bridge
cm.adgrx.com/ Frame E553 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-2
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
sync.ex.co/v1/ Frame E553 		86 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=ZWncz8bzbm7zKfdQm559AwAA%263236
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.44.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-44-187.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F03F 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hex55wpbrej231m41beqtydh725c38pm14p82jycszz3vb0cdmjvjsvbgware5ya55td74ybc1f081d4sc8gf6y9y10ypptb9pdh9562a0ynts99jvwh5v2x1cg9fk3dj9gcqfgb34w37583byxknqm21awj2w636n35nww0ns2w1dq6f1yhzwmz7zs5qvdrbgp49k9gbna4twvj737ncx4a6aj3f1c1kc3655m6taqnxddy05vxs6s5ncza6jctehyrptm0k8adpfk1zkgsv15vpz6nswpe9na4kb1rqer55x2qymkhpryc0q9w0xxaq1erwp0qt65v290xdmxswgrn2k2k7cp7saswhaeddx25kpqaj6ytwr7jf18mxwfvt51xqwn6q8z8kj6vfwkkbnxrngp9qkdvhyaeatcp20wnz3d62hpcvhj1x0ssn8hnexa1dz1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%26num%3D1%26sig%3DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%26client%3Dca-pub-2829411399762487%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hex55wpbrej231m41beqtydh725c38pm14p82jycszz3vb0cdmjvjsvbgware5ya55td74ybc1f081d4sc8gf6y9y10ypptb9pdh9562a0ynts99jvwh5v2x1cg9fk3dj9gcqfgb34w37583byxknqm21awj2w636n35nww0ns2w1dq6f1yhzwmz7zs5qvdrbgp49k9gbna4twvj737ncx4a6aj3f1c1kc3655m6taqnxddy05vxs6s5ncza6jctehyrptm0k8adpfk1zkgsv15vpz6nswpe9na4kb1rqer55x2qymkhpryc0q9w0xxaq1erwp0qt65v290xdmxswgrn2k2k7cp7saswhaeddx25kpqaj6ytwr7jf18mxwfvt51xqwn6q8z8kj6vfwkkbnxrngp9qkdvhyaeatcp20wnz3d62hpcvhj1x0ssn8hnexa1dz1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%26num%3D1%26sig%3DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%26client%3Dca-pub-2829411399762487%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1682844
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KAgKmhSdRZTq1XOZ%2Fq%2BfkCYNlOPHdb9R46XLMxIClPCC3VD%2BAsdpj%2F1ZyK2H%2BizD47o0CZ25sEirkf%2FhNi5o2JltQQNEa3HSqjvKhusv%2FC5E6W4kJTam%2F26j7TzEmNj6zuDMGVcnHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82eb9bb538fb5c7a-FRA
expires
Sat, 02 Dec 2023 13:17:04 GMT
r62eglto.js
ad4m.at/ Frame F03F 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hex55wpbrej231m41beqtydh725c38pm14p82jycszz3vb0cdmjvjsvbgware5ya55td74ybc1f081d4sc8gf6y9y10ypptb9pdh9562a0ynts99jvwh5v2x1cg9fk3dj9gcqfgb34w37583byxknqm21awj2w636n35nww0ns2w1dq6f1yhzwmz7zs5qvdrbgp49k9gbna4twvj737ncx4a6aj3f1c1kc3655m6taqnxddy05vxs6s5ncza6jctehyrptm0k8adpfk1zkgsv15vpz6nswpe9na4kb1rqer55x2qymkhpryc0q9w0xxaq1erwp0qt65v290xdmxswgrn2k2k7cp7saswhaeddx25kpqaj6ytwr7jf18mxwfvt51xqwn6q8z8kj6vfwkkbnxrngp9qkdvhyaeatcp20wnz3d62hpcvhj1x0ssn8hnexa1dz1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%26num%3D1%26sig%3DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%26client%3Dca-pub-2829411399762487%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187337
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2oh2IQpvWK1axnyPo7uZ5s0iTHtvwpj6jcRUAUgNhjrJlJ5i34a%2BPajxI3YzMs39ZAq%2Fak3%2Bx6jHC3Hidc7HZ1H2x1UB9LAe0jFbwTYF2d%2FhQmGturkQu3ROS7DFKMTIh8x018%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82eb9bb5592b5c7a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 29 Nov 2023 09:14:47 GMT
view
ad.doubleclick.net/pcs/ Frame D39E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsudYA1kOU8mkOA_TrzunL2jWGPBysq3gqYTYThpZ2uiXeZyd3SPB05nwXZ6Ygna-lXddvCU2BFivRsHRW7BckigHJq-745JQ6eluY1cBka7sYepeEzwC9MaYurgj984oLXCN6soxIKHLfAYKCbR-fzJzONi7icv5J2ih094Cq9MX-LWqOR-MFM9wcqzGuJpomrzwOSJuc3_GCLW3AsRwNExJBg6EaXMvTvPZUxWC-CAqZmkkZmHBNqMEQk6dadB0xZpPJ_UHtdTG0DG52xNoUG8nAMKAlUIv3at-EXnNXDsOya12ttZ3Q97QVCn6GryoHtMyda1eb8HYAcAQdrttUR7jfGiELcJrll3JPhzVpfrbqURmfsRZXfLqrV6mledeR6Rbhye5il-oDqO1NNg8MEiy0URNRDTxblf9SPEVDbVvoDNm_fFPPZGosVi-1FrjQcZtFqz_AB6mO7hMPulgdFkNPJTjueXQWuyRCdppFSsDvBvLtkiDpwjU_02BZUL_cuDmCAVPSZQNfODzRaGGxD3T_xifuRyROFzg2l2mX7H1RnaShINO-GHTY517PGGncxjJp5plxAVoSuip1-2KsnFpX3YvpiBjr9h5Wxf3yUrVXA2X17uhv2whCCp2p4HPAOCuP4hoU7ntYoF6Y8IL3_o_R73_Co5z1YHbCtu0teweG7jXoXydy-8OBjksLynbDT3nkj3G2T-H1W1eAFdknAnKDk4OSa3E9AZjOKUWPpSLFjqzL_coNcoUmPBiZr46LK26XuKVp2Zno7sXy_6cIxvVBwIW43uIVBVUppp-mFuKFMFpaEw347QRZZ8zcgbYWnkAPKQWVG-VY0Qj0G4FPk_nZXbk2BriI_iA9_r7W7zM_3WLw5JXgYO1IRSSiGRavd6OgpV0lPIVY8ybeMXe9zOfvLo6aq8rfKPDSD709mH1QLFcd7E3wDYn2xUsShtlSHNFubd-M_e4vx15VDJ_HEf-cdlMI7jVvjqh2C4wlqRUYi6UipW-x_tRG-lkRjUB63wQfYRSYLkfxu8eJneJJivQup36_TNoD6G6xU5zqCDBSYgxBEr8ZAjq88Ac7Zv9DIDRANi1LmNCK0K6Lk_ZT1T5z-3_h3fd6rHxPQ4gW9haSyzxa-WgS1i6DPjop8ytfTrHvugmQyqRkJvI6eRbZdvjycmIpAiDXgyY4lFzFxsyLLZ2fYl2v9qlnfLrp4PaVOzkMKYoEAQqRb2nrFSrv8kHPqhDqgEAZeN8yd3csj9zoM_0olg88672bWvJweEIor-JD5gRQcpOfIP54bs0V8pGSRrbh4d1MNLwUzo-_2AB5lgTVDCf6EO-nYEu4RGFXXr-lQ7QQohVDucYPh-Uw&sai=AMfl-YSeeTiWdUOS4DnStU80TxZ1213Rq9xW6xz4e6lT9rtdmmwXoDIyoFRnfMD0E02q-pzcIsqtPpn4gN1zC3p1zRH9KdJ40nZTeJ1EkhOZ-29YVtRz5wSicXVy8IJESJghGmlTdaIqjiWxRUZSQYupacMTuawYJZCQ_qwN89wAPCSS5y12IDwXBU6FhLkmNMlNbybdHHwEx8YTQw4IWhmzGP0LmaycvrMbaKNlY3vBlIbLhL0E3UjiWz6hUhhRIWKYkfzRyDYgrvLkylvfh8mvLocoMsJOY3jSeiNGi_ownTvj89L1ca1FWNJhW-qaE3rpAnHALB_FnRmEXNZ3ByfGC1QtR8tGnnu9oS-LzpFvt8b1rgKeQ9zq12wuHKMs_rmOmkMTLDd44uNCrMc3Wevh-TVAZclUYx76vIXrH3hFpBFl&sig=Cg0ArKJSzG0rfZAAauVuEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=75&vt=11&dtpt=74&dett=2&cstd=0&cisv=r20231129.93079&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 8ACF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJyKNfY6rcO0V1aAFiJjjME&google_cver=1&google_push=AXcoOmRlSVIWrVeO_MjnDS-_JjdW4_5L4RWO_jIBDTRw6vFSSqgxiqepW1AQmXdi1kzcWAUZfPGQoJkdAU8z9uJ4yY0hHoefuLfYnac
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRlSVIWrVeO_MjnDS-_JjdW4_5L4RWO_jIBDTRw6vFSSqgxiqepW1AQmXdi1kzcWAUZfPGQoJkdAU8z9uJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRlSVIWrVeO_MjnDS-_JjdW4_5L4RWO_jIBDTRw6vFSSqgxiqepW1AQmXdi1kzcWAUZfPGQoJkdAU8z9uJ4yY0hHoefuLfYnac
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRlSVIWrVeO_MjnDS-_JjdW4_5L4RWO_jIBDTRw6vFSSqgxiqepW1AQmXdi1kzcWAUZfPGQoJkdAU8z9uJ4yY0hHoefuLfYnac
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 30 Nov 2023 13:17:04 GMT
pixel
cm.g.doubleclick.net/ Frame 8ACF
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBs0hITnaT6uFYzXSKEW3bw&google_cver=1&google_push=AXcoOmQ-1snZLIZiYpXYOxR4S3he6zAg6qB7CiFOJfcFFMm0hEj_Mima5suj0_reZAUI2acAT9bCf...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ-1snZLIZiYpXYOxR4S3he6zAg6qB7CiFOJfcFFMm0hEj_Mima5suj0_reZAUI2acAT9bCfhvOkk3XMQ5fEuiACFnYRVzMWeY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ-1snZLIZiYpXYOxR4S3he6zAg6qB7CiFOJfcFFMm0hEj_Mima5suj0_reZAUI2acAT9bCfhvOkk3XMQ5fEuiACFnYRVzMWeY
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 13:17:03 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B855064964A846C69C2EDC4643EC2539 Ref B: FRAEDGE1721 Ref C: 2023-12-01T13:17:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ-1snZLIZiYpXYOxR4S3he6zAg6qB7CiFOJfcFFMm0hEj_Mima5suj0_reZAUI2acAT9bCfhvOkk3XMQ5fEuiACFnYRVzMWeY
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLcpWZaEvXf9nnBqNWJA==
google
match.adsrvr.org/track/cmf/ Frame 8ACF 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESENpfoHcqmTszhJVomLU6Nlg&google_cver=1&google_push=AXcoOmRys1EwmXDJ617hymZbLS4u_XJK0GsxzkxEeP_KGRTuUACICPcOst8Yg1zgeghYb5OS7xnEPFWtfjZmEoL_TCdEyHZbbH2OEA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 8ACF
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEKolwzsHSODNneFBJhnyHfc&c_param1=AXcoOmSPL_oa4YCQsiP7rP0ayNuUglh6AWgvNjD9OrocNyscVw7saXtI0eCkXxGW3zm1pNixYSLV60ngKZQTBlntOLOIuouCvLs61Bo&gdpr=%%GDPR...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSPL_oa4YCQsiP7rP0ayNuUglh6AWgvNjD9OrocNyscVw7saXtI0eCkXxGW3zm1pNixYSLV60ngKZQTBlntOLOIuouCvLs61Bo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSPL_oa4YCQsiP7rP0ayNuUglh6AWgvNjD9OrocNyscVw7saXtI0eCkXxGW3zm1pNixYSLV60ngKZQTBlntOLOIuouCvLs61Bo
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSPL_oa4YCQsiP7rP0ayNuUglh6AWgvNjD9OrocNyscVw7saXtI0eCkXxGW3zm1pNixYSLV60ngKZQTBlntOLOIuouCvLs61Bo
date
Fri, 01 Dec 2023 13:17:04 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8ACF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKt0XZFV7gFKZZywYNyfjvw&google_cver=1&google_push=AXcoOmRLeHI7g1G3xFxzjmccscWdvI50VwaPDxzheQqV6HDaEIFMu3Zr9_1CYaE_nDUndh0Xk7BziHi3OHKcmAt...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=5M9D2Zf7Ws9v6PeQrP8P6bKi0Y4&google_push=AXcoOmRLeHI7g1G3xFxzjmccscWdvI50VwaPDxzheQqV6HDaEIFMu3Zr9_1CYaE_nDUndh0Xk7BziHi3OHKcmA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=5M9D2Zf7Ws9v6PeQrP8P6bKi0Y4&google_push=AXcoOmRLeHI7g1G3xFxzjmccscWdvI50VwaPDxzheQqV6HDaEIFMu3Zr9_1CYaE_nDUndh0Xk7BziHi3OHKcmAtWnddZ_WXtWZiA6sc
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=5M9D2Zf7Ws9v6PeQrP8P6bKi0Y4&google_push=AXcoOmRLeHI7g1G3xFxzjmccscWdvI50VwaPDxzheQqV6HDaEIFMu3Zr9_1CYaE_nDUndh0Xk7BziHi3OHKcmAtWnddZ_WXtWZiA6sc
Date
Fri, 01 Dec 2023 13:17:04 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
sync
dsp.adkernel.com/ Frame 8ACF 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMPt9O8ANQvdVy4-jHfqfnQ&google_cver=1&google_push=AXcoOmQnKvuApTqtk5fvQBtvDIHdMpPKppiqPcifHIa6XlahQHz1kJEvjDTaDV1obmlc3pgxM0GscDwwIsUUEFDtQQlHHE-i1wJivR8
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
dot.gif
s0.2mdn.net/ Frame 8ACF
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESELg-fhnLDMrEcqyHK-873jQ&google_cver=1&google_push=AXcoOmSQKugalAvhn0nZsslb9MXOOy4dAe7Wc_RdPOZvAYjeQX6Vg5oQZkpnIV89KDcsglC5QFd9BwJOHTz9Ybah4fB8...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESELg-fhnLDMrEcqyHK-873jQ&google_cver=1&google_push=AXcoOmSQKugalAvhn0nZsslb9MXOOy4dAe7Wc_RdPOZvAYjeQX6Vg5oQZkpnIV89KDcsglC5QFd9BwJOHTz9Ybah4fB8...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MjIyMDU0MDViZjI3MGI5OA&google_push=AXcoOmSQKugalAvhn0nZsslb9MXOOy4dAe7Wc_RdPOZvAYjeQX6Vg5oQZkpnIV89KDcsglC5QFd9BwJOHTz9Ybah4fB8Wcv...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MjIyMDU0MDViZjI3MGI5OA&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:31 GMT
x-content-type-options
nosniff
age
5313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 11:48:31 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8ACF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JinELZb2Na2Ah8VCS6r7EjJ4XBhVmXqUuWcp3FNCwzuuXxuu0HnLu6ZVwVl2J85rj1MWcs_g
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame A761
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV1tGOgCUqXdy07JIZvfEeuYHkjDMTbacx0FmOq1Udv1_4HbyweLZxFlSKWhlM3On-ERE6s71tg2LLog1Af9Sdii06kjoJUR5OlerfzOUSxqT5NjY4j4GYXRQS1Q-hbxTHVwAtxMaGWhNbU-nd6OMVSwnd7O8oQDzeL8gNBDmD8uVDvpLOsFfoJTelRWucxVL6JRhvZ3FjSewDhoE4Xec5yrknGiw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryC9eCk3po15Y3a%2Ff%2B3jcSKsud8QGZ8SzVk0RKMkiq86V1h5izxMDO9SwgZ5KJ4dSw%2FVJGyvktkJAWVEblPwYuMO1oYJ6B7zb4CSb58fvK07J9gmGoNgTNWjXfhlgJpHbf1%2FV5SyIKKx3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb578ef3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A761
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV1tGOgCUqXdy07JIZvfEeuYHkjDMTbacx0FmOq1Udv1_4HbyweLZxFlSKWhlM3On-ERE6s71tg2LLog1Af9Sdii06kjoJUR5OlerfzOUSxqT5NjY4j4GYXRQS1Q-hbxTHVwAtxMaGWhNbU-nd6OMVSwnd7O8oQDzeL8gNBDmD8uVDvpLOsFfoJTelRWucxVL6JRhvZ3FjSewDhoE4Xec5yrknGiw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnl6GONX059Fr0eTCmY1NM5BO5l2imigRWHlGK0NL1UT3Bn9VZxey%2Fk1wUfSnebCH57HFN3xrJvkLXzCMqT%2BW8T6q%2BAp42BnvRlFeutXDZqIcKY8i0gn1y5JOyXwsreyA87Aoa0%2F3lG7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb639bf3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDu48FHCdCmDmUYgRIeQrQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A761
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV1tGOgCUqXdy07JIZvfEeuYHkjDMTbacx0FmOq1Udv1_4HbyweLZxFlSKWhlM3On-ERE6s71tg2LLog1Af9Sdii06kjoJUR5OlerfzOUSxqT5NjY4j4GYXRQS1Q-hbxTHVwAtxMaGWhNbU-nd6OMVSwnd7O8oQDzeL8gNBDmD8uVDvpLOsFfoJTelRWucxVL6JRhvZ3FjSewDhoE4Xec5yrknGiw
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
449864f9-aac8-4826-90f5-a0bea3920dc9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfGELbHG56YfNhqLqW_SlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A761
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV1tGOgCUqXdy07JIZvfEeuYHkjDMTbacx0FmOq1Udv1_4HbyweLZxFlSKWhlM3On-ERE6s71tg2LLog1Af9Sdii06kjoJUR5OlerfzOUSxqT5NjY4j4GYXRQS1Q-hbxTHVwAtxMaGWhNbU-nd6OMVSwnd7O8oQDzeL8gNBDmD8uVDvpLOsFfoJTelRWucxVL6JRhvZ3FjSewDhoE4Xec5yrknGiw
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
11727a55-188e-47ef-8508-7d5799a24ffa
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9BF6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 18F4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame D465 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNX9P5gx8XBTECflYWCjlEZbcYW5yQsR5AFzF2_GlJ2YWteljhQLMdPYxoOWmzpeS2Ny_VwMuG5UHhTk7MJuEUYru_N_eST6yse-Ord-MIgnBBsg2jmZdXa9U6tMt7c24uHneJaqA4Drnog5wAbCQucKVcdgOAfxYmizxphnJn1PpnMMceg-excYi6yHzEZKHFb-lqCYKqnwPgFejefGAgZ1IjIzEg
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7604246044395771258
s0.2mdn.net/simgad/ Frame B2E7 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7604246044395771258
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
892e54b1b4120c7da83c702e2ed1663ae5f118c3062124edb155d4c3bda6e7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:13:25 GMT
x-content-type-options
nosniff
age
518619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80599
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 13:13:25 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame B2E7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame B2E7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame B2E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuWd25d3Wtl3H1NsJ1ZcYuoU9LUV_RZkpzVuxDZwBgeAeow5ZwTvkne2MGZpfjXq4eWng-HD9EHDlxNsInkHQ-W-NZQno8zQfu-zmp8rl3m-aPcLEyidvNqDXOIqolfQD7FAHMVdwRCpC-r-8gxZhW-kZVRV5qyLpT5rUlQTp-sGpm9PCRjS4ZXrGBgnodBnxfgQuNOhr6HqfH7gN6VMEP20Pe6aesZiGVOgl0oFSgMPvT8PZI0UbDTc-D4VcAC5U1i1ftgNskLByEdNtM84KsVxk9I9DrsPCAQ5-bH_Bmz0fksmbqWyuqnbwfoRAlniS-FwHq94BMLgUjGUaXwSTpABQEyrg9WVx4_Irxa5DFc8ip6yeyune59nOHWPx9rSGuPJraKbpMDdSdE-Gx-dC1YQV7zIEEG3_BXmE0owKscazggy9ZdFxiS3ZUPqc6evCysPz95yyyQsA9ouYP2Eu9pzCZPOqdm4dt7OSBIwalVLXTjOv-uaZaYTedPm_z_rQrFXK2jImhf8HzmJJR6_iStN8g0XRltGTsX6xNoceVcAUHppiYhLznOlJQ8tbCWzsMkJVLiDzz5c-vv01jZu4p40HRlAFLKyW52uTO8hqZl6LExW4GWV1oV4bMa3ipz3YzVZp8Ckb5b_7oBmZoUJKGHomKCxO2HKduwmhU6bDhC5Aoufr1gYPzEDPIyZ3joJnaHCj-8mFnM6keIJ0uME90rV_ZMl12Nz6A8Tm4P3s5aeWaQt2Kh56dning2VQIthdLwpJwKLx2FD92JrYrSaN2es8TLunjCmsL8nuXSpRv3kzQoW9nzs_Cz0BkiJnnH2zBJksPRs84AVf619IsKbccp4CBeSUPnuMbQ04ZqX6l8PM4DjI9pxQzaj61mdHx-RnBPDmqFN9NUzjkJnV6qTUIAfJqp9fR552mFzgP4EepAtUwogHj96zyUrB7U95WkpDlGOGV5K5Idu79H89h6Dr2WxZXzsxNCKcoznv5hg15xlTe7ZsKlQh7FgHsexkHqBpgXwZ6lai9H0C-cSEa3UEYIP84_C29vvd4tXlyBTFCVEqFf0YpCJxFZ6ASpzo4cKwbEXdcf_Os-CU78SuTxorABNAasalGuNae09Z2cf8BSAxeZssuF-kL0tpUDAvumhX5KPlaX6fm3eH_k71ZrmEZ0d1JgIt_-LmxAF_6-v7VCbA6UVIuxWx06RxgGEoDh0uDY4CfMqBFwOBs3TEYFfEf1HBEIoGVyuTWCBz262papStVMsWnkyYxGPGSKtgWy6BCBP6TLBrgpdflNKvCmmzrhJyR74E6ncNmHqWxH8oCN9zeMaUjn_nF27O3qDJtPWOAyfbCSrI_vBSni1u1sBg&sai=AMfl-YTHQ9oJWbWgovfYjBT6UvHahvNMcLWcjWT6N1UTUH5wRPT71RgN4ZbDnkNSQMUd--4Jbne-BmhTyGZbz8jxfrgdMeCZ52Le1RfxTKzj7otFGSHLNN4yCPGQ9fbLnpMN4PJa2PwFrHMvN2xr0pGCEFR0DyIgHjm3g3eyLldTRdcrTpl4mRTTTYRbY5Y6MFnfqX2aAxa2j8VfmqD4jI59wgMW0G3HZXovC1AhtH0b28cnr7JkHvkixkk0-svUabGVlYTncKRGLef69tkSxh7G3v5oSuu3NsM0QmK0BkvMQo1HJhNxI3DZ3iMiP_ggBLOhkwtuzghgE5sp9FI6_w_j33GcUOZtppS6NYq8Ba7RhLJ26OPsSDMP_UFPTX7hf4qZbGna_aBl74ZxdIrFPiebwaHSkrQ4yBRiuriX4ti5-eqZ&sig=Cg0ArKJSzEFue16I-tZUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.17813&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B2E7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B2E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B4ED 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B2E7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyGBl-HSXHSkkYK-X3ztnsaazl8MVnYkEi-uMXFo4jAuTZHW6O9cfdxcqMHLd1pJTfFEbwFiaPIIUDW5sNfqbitmqRSOx7dRGnh1GQ3Bnrnw2MfFA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame B2E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7G-VlAD4dlwfMlK1UHEAm1e80rSc02uEwyAjtgGBwzZSb-79AP3ra1scOwoBOcdgZym_NlzYTh0YUZgdFdtGruE8QaA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B2E7 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E551 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55201951&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:03 GMT
content-length
0
truncated
/ Frame 4E7C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00d40e6faa2cf9942af347c7e75fc8a210fb6b8ad58eea8331ddc9725bac8089

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame A931 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOG7iuFBtOdMjfI0j41Dr5Q&google_cver=1&google_push=AXcoOmQbbv1y6-EU3mHdTDOglacehN_WUE3if6Ks-FN32fpEroBrjXyuvFjh4ENsTqdbdu_cNmSi0n8cwNUE5CiSjZZ117JHGd0
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame A931
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFRlt8DsyxD-MXnxOxE4Ums&google_cver=1&google_push=AXcoOmTs2o1p_HQThxM9pgMYKNeLlfeHseNOxaerxGLVccfgWUrxFV28ovrJa5BJOf0GZtdlaAAozNWbokJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTs2o1p_HQThxM9pgMYKNeLlfeHseNOxaerxGLVccfgWUrxFV28ovrJa5BJOf0GZtdlaAAozNWbokJbrpC9aXpGWlU51zyL&google_hm=VIK7BHPUSpqkks9vX4iDBY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTs2o1p_HQThxM9pgMYKNeLlfeHseNOxaerxGLVccfgWUrxFV28ovrJa5BJOf0GZtdlaAAozNWbokJbrpC9aXpGWlU51zyL&google_hm=VIK7BHPUSpqkks9vX4iDBY4
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTs2o1p_HQThxM9pgMYKNeLlfeHseNOxaerxGLVccfgWUrxFV28ovrJa5BJOf0GZtdlaAAozNWbokJbrpC9aXpGWlU51zyL&google_hm=VIK7BHPUSpqkks9vX4iDBY4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A931
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMBtUoufLS4X9T8cEOKsAdE&google_cver=1&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vs...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMBtUoufLS4X9T8cEOKsAdE&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vs...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vsNZgheoOUyvt3Wc&google_hm=X2pxel9hUk9Xd3d3RTA0M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vsNZgheoOUyvt3Wc&google_hm=X2pxel9hUk9Xd3d3RTA0MzUzQVY=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR9S8hmPbhXMQ7xDsjR41UCKUSDEIM6nP09pv5ZlcMSHRma7yUbMPgrdaubjezSYZW7KtHp6mBzHn8vsNZgheoOUyvt3Wc&google_hm=X2pxel9hUk9Xd3d3RTA0MzUzQVY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
-
s.ad.smaato.net/c/n/// Frame A931 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEODzogAKp1Bcq4Zv9Xb7V64&google_cver=1&google_push=AXcoOmSx3CcLM5-kWQSN6j3cjv4i8Nkz6udxIDlf7hsTvXOWVq0K-AyKlEthJSfVARZqBA6UDPA-OAe4GD00VZEHY7-b5kNgfLc
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:9a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
no-cache, must-revalidate
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
E5oL1-tdtf21eSWrcgZG_MOecYC73L1YQhbZ91GXRDegq7SwrPXnkg==
x-cache
Miss from cloudfront
pub
cs.chocolateplatform.com/ Frame A931 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEEvvRn05X9R_w3vby4ITH_0&google_cver=1&google_push=AXcoOmQzyaWGAU8h5gfbnXUv-1J_oNHDDCqhB5ha27D5yRV1zfw9zZscCOREiUPNIxRGaBGm5UonmKWwTewPfYCRaPBK33c5cUMI
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:04 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame A931
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRoFRWSizUuhmr6y_cT8Fws8Nf52C6XyteqA-8972YTkwylmLQRqdBCMtASAr94pZ7ldragYIu38he5ljMsJLWfa8RYclnsiA&google_gid=CAESEK_eHJ9Oqtb...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_eHJ9OqtbLKentFjGd9jY&google_hm=T1BVZDMyZDJlOTBlYjk0NDkyODlkNmYzMDVmZTdkMzViODk&google_nid=opera_norway_as&google_push=AXcoOmRoFRWS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_eHJ9OqtbLKentFjGd9jY&google_hm=T1BVZDMyZDJlOTBlYjk0NDkyODlkNmYzMDVmZTdkMzViODk&google_nid=opera_norway_as&google_push=AXcoOmRoFRWSizUuhmr6y_cT8Fws8Nf52C6XyteqA-8972YTkwylmLQRqdBCMtASAr94pZ7ldragYIu38he5ljMsJLWfa8RYclnsiA
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_eHJ9OqtbLKentFjGd9jY&google_hm=T1BVZDMyZDJlOTBlYjk0NDkyODlkNmYzMDVmZTdkMzViODk&google_nid=opera_norway_as&google_push=AXcoOmRoFRWSizUuhmr6y_cT8Fws8Nf52C6XyteqA-8972YTkwylmLQRqdBCMtASAr94pZ7ldragYIu38he5ljMsJLWfa8RYclnsiA
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A931
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENkIjA9web27T9v_YanBDJE&google_cver=1&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D4...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENkIjA9web27T9v_YanBDJE&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D4...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D44hls3jKjrhgX1yT4VcI2rEkRA&google_hm=Tmc5TDd6eTF5NG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D44hls3jKjrhgX1yT4VcI2rEkRA&google_hm=Tmc5TDd6eTF5NGxvQUppY1EycTc=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRZ5AKsZ1_lmfPbJ0L1kY8JT4JT3KQDqJu4hHq8KINkj2poViCp1MkP_V1CoddKTeiIB59D44hls3jKjrhgX1yT4VcI2rEkRA&google_hm=Tmc5TDd6eTF5NGxvQUppY1EycTc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A931 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KeRRpCAaG2XY7_m4WQfu8QiDx1taPhAATrrC5WzxPRLS43835SidxEXqJfbjeDO00or4g7q1I
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 0C96 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f30d8d0faccdf22a943490b2905f228acb1dd835ac794aef00477298e0106483

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame B93D 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVziLe0ADVyP0hndaN1yF5QzUZeHp_uq3-uCMrNrLqD3bnImBn-jymm2_c8LfMwkjUGHE8tsjJliUIAkqB7AvpY44eRdd_peey5IzjYhJJgB57MS4R0yAfheq1xHtVVTABCCMlmh3UL_axGNRHhLQe-6-Z83rgZndTjXq3wx3ked9KkKbALGgIAkemq_aA06YoRhX1zalraue5L3bVs_pv7UnBrEw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D789 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D789 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8Yqwe_TQ45Fv5d-NhkbpDTiPsyz5kCFmuc-NNpNav7VRr3EDUWO-CntcqfB4-V_FwZbbdx0JzzHUjA90IFopZ8cTyXGAo9Yna9Fb_jFSfSFQ6GME
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D789 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8861699252561604629&x=1&ct=77
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D789 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D789 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
l
www.google.com/ads/measurement/ Frame D789 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSuMsRobc77H7RXTOgyw_hQ4VnhJ_zmm4rrNnSJJ544_B9R1wUY65l8zJ8Y0svGEbri0NCFUFho7igNxgtcT3VOwVWew
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D789 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
usync.js
eus.rubiconproject.com/ Frame 5BFF 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 23:38:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37342
Connection
keep-alive
Content-Length
13236
Expires
Fri, 01 Dec 2023 23:39:26 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 12C6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame D465
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNX9P5gx8XBTECflYWCjlEZbcYW5yQsR5AFzF2_GlJ2YWteljhQLMdPYxoOWmzpeS2Ny_VwMuG5UHhTk7MJuEUYru_N_eST6yse-Ord-MIgnBBsg2jmZdXa9U6tMt7c24uHneJaqA4Drnog5wAbCQucKVcdgOAfxYmizxphnJn1PpnMMceg-excYi6yHzEZKHFb-lqCYKqnwPgFejefGAgZ1IjIzEg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=extc6coyWhRU%2Bb0ITYcP65T7lLIx%2Bb2dnEA7qkyOqqcpYNYtEvfx3KtprqzV73sHecgbEwS4oONUdUtHM5qRuPTzffErl8U4Qmyl%2Fxvpvmqa4AiqNcHPJaHXLgqQkNItKphhrizA7VoHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb6ea7c3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D465
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNX9P5gx8XBTECflYWCjlEZbcYW5yQsR5AFzF2_GlJ2YWteljhQLMdPYxoOWmzpeS2Ny_VwMuG5UHhTk7MJuEUYru_N_eST6yse-Ord-MIgnBBsg2jmZdXa9U6tMt7c24uHneJaqA4Drnog5wAbCQucKVcdgOAfxYmizxphnJn1PpnMMceg-excYi6yHzEZKHFb-lqCYKqnwPgFejefGAgZ1IjIzEg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=su8pWfuH7VeekYkg%2Boci1H9HmYgI5czhFlL2eWR7yb3%2Fd9JRyEaNiCXIqmQM67PCgOBMA5hWNJ%2Fd%2Fg%2FDqC1zha1kkvWr%2F1MtelEeFv7ie%2FdiqM2GHEw57FVkjCMvF7ZwXxXOVhEhwn9rPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb72abb3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D465
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNX9P5gx8XBTECflYWCjlEZbcYW5yQsR5AFzF2_GlJ2YWteljhQLMdPYxoOWmzpeS2Ny_VwMuG5UHhTk7MJuEUYru_N_eST6yse-Ord-MIgnBBsg2jmZdXa9U6tMt7c24uHneJaqA4Drnog5wAbCQucKVcdgOAfxYmizxphnJn1PpnMMceg-excYi6yHzEZKHFb-lqCYKqnwPgFejefGAgZ1IjIzEg
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
b585115c-8189-4388-985a-e37b07585434
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D465
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNX9P5gx8XBTECflYWCjlEZbcYW5yQsR5AFzF2_GlJ2YWteljhQLMdPYxoOWmzpeS2Ny_VwMuG5UHhTk7MJuEUYru_N_eST6yse-Ord-MIgnBBsg2jmZdXa9U6tMt7c24uHneJaqA4Drnog5wAbCQucKVcdgOAfxYmizxphnJn1PpnMMceg-excYi6yHzEZKHFb-lqCYKqnwPgFejefGAgZ1IjIzEg
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
71f66f39-8a3d-4394-8a70-7b91a4d5f64a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame B2E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuWd25d3Wtl3H1NsJ1ZcYuoU9LUV_RZkpzVuxDZwBgeAeow5ZwTvkne2MGZpfjXq4eWng-HD9EHDlxNsInkHQ-W-NZQno8zQfu-zmp8rl3m-aPcLEyidvNqDXOIqolfQD7FAHMVdwRCpC-r-8gxZhW-kZVRV5qyLpT5rUlQTp-sGpm9PCRjS4ZXrGBgnodBnxfgQuNOhr6HqfH7gN6VMEP20Pe6aesZiGVOgl0oFSgMPvT8PZI0UbDTc-D4VcAC5U1i1ftgNskLByEdNtM84KsVxk9I9DrsPCAQ5-bH_Bmz0fksmbqWyuqnbwfoRAlniS-FwHq94BMLgUjGUaXwSTpABQEyrg9WVx4_Irxa5DFc8ip6yeyune59nOHWPx9rSGuPJraKbpMDdSdE-Gx-dC1YQV7zIEEG3_BXmE0owKscazggy9ZdFxiS3ZUPqc6evCysPz95yyyQsA9ouYP2Eu9pzCZPOqdm4dt7OSBIwalVLXTjOv-uaZaYTedPm_z_rQrFXK2jImhf8HzmJJR6_iStN8g0XRltGTsX6xNoceVcAUHppiYhLznOlJQ8tbCWzsMkJVLiDzz5c-vv01jZu4p40HRlAFLKyW52uTO8hqZl6LExW4GWV1oV4bMa3ipz3YzVZp8Ckb5b_7oBmZoUJKGHomKCxO2HKduwmhU6bDhC5Aoufr1gYPzEDPIyZ3joJnaHCj-8mFnM6keIJ0uME90rV_ZMl12Nz6A8Tm4P3s5aeWaQt2Kh56dning2VQIthdLwpJwKLx2FD92JrYrSaN2es8TLunjCmsL8nuXSpRv3kzQoW9nzs_Cz0BkiJnnH2zBJksPRs84AVf619IsKbccp4CBeSUPnuMbQ04ZqX6l8PM4DjI9pxQzaj61mdHx-RnBPDmqFN9NUzjkJnV6qTUIAfJqp9fR552mFzgP4EepAtUwogHj96zyUrB7U95WkpDlGOGV5K5Idu79H89h6Dr2WxZXzsxNCKcoznv5hg15xlTe7ZsKlQh7FgHsexkHqBpgXwZ6lai9H0C-cSEa3UEYIP84_C29vvd4tXlyBTFCVEqFf0YpCJxFZ6ASpzo4cKwbEXdcf_Os-CU78SuTxorABNAasalGuNae09Z2cf8BSAxeZssuF-kL0tpUDAvumhX5KPlaX6fm3eH_k71ZrmEZ0d1JgIt_-LmxAF_6-v7VCbA6UVIuxWx06RxgGEoDh0uDY4CfMqBFwOBs3TEYFfEf1HBEIoGVyuTWCBz262papStVMsWnkyYxGPGSKtgWy6BCBP6TLBrgpdflNKvCmmzrhJyR74E6ncNmHqWxH8oCN9zeMaUjn_nF27O3qDJtPWOAyfbCSrI_vBSni1u1sBg&sai=AMfl-YTHQ9oJWbWgovfYjBT6UvHahvNMcLWcjWT6N1UTUH5wRPT71RgN4ZbDnkNSQMUd--4Jbne-BmhTyGZbz8jxfrgdMeCZ52Le1RfxTKzj7otFGSHLNN4yCPGQ9fbLnpMN4PJa2PwFrHMvN2xr0pGCEFR0DyIgHjm3g3eyLldTRdcrTpl4mRTTTYRbY5Y6MFnfqX2aAxa2j8VfmqD4jI59wgMW0G3HZXovC1AhtH0b28cnr7JkHvkixkk0-svUabGVlYTncKRGLef69tkSxh7G3v5oSuu3NsM0QmK0BkvMQo1HJhNxI3DZ3iMiP_ggBLOhkwtuzghgE5sp9FI6_w_j33GcUOZtppS6NYq8Ba7RhLJ26OPsSDMP_UFPTX7hf4qZbGna_aBl74ZxdIrFPiebwaHSkrQ4yBRiuriX4ti5-eqZ&sig=Cg0ArKJSzEFue16I-tZUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=193&vt=11&dtpt=192&dett=2&cstd=0&cisv=r20231129.17813&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame D39E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
955dab2cb207ac603c4cebf89bac482a703363938fb2a9b0771560f3a69f419f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B154 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
adv.office-partner.de/ Frame 636E 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 01 Dec 2023 13:17:04 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 08 Dec 2023 13:17:04 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
view.aspx
pb.media01.eu/ Frame 7843
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=40138400096789704444554012525026&actionid=879111&produktid=ratenkredit&dt_url=
0
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=40138400096789704444554012525026&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 01 Dec 2023 02:17:04 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript
date
Fri, 01 Dec 2023 13:17:04 GMT
host
pv.medialead.de
keep-alive
timeout=20
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=40138400096789704444554012525026&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host
pv.medialead.de
server
nginx/1.17.5
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
53758
x-iplb-request-id
B2A2D18E:D278_91EFC182:01BB_6569DCD0_3B1A4A7:41F0
link.html
track.webgains.com/ Frame 8B97 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=40138400096789704444554012525026&nw=1
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.224.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
1707861d2389186fa9eca6cba37e141ba51c462bc54b7aa56c740613dd670f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
last-modified
Fri, 01 Dec 2023 13:17:04 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 01 Dec 2023 13:18:04 GMT
activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478
8019191.fls.doubleclick.net/ Frame FDC2
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478?
392 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478?
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
a9d5cd7d213bae1c3abc537b94a8b86553d0e9b1ea43bc7239caf6e2fe65b1f6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900026.redintelligence.net/ Frame 2E26 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=046cac1e23&subid=&uid=ceadc0ef7ae15043&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-8VAztxpZYzRPKfk1PIPkKu5wASm5b2gaa2VnKfJD_AuEAEgtJD6ImCV8ouCmAfIAQmpAg6oy9JgR7I-qAMByAObBKoE5wFP0L_-nqhVK05JgzI9gwBiXV1nUXcgEVGcpLEaa9R4EEKTmB5vBkup0bD7g-IVndVGYLDRlqZ-bZrJcAOMsZjOj55dIJ5hLomdK-95bKG_uyjaZCLLEr6Plqv96V2m8dJwSpvwcOxaQtVsVBmtSgq8Aw6-jmnsnHa-UgmC6tOkCnPAcL1Me_KeFmo-ZDuTesP2DHw_ORMlwE_1KGRIMYshr-axo0eUWs3ys40t8vA6n9iA6s-DR-lOnZa4EfP4LYCXWeKWIvRJ3xsgDAw53fOGj_1Mvjy5R_awqqiPghPDWvoaXIOHM6vABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY2LKUrKnuggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMItN6UrKnuggMVJzJVCB2QVQ5IsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNca4cBSr5GPaMLhK2G6gpeAb0foo8lD0etT5Fs3OhSvlsZVGyESQy_RO27lm17e2vuImTd7y_cii4E1-6iGl4RGkQMAfBqfzH8PAYAQ%26sig%3DAOD64_3VNIJxJeTTY7SfisXiPR_Mtpo8wA%26client%3Dca-pub-2829411399762487%26dbm_c%3DAKAmf-CDa3g7X1aFlEE7Uqq-JmJD_t2No5ZNITc9UOkwt9wtgaLF827jt0I0ZrsAKAq-5W1qWcR-uPl3Nx-HLlHU-FJb2uBcJKbDDxLgjc4iMkyDGQ5VWofD0dkPRvDfDciCykfV0E_hY6AUFBr1WDCFtegKUFUxRvP_HSRy_H3Aks0G5-AQd5g%26cry%3D1%26dbm_d%3DAKAmf-AlX8-wognCqISfVshXmdw8GnjFfvgRz28Ulm4SNKdlTKo_xOj9T-E0ONFiqJRRg_mye1IttfFl0T0IOG8quUVM3s-lm870qX8M-tpQVU8BUQucpks38xOeIgVItwrhnoouVdcqXjk7c5-JQzXz0DXOe2K9b64yiMOIcKTQ-y5uLFWq27BbGZCyPFHxzLBuZ72c1KKeqS-HHWXNNRmmXZ2zshPm-6jHcmvPteo4AWFh-CpCzYu3TB32EGmqxI6sTE0MFqUmH-tY4l8cxV1-zLlsEFd68bbJPt2GKwaNz66nL4smEEjgEPF3UziDC6EBgx7uBwLM0EdExP4JWWtKMmVEAg-iDBdQ3puW0RGDKPae7nPvQPgbYcrhyvsMD6Yl-jJBqSHOkx3ccXLtU5_0GB1iy9QwBd4Np-ljG5gHac4T5x6zGHZgp7giTyAeFp4MWNVMuUMlMqPpFvFfUMZ1CFwEi5KGSzN7e_2gb9MalGlT9wZYeYP9I2S2lpjv9TQIJ7FeWDHfM4Z9jpwaEVwFv2e5Mj6LyF92YoNFmWOwpXljfRtAmJ4%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=1024873750577&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
060fbf526e3ec076b173aad94d094b9aea624451db627707feaee92e8957e164

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2028
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Dec 2023 13:17:04 GMT
Expires
Fri, 01 Dec 2023 13:17:04 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 8B97
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B2A2D18E:D278_91EFC182:01BB_6569DCD0_3B1A4C7:41F0
x-iplb-instance
53758
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=40138400096789704444554012525026&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Fri, 01 Dec 2023 13:17:04 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame 8B97 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=40138400096789704444554012525026&pv=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sd
us-u.openx.net/w/1.0/ Frame B93D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOnqLbVBZTUPY0HWTPNvbc&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOnqLbVBZTUPY0HWTPNvbc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVziLe0ADVyP0hndaN1yF5QzUZeHp_uq3-uCMrNrLqD3bnImBn-jymm2_c8LfMwkjUGHE8tsjJliUIAkqB7AvpY44eRdd_peey5IzjYhJJgB57MS4R0yAfheq1xHtVVTABCCMlmh3UL_axGNRHhLQe-6-Z83rgZndTjXq3wx3ked9KkKbALGgIAkemq_aA06YoRhX1zalraue5L3bVs_pv7UnBrEw
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOnqLbVBZTUPY0HWTPNvbc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame B93D 		43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVziLe0ADVyP0hndaN1yF5QzUZeHp_uq3-uCMrNrLqD3bnImBn-jymm2_c8LfMwkjUGHE8tsjJliUIAkqB7AvpY44eRdd_peey5IzjYhJJgB57MS4R0yAfheq1xHtVVTABCCMlmh3UL_axGNRHhLQe-6-Z83rgZndTjXq3wx3ked9KkKbALGgIAkemq_aA06YoRhX1zalraue5L3bVs_pv7UnBrEw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame B93D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEC7D_3RCSZ3V1CrOmEfq6Cs&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEC7D_3RCSZ3V1CrOmEfq6Cs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVziLe0ADVyP0hndaN1yF5QzUZeHp_uq3-uCMrNrLqD3bnImBn-jymm2_c8LfMwkjUGHE8tsjJliUIAkqB7AvpY44eRdd_peey5IzjYhJJgB57MS4R0yAfheq1xHtVVTABCCMlmh3UL_axGNRHhLQe-6-Z83rgZndTjXq3wx3ked9KkKbALGgIAkemq_aA06YoRhX1zalraue5L3bVs_pv7UnBrEw
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 13:17:04 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEC7D_3RCSZ3V1CrOmEfq6Cs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B93D 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVziLe0ADVyP0hndaN1yF5QzUZeHp_uq3-uCMrNrLqD3bnImBn-jymm2_c8LfMwkjUGHE8tsjJliUIAkqB7AvpY44eRdd_peey5IzjYhJJgB57MS4R0yAfheq1xHtVVTABCCMlmh3UL_axGNRHhLQe-6-Z83rgZndTjXq3wx3ked9KkKbALGgIAkemq_aA06YoRhX1zalraue5L3bVs_pv7UnBrEw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 13:17:04 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 462C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 5BFF 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Expires
0
truncated
/ Frame 8B97 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f83688990a4fddb8ed6a45fd3292a82c4d63292933f0a97a910d205acd54d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FCE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiYp7z9xpZe7yAYuk-gbjqr_IDQAAAAA4AeAEAg&bg=!zs2lzYLNAAY3kmNgF5I7ADQBe5WfOF36Iysvg33Byg3YLwmpUZJLPTPuTL1UQOGfGe8i-XBm9EcNE3WhVY2SRQEq6gnTAgAAAY5SAAAAAWgBB5kC_EC-67qp4yz6_94HiQlhYKs_2uMT6XfH3uJFtaZFOdp70Xu3NjxeQrMC45aW3QGHFS9ZVY3bhAT6Y2v94U1NsLjwsmXsiZj69AZe3ORSbeChVSTaVykzHGVtSqNEP6QlNd2-PepdWtawyoT6Xk5E1U1B_kIfzSheH_MKnWL3aEFoGIKJZZO0U4HeEpodIMDnCgtfNUl0oy9hzEYoafSlQfecCWJ6ocheByBujWNvM-IKidHVpnxjJnOs70-50LPh7syiG_41BjL0nRr9X7XsELnpeqzqjtZQKQc1wpGBqeZ7ZpSNVQvByuTajrc6Mt0joMnXNQnTmmR5wVKRznnWB2QdQKRkQE-8BZb9xLPFOieSlYAUDSfc4E6hS9HwRNln_pqHvpq-FQyw9ZB3f9xeRnYj7LH0UovWVA4ifXKYzpuKR5gZwqRU8cSwxwdnK5dJW5YVbUOsNUnECr1ceTdGyuigv_Ky4qIpvJp68dzZQV5lh2yl7P1aM781jNHEmzuJTuHKyjQVmj7cuEY8F0Csm-g4o4Zfq4jbNTzmD8LwYLTJ-yDQt4ISFuJlAj_oyOxvs5Ga9GrckBSuUyEIqWzmqthb_kE-W1oG16mXc5KK4BxPYySqUyjsoypiCi20TAT_8lbWgz1okH3QFj2FV1DsFWnfaksebw1HdglzNB6xYKv4by_SVRbsrwZ82HqYobslj1LVeBNRW7f5E-nIBVZ3pA6eKVGF0cJDvHuCBl74FO1XFEXZdLwI960LaSr7Zkabfd1MEL6EuVK_VGTQz3KJVvT0lf5LHniMbRbbeCMTVlEVBHOjd5lvGnYUdjdJAyHfdlst87zbJ9SRcSSdTYrSRBoFZlupb6pNX-tg2hbLxDojmhP2VrPMMWWEZDXtN5XNuN4QzyGPfILXlhRe4TaH_Xzi9T3Tusjed4hbeCCk6Q5tvqejJME65Zu8-nCInq5QCd09cTbJFRs13E-Rku7H-1XZaoP1KgedFDjhMltrjBzXJscXKG8kHWmUigvb
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B4ED
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEITEcPgt-cd4nN9jSbaNu1A&google_cver=1&google_push=AXcoOmQqvrO5lVGJO1uusvcGk7tNSjs5ncZflbp5y1aJMEI9ZYpMY0DcmM03su6oGXkd1pA3zb2oqQITrH8lAyfqeq_Zj-ytSR4
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAyNjIyMDQ3MjMxMjQ2MzEyOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B4ED 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE3CnzHAnheh5IJpiR5rwDc&google_cver=1&google_push=AXcoOmQRkGmVpskUoTZiYK02OWclOobIiAWRB67-0PjxTwfz0jedEevpUFsTw-0RAQA097gPh3fQCVaWJLhd2n0o2fO-1fJFguH_
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame B4ED
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOODKMw-bzLwZg-skwAHiFY&c_param1=AXcoOmTuqJUIEYCu-EyPlt74G29BL6SfpvfbbGO0EWo5YiN2lIfxT7uyTiY2qa6GYqV5gRALzeekL-xghixUctaa8s5a2ReQxUwq&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuqJUIEYCu-EyPlt74G29BL6SfpvfbbGO0EWo5YiN2lIfxT7uyTiY2qa6GYqV5gRALzeekL-xghixUctaa8s5a2ReQxUwq
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuqJUIEYCu-EyPlt74G29BL6SfpvfbbGO0EWo5YiN2lIfxT7uyTiY2qa6GYqV5gRALzeekL-xghixUctaa8s5a2ReQxUwq
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuqJUIEYCu-EyPlt74G29BL6SfpvfbbGO0EWo5YiN2lIfxT7uyTiY2qa6GYqV5gRALzeekL-xghixUctaa8s5a2ReQxUwq
date
Fri, 01 Dec 2023 13:17:04 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame B4ED
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBxQEtvm9T8Pso10nm0WMuM&google_cver=1&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O-Q...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBxQEtvm9T8Pso10nm0WMuM&google_cver=1&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha43...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwNjY5MDY2NDEwMTcxNjkzMA&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwNjY5MDY2NDEwMTcxNjkzMA&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O-Q7-dZg-McC-HF9Jnoci-N
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEwNjY5MDY2NDEwMTcxNjkzMA&google_push=AXcoOmTspBAQMnlObgsEnN6IxsGr1TDB5m6UrPp6pdkasy4yzDkVqph_LVLe1awkp8LkR7Fha4380O-Q7-dZg-McC-HF9Jnoci-N
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B4ED
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGJCKvliqzkZDjFclGAIVpM&google_cver=1&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-Y...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGJCKvliqzkZDjFclGAIVpM&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-YzDb7xzFugDCXZU&google_hm=TXBrbGtTQ0lUQjhJVXNRN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-YzDb7xzFugDCXZU&google_hm=TXBrbGtTQ0lUQjhJVXNRNzZmdHI=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSk8bV9OR18ksLAfKUOjwwZ5kBt03jqaHNHwVHoXy8U7DlAzY_QZwWms5ulM3TMe8DOUAFac0e_6cz-YzDb7xzFugDCXZU&google_hm=TXBrbGtTQ0lUQjhJVXNRNzZmdHI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B4ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPxxfz6_Lt3lBlQrgLASYqw&google_cver=1&google_push=AXcoOmQ5uoFjX296Ye3GPYipQ5iUmpIJadYBq_UcyfrasfqlqpvBH2FDwLH_Nwm2Lc-Bui9mUGv...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNTkZPN1YtMUotQ1Q1MQ==&google_push=AXcoOmQ5uoFjX296Ye3GPYipQ5iUmpIJadYBq_UcyfrasfqlqpvBH2FDwLH_Nwm2Lc-Bui9mUGvBcRiiUBG3KBo7Q1ehDUUDPEZG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNTkZPN1YtMUotQ1Q1MQ==&google_push=AXcoOmQ5uoFjX296Ye3GPYipQ5iUmpIJadYBq_UcyfrasfqlqpvBH2FDwLH_Nwm2Lc-Bui9mUGvBcRiiUBG3KBo7Q1ehDUUDPEZG
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNTkZPN1YtMUotQ1Q1MQ==&google_push=AXcoOmQ5uoFjX296Ye3GPYipQ5iUmpIJadYBq_UcyfrasfqlqpvBH2FDwLH_Nwm2Lc-Bui9mUGvBcRiiUBG3KBo7Q1ehDUUDPEZG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame B4ED 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOvdaKqyOiwclkIo5xCUESI&google_cver=1&google_push=AXcoOmTn8hvKHGlrpbByiJ1PS7G8emPZTMG0akgPF8pcZuRytsv5QuWmY2tTWXv5oav7bnqsTT2HPOXor8fcBJlGqyWg6Y6Rf6W5
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame B4ED 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItUUP3DMqayYjo3Uf89tD7kK0PKCuwDiUyRJba8j_NJP_5K3aut1FEMhzx6kMG-XWRONhg
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame E158 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Be9uLz9xpZa23A9KL1PIP39Wy4AoAAAAAOAHgBAI&bg=!-_il-LfNAAY3kmNgF5I7ADQBe5WfOPMjVmM51glt2UZVoAyC4jXE9pKi80eBilknEEd7qNqrFruys_NiuUAEmqdwE4uAAgAAAbNSAAAAAWgBB5kC_u7craLyyVA_h3sTJNuc1TBooc7jsoWTi-pkG5I6_5Vm9LEcb2f42soQFEfWt1cklHYgFxTlaOnPDG4V2QaVWotO__1L2ZGh9G57ZxlB2ryRuoo8_lKgtgc3c9iW2Iw9mQDNwBL0y_AhlYzkVpwVs6-VO_vMOhVjzVi9PDCK70M1ilCUSSKRhX3AK3f8TmGdde8d3KurZQUNj_kUa032UCyFsuVjNQZBInauNoNia17u3X8OnSwFdZv8KRlFOQPWU8_Z5cr0Muek8lzSZ6ynagz8rYo69lJa00cMlxo7QBbWO0A-mtcNCJYwf4tVpSv40S9aH476uQItS5A-foYuGecDUxls9bUONk4Hznsd7_EBcwJLNxK1UYmQsgIJdQJXXDX2GXAtQb6_BLFV-WS1Mw975-aEsAN6BGbfHe1vWIfS_j8PwFfmK9FtG0tG7mPfB9VbewE1BgywohvN_PaqjBBtladpx69Y2OIK6H4sknXbnZ_Cx2PTakZl0TrZ1ZgZ-LH42ocupOM--an_Fx4KVuKeNLcD0gQk1eFA6xxLhISHNPPArv-ByNEhLNQNsxUqfWqqcPDn3oZFdtzaGvwnTdwaYa-IRbl5ghRNMKlCTlMOGjix9PriMNayKFCnhNCWE8k8qCWvB5EthepjJ9VKGHiui41C3VZqaYBZJc7L4DfAiK5HgeBv-jbwlgjqbH1YZNZyHdw9abHxTaK5ajAtcYndHcfHEqtSlRQkP3cdkN-l4x-H_etcdYs6s3oLfpcEWU6E6BHfNSDycDxOfUNGtIKhPaBzq1nh71bfAG_B_vEDbHcENvoGjY6dShjRMVwDWyMVG3o4zM2kHnWRWk74dWoevvGtw4H5qDVYGsce_xEOLPRTafAEqB8Xt8HnJpDMHNLNTZaj8KNJ7KPpzsz-O6T5CGlV9Ytfqbk9t0qHQwAuSQRDPKkZmK_RB_Ah6afZITKCliKwJENT5LE_eArc-M6SJVL5kBAaUHGkt6RCvZtuP9Gu8iHBU-KFB1LkvWA
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2E26 		5 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 13:05:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 13:17:04 GMT
/
hal9000.redintelligence.net/scale/ Frame 2E26 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
89dc1521fc57f1e58bc6f8adb107d42617b91d40b0131766a19323e1828aed80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16512
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2E26 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4235f2b2616305f8205d70ce1df72c296941f70c0cbf950eced8ca39aad19ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16985
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2E26 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2dc56c92d4d62dcffbd2f5917ea91761f4621eefff0b592d3a5e7eae85462492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10942
Vary
Accept-Encoding
Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2D30 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNWfMcB4REig_3f-58lNIIBC20jj1vIrIXMM9bH-Rd_FywQcpoF0vHHmKq_pG1pue0AvyzhSZnEENBwLkfayDrDuGkK7IJc49xa2XHA7p4N-wHa61txWD_ja6O2aNmBqwF8z-z3IW4SVDfxau98IdEdHmVz5-fZIQWGZ5Ev21oXLxmQ5Hc3FtF6PDUt_xal2zHMZgsaO6gvbYxeXUBlNrC1Jy5_IgA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7604246044395771258
s0.2mdn.net/simgad/ Frame B154 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7604246044395771258
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
892e54b1b4120c7da83c702e2ed1663ae5f118c3062124edb155d4c3bda6e7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:13:25 GMT
x-content-type-options
nosniff
age
518619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80599
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 13:13:25 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame B154 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame B154 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame B154 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuUDIOiqh-weIysnwTVAsL_jzzNmu_GMdxXyo7C-ooT1UmRJQx5CDdnPx26kV3tEqFti59T6N-wdUO9Wi-Dl8wS_uYoMbQ1iWuJCo1r0qi3jcXzWfBVupbxvjHsa8TnkFx2VGCD4yfJSDn8T7ZTXhqjc_PXvBWG2b_YGgXVu3CPPIRtRrZqh8dSTw92WRKMerTtOLrzjfw-CImga_BYoW1XqMOSlSRPcy0Tqou4q1JTzKHX_RxzlkoB4PCcEVBk5LgCplRLx4-BhhtW5qV83bqHFPgrkxO4vW9PKk4cSFhGUynis62f6tFnqu3vxQG-RU3g-c7iCM5bEqQN1Ao5h_sLO_0KnFcUZoTOW-eJmds-qvKi4m8f4V9SKmAM6iiQmSDrDztV38qynNKroKdbTRuPZcKYz5ltimLp9gb5fRRIznKORPHKFmQLwKFB6I-goSWVWfcvPsVw8Y9t1yCoiI8nN2sOtcPb5LLxzo8i_MBdSoj4WnBEPPqRuZCz1WBMsDl3feDRg6kaKUiqsIaszNNUfLej0Q1iEyddhrq2WMogJLjVHl0guE-xk0d0Je7NH7MMyOHSZe7-E_psmnFYlZuft6DovtZmHv8R9VTyk5EdGR1swcmboDfEanWBK5XpFAuD-U8l96l5lmYab6LMZ2PMLYJmbaKbmuSiTW4xcGeWnftw0UwfZq4J-cUigW74cUNkspIm7B4s1Ncz-hyNbsOrVUFFbs0DXB37SlP70hHdLCvpnAOTUhPCUgGroCevrMFOIHuFwgLv5_3w99ns5shZrPUcdv9fkziLLIggQ3--4Kj_5z5yQFnOKN6vgGuQL992v1qvh7pLgC45TCbNCUp8cF7qE0RaWNGvnvoVvKKfkYsdUUuXD11M06ZPtXmgAelCo79UIdliVIoL6IaCjOsqFM5-zS4GTgrHmu5WQ2dL-BD2X8kFaeFXsuYX3762uuid2Sxn2mDgJN2rZbPF3vEtkmvYdXnyKP-mF7W10V8F2etaymwR2aaDrMBEsGClyUEb3hUPtygL4X2iK0yORr8pnefpqza8_T_htzQnMdrwL693WccRyPfm8HrA6V2UADfv5DKGzQWf0D5n2n4udMZev05jnkBzWOspCcQyHTnoQ57Y9vJT4LY3jCxbQWeoTUCg9XlEW5HAHgJlqgkw4hz1BKyBjDkrak3q8pnCjdAorMDxboLltg8KbxPks48eSeWLrsZpmfHZSOHwl0URiwdZOf0O3U5qFep42Fhq34dfwCFWRh451_8Bu-Zg7lqNKTVICYAbOMj1dflnVvxGN6LBnl5vJ8pTmxFyRxRYA6Zb5QUrbfx5EZ_hjR6-z866fT2uDfkr59maOp6hoGSB5K30SinOUqgqc_rkyg&sai=AMfl-YTbcZrneCa08Px1wbIIZWBEs2iqlQx2IdUiW3PWqKCQ_u8Jj1umGjLvO29fqrRYExpbm4pRyROOev1gWtzncuwlRA3nAzeecHQKH5wD4--1BHhlfNKBjQSh9JLx3ErKLErvp59hvC8JCyQE6e07km5w8dWLBplEZoqqQoCTWdrCWgSeMZZyCNiOTFI8v8Itt8aCFIp7TS37gT9UV46OAL4hzm9MdenCIOFWvw9sBK6ED0X8agCMvB7ytb7hdoXYPU4ANWDfRtIhUiHmmowRAoJcUgSTWoxG5pTErzn-h7qvS7cQLTxR7TZCDLkG7r9dWmpX7peL3Mof8XxmR-a2zq25WQRsUDWEiUEsmNKLAc2RwzXBbGWYRYFP_c7bM1yOz7xNb3yyhNtRTagaQl3kz9sDnUBOJ26ABXIT3vzUzyRx&sig=Cg0ArKJSzHqiSbz_dDEjEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.18527&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B154 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B154 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8746 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B154 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B154 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlS2K3-vJy3pmXso002POszW2Z75XrHfBfUIU6WzwZnBAPM5zRmvjKimUGy6nb-dgiXzA92HIRr6ztVc_uvsKBpogyixi40NNUm2WMbjyx1tWoy6c
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame B154 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgTYQHwGYEpwV_QoEYg0bYJaiUz7pxNDpavTm8lKS4CkenJHpe27F2H_fWxabAk8zIunCIEMB3NRNLCjCDy9dV07g3vw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B154 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F03F 		350 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27860
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7J%2Fbd%2FDmBLfBdZ2%2B6iqHzgtI7FoRi%2FAq2%2FOrEvigHsI5lpoTKzRo5luPt9tDjWq4LCG3IO1EMh%2F%2B5u0spEM8sTxTFv5KPkJOd9LBVwz45vBi7G2YKC91wjfqLNrF4Rp3XVKeM%2BXbyTgCMs3JDgCf8KI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bb7f8e14dbe-FRA
expires
Sat, 30 Nov 2024 05:32:44 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 18F4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
gtm.js
www.googletagmanager.com/ Frame 636E 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58d26476aec0ccace1aa0e1495e51e86f3941480c791c1b8f812643400fb5797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64126
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 13:17:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D789 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8576981210480&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D789 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8576981210480&version=m202309260101&ct=77&x=1&cor=8861699252561605000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D789 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZ85YsBxYYXsOkRWK5MEKduxl28vulw95QbLogKiUH11wueUioJ7K47gHKQa1po3VPQGkncbSWYHYlk4OdeNcPjf75dLQ0bXlgJnuCBTDNnkFFVPFPl4XtPMJDT8_8J9MhsXGms-_QypfIvDNdCMin_OxlY_dJY-nba-fRvG6EwYg5q5U&cry=1&dbm_d=AKAmf-COS87vhceylV7_XSH9u79Gwo_CMosHNClv1i9pULfYNjKS3qlzn4_axU2ZxXIH1ToKzvR0N0TZMOrmmqC0t09iKSBdQg3p3EGPLdZ0Ug-VZRBqrWLHvtNgUH2KMcCWSdyHXj8rmQ2AWSQsAVyR2uzf4iGs5NRr9eCXzjc-ol4AMD2KAfEwzSr1FbPHrTaTDiBMmFZHbpxhuV9RDolVBh1p5RrHZMUuXDgvImw-5bpKOFBE9iGOuHkqpH69GO8DW8qQPhZU_qJqEcwYl5hhSzKZauby1zcUlZk3iWOgmqFelMcV0OyUq8nBvddBK4EidqvaYnmcoDk2aJ1hmysq-9lzno23FwpnEAx8_4tARZ6-A8LaowNgn2fscCT65SUnwchuAWqdcHMHOhBPXi3l1yVy4OcFXjLCS0fa7hduBVS6hzKDAIdaxiuUA7jSsct8tdMTxKWNUzGNYyJYihLZG08uaEADYkW1qV9GOiJI5a1_kyYVoLoKw8BNvpMHIqMVM_-nn31v7urnGrvC_sobBPOnx6YiSjf__GiTAKosbm3U0N6d1Wv7ZppSszJ6iLheWEpXTh1PmgPdJOdXaNiABOcAOWq_7sCLdfn-0VdfsnpHuz_mvRV09pXghH13hsVjQWe6CdE4-Z2xFdVxQ6tBNGEor02vp9hMyLgKEesrta_gdkI4EV8hLkeDWTwW3KhnvVHnjGvm2yD2sgkX7nb1Sq9Kvh4cBsFavk6FvZGxmffHhH_rUkONGC5LTOabCOC4wbQgxk0Q6cOVNWpq_QIzrRs8lQ67YfwoaAJSKBRFJCIsQiQvy2xLl8F-w13uMAhAx1OHtXPNg5HcJppc2P6f9J5PftSh4ZtOfqRFZo5TM4aBvBWY0RWiYJaJYptCdTgzvrzN9OraodG6bD64MPdLuhJZBllQ4eZWf3Su19Ha-uBblEB7sot0NeRtkXe6-5LgG3U15fLQar6NHe7q0xoB4YMT5BzWK9rJ_Xhl9R-sBNX1Dd2ESv2H0CMEKfPey_crdPb4tnDjOVnOh1sUTqr3rBrrOZxkKRWCXcbkUmciTI_vVSPZ80B2VoU4mac6meTuCOg0OQpcfzJFCvH11nkP8pkweWCDEiGLdmTwO1u42XuKZvju3IUKzIinU_yak48DRDQ8HO1rvCbtGP8BtZ9ZSe20Tj1qrlaeqS-lmR_5yLSSiQBjG8jDcNJCy-8WgfZtkM68ZjbaZ5AjWwkI6cUElz35aa3Ck8oUnL-DROG1oVMidGXJiLwQaQEszYpBJ6mELpEz2Z4WxmQcB665sRXEgrzzs3KrDCNAv2vqk7_C95GuN60nc7uws_MpyUZdeErptmlOMZmVuQdwySbqeh7prFhZl4pb31n504w9kc4GJdf2tfmHsKWZK1VDG9Xgo6ZDJIlzi5e4KEAwsl-WSpYjvB_cBH9C7HmIi3lONsqC4XVgcMyaWhC-uB13XyWF8g14KIHK5qOukToLVbeE86uw4trK-RXaDeoPugEKAsZT_xEj6GvIjq_8oFvz9I-LOERt7B7NNlbtSO1KcxO--sPvJUaYnYv5ipq4YAp8SSvbQVswP_M-zkIKxYVVd-I7NMt3VZ8S4Sfj4nn82ZFCu5RUxcRSHoDoMUycg92r65xu7ljG5WZzi12RkDWwFq9kfQ5oPEnmA93GcBaVXYJ3-o1-vT0-qBPzYHorbfPDunpYM6xXGQbrSg-XbgVVvFLC09Fki_Kl7vITwmOvEc3y7lGQGTwo2VX2SKwZPfLtl7Q1lOBl0oydTHImc3wl4xMiKZGuen5vuhJi4ADpQWCnhKIb6pRBfR1dGNwJub-PBcTZy68A4xOuVY0eF0sQ0h5jZNCuognWO-Hl-0hCfZM9s-Qe43sS-fkwD4v_0gj8yBiIEtq0oYcYg3vnLCH-5_8IHVvFYcSUfZPghrSg-weODTcyzOncj-wmku5CAe9TEt2q3mQKhwKjM8Ys9Ds5F9d_Ldw94iXOdSfwh7p0_0BHTJjcfwphqyGfNfVXN52SwVBMgitYTkuam0KDOshWH50NSvjq0ukrqWibhsRthUFT8U_y-VLW7GZrMQ8nXwfOxNoBq2gZm2WuanUpb0GTcCTjkVNIsfVvtpyOmJoZhbnGAPoB6JAY-fpmHRTE1NGodpLHBy5ibNa81khuqGQDAxtcFsIvQXXb0UUCdRkyVfIFN-aqDeYsU3-eWvi2btPVYVqH9oAFmFW0B27E9g3WVMn8J16n3KMIEyzZlrcrqXnbAQvn9WUgDU5wndpGQAnMpDbpedqTN-RnLZxHQhjESZ4BloDPGVgL0Kel8CCEtmVwnxMNNsATZ-0uW14aXaaptZ28_SsTU0JbIsNmHqCGf1-mQvsja0rvIG1-RTiUa0bg0UKrhTPu0FPf0V6E8lNHDDti_qL43CEROK-yybEoMkC1doGbZ62pmLyKvQlPJ--XY2LzVJKitJ8fTM9UzFD41vCe1B0zrAlS-xThk91PW-8UOYq3OuxxOoQUqYjrKLD7OsampzxJNHXsO4uHEsqN-Kffm56UB0c7Rmu69X6WJvDM6_Ng-rPvIoTiPtWxs51rAt3nZ3ZL83pKOTzKMFACbIybMroDXfF5GQGJW7jTww7woqP0qhwcPRj2Qs8fKZsK-w0cMYpaL2--YEgYAN1dgKAVhulOKq1SwqENBbV60P3UquT2RycRRq3y9Oa-LlUxZ17y-1_FWPxQbH4ZiKZYo6uIZDof2e1rDiaAs_plYK77tjvmwOgI_2BWDjjYtaydT3YCI3Z8KYZdlDzIVz60KCm2z0BNAvWBM6QJSEM5QbWcXV40fjvTdrisQMWLCa7qwX-_mE2b4vFumxcMJShC9CXDtdxWyMWc_VVr1PzF6Jfr8HSqsjj89YKCv0OyzNww05v9VCgZw5n-q2aJUSNyiGaT58Fo-S-yT8AXhOKYlHwRDZ8BR0I5b1OUoUKpFSbUbhDGOHbj0Y5-npzMOh6tZ1cxF5Z8HfbZPDBjAKn4gKWv-an-WYpADtbQB5FUAi09Z0BlSCHp1HgWGoqH1mpZzU9EliCVEaCrV5CZx-gvsv9JUF4dref7nJf5m0OTKOKrYKzpMAs7aT9nIy9OC5Ifms2fPXf91sz-ZY0bOiviFehm5UCQVHEeo_K1x5R7wZE91Q88mDwxbiNrCDQVxEfkGNKf-YAuXrHcMJruG-NVt-LKRDE_MAfw0aFbg3u97qZl1s-qhSw33PWgdIobJ4pE5B--s1ztrWsrqBZRDNC5sdqrGdQJzIaYnN8b7ftmEeI1Zdo26pDCTvl01LCM_yLTQee-gsU5CZwHZ-AR_WK6DAQcmROpWL62qtLOzTay8TW7FX-7yYuDbAUSGM0HQVBbfMO7d5dK8PeO6J_IrRRtLk0RVwemrBlnuwbPAQX62XAmyg2PdH9wd9bJt-YYpYYz6exuVcQ3WAtIXdntbb5WWjPLOg9rJh_9PSd0XWmvNb4HdjhQ2LFcyLqV3mapLJ6aY8JeE1HilygraPpV-TEdl3aLfERSVhsOlpIfyPLtPmp8CFhvk1WS33wBpzzwraxota0OyMTjz1QOmIUgoURzoFQk_BI_2Ad22nV18FVEHpDi-hNKCjXFlAoB3RWCA3uzHZ2-clxdfqpPIyPUD9d8vDb6Iv_PecFp7piVj-g6AZY4ojP5gnlLu5wwT_Yg9rdt5Ye6BalbtPvp4srZmvk-tzGw_XCF1Rf89B8tj9_gx5ciEyR_hphnb1gmtYifAxdXZTi5DosgMzEHOR7LEoaVEupKtb_Q-btdkN1BVerrteFsvHkmA3-AKse6Z_oImKk2p6eiNvHK3fPnVlKBvHwA7YfCNAsaE4p2Gzo1&cid=CAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fvaughn.live%2F&ds=l&xdt=1&iif=1&cor=8861699252561605000&adk=3690638929&idt=112&cac=0&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
465ab3353105cbbe7e7be43fd8b711dc7e140560d1b9752d03b5c2a8bf3f36f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13778
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4276 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYmtbm7QEwAQ&v=APEucNX6dBCVtLL3JOVNFJzk_5gx9lH60nyuJyB05NztV84FzTdPHjf5Jlx4KCzb9-sQurcG_6nUiJQOBhz1tKtIInALT75-nBmcdGMN7vGeNOVJIDEStidg-v23EflJlrgB91hxy-Ig4Cj3ri3qqCBcuBDupKO-X6UKW5cj8BwnzC_MtzPWQbrdiEFyNheTGPUvaoKPyUzGcubHZuDazql5fvCKs0ckJQ
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 22C7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 22C7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame 22C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssMj_tMp88ngTyM7Vc2vD_yVvC3X31c9BqHhTnH7jsWzSb-JF0D8v81ypmm_4KWh_iqOZY27FpQxzJXSOdx0gRiG2VfZY9Yw-Q3BfUVVvjg3cbJJxU2Y6bGawfbLT9_wHbTF7-iOUywxOXfOn3Yduotkse8v9sPGfVruJb4paefvp9OMGgc665EnOP1h5ibvxY2BpgjCzXYxMQsdW3FHRrdnpi5IAAXRmW17GJCIp00614uoXZuaCdD6Ui5Nx3JV4_ln1ic1Nw0c6iQ708N2LRn7_ykZABsEq-ebnPV7vNJ_S2yeCUlHP25GpJWzAT6xguRvbKm4-sBfydkbMzFd5p400MXXd6VUwWL6Q4yy-L7Ojwj-w4hdXXIQLzqzLRJ6AWOs4gcAO7rWxhVDtGv1r4LC67Yi-C1xuo_hdo3KRnxfKf61aETyxINoHE1KMfbzGKDGK3sPoncMd3MhXQAq6Gx3aHLoQMrVyaSBHUkvpz-MSPbjfLOTa4Nz7lm-JF8U7yLvzrwyeuZS4myRrxKwwbzRwfEJ6keafk_4JtnKMrWOY49fW-gJKRCXTJqsIBZH4_FGNpX3fWLQIztLiExhMhZcsmOrmeCW81bq-X7VlvyAVuYyuiPN3PvPMCpFSQtsQ-r3dAQaH06G43EfCnBUkIAhpewxi-2ySWe56f9Rrc40lAuw1YVWSiKwaxiBozkAHqBBSoUxMyka6nHYbO_NAi_TZJkDRyvM4jnWTb8OYS5RMViOxEEproDiGuF5FPN2ZhAeI9BlskjF79crlKaes79d2IUJ6JQ32klxTp-5a5zNIaB9_GX66VRsjobjTVrg3KKrPkj0Pq1MPYArEv2lr2yGqQcykrPI40NTlaLBYXsp0EABMdQkMZ68zyoljwG_47Hl6qTeI_kpcRJFctgaGdPF8OzYmCZ4CoGP89sIyprrQHJaB2XGvTe0xrggbu-aMdlb8ma54TrCc_OrpYKhCuXmN4SEVno1OUhn12qRgZVxBJACORvl8cTUuIMzdytoZoESFOoz2Ei5h4rjkJUlvb1w_ZfDbPbRq6BjhO9Goucc5Fy7UdzL-7_9AxBVJA7b-zV8QjhoDiIlWPdBqMJ1DuQfX0PYVoosrgNT0VE8QvRc0MvoIT9MQQbIuySPbHIptaC9Wyl8snGr-pmgZfIo5ev8FFgqAGuZ02pJrek2kZMIeUWl_ibYbnCBxO_EZq2AuxjVK9N4BbujGm41kGsl1SIFZ7ETcW51soXCGkFC-UMQMUvvssnm21G-4veuimwLQEn4V5_qGwrhqYlIel9_GfsvY-TNHewjWMI5xmzQpPg2aFNzr0WLq644jTPoEp-LVRZv2RQ4EHNwJCBzW06DLGr_BL2MkSmMQ&sai=AMfl-YQWz9tkA1vSlPFPNSu8SUU9udeitiLYJDLuzY8otHPBXxL6U1zqJBLa9Rt-s9T3E0Iz_1e8auOuZAa5DYN7GYKAbi4P-R9FpiVTpBukzughSSj-C-bC0uzoMi6k7rlMESNjEly_mGklKYdicNtoM7rougnH5r-ye60LcXtEeMnSPt1Rgr3tdy_hEBkKaFXhlMAus_IHhHpLMD8q1S8NdSFWJoiQ_kAuNd14KYPUOXzO3CO7je0LhO66Cicsv5dvUQ1bdf7Eu0yHjk_O3HmybO2Z_udsmQBe7HKmWFGBHDwF0oMnF-4gyYSYqvc1ZiQY1i5x_locA4kzCxOxZRdTjbyFOYoTV-4vcsRtMpSX9wDQtdrNDFMadqLktEzJTBECT3iVG61z8ceVK0-J52s5Pc-nWKHKuVGUKl2lNZD101S7&sig=Cg0ArKJSzKNDJwAA2zL1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.96146&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 22C7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 22C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 31D2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 22C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22C7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ao7k5LrsHYB8sUaC6N8JmQaLIsrCF6WRhfA-ah18rR2SgFZNRQGZSlxj5QpAGHmTprNYvN1QizlZDiz-ZolzQb6IZcH6P5_v3hDXbNrFrL7s9-dSI
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 22C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAwFByimcp-tNctgoGjvb7CNQ7TkBppJErvrsVEabJ8-eDrkEom6JYoVAlsGwfLEEeRW4bSlsJ1J4EL0_0R0PY2n3aKg
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 22C7 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
16097077459171717139
s0.2mdn.net/simgad/ Frame 22C7 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16097077459171717139
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0900c662ad33498c556430f40a6fc6f8caa777aaf4b4595d50b43628a32e7a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 22:35:35 GMT
x-content-type-options
nosniff
age
571289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65690
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 22:35:35 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 12C6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A490 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV85PAf7FRa5SWUgdtpvTtoyFx9EE3ehsWJf4HXxza2an3mmKXsDKMbX82zGJBU4yZRS0d3cbPiq1wV4qaLlouCJZWPPkjeDCQDoM02VTOMrQcD8A0IjUBj4yXN6OPlQPhK-hEM1Ni4jhGTrGfjC--lfKE4XmawNmIR4HO4KZBfUq71OihHJcpFfqDZlmxSLMZ0tIPuosmbSgrdTqoPL_x-kLO39g
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7604246044395771258
s0.2mdn.net/simgad/ Frame 462C 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7604246044395771258
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
892e54b1b4120c7da83c702e2ed1663ae5f118c3062124edb155d4c3bda6e7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:13:25 GMT
x-content-type-options
nosniff
age
518619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80599
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 13:13:25 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 462C 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 462C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
52450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:42:54 GMT
view
ad.doubleclick.net/pcs/ Frame 462C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstAqtdIOpDDF1YGNQXakY30OuUYbxCmp4qvbp674ZBCzncu1x-tPZ739wNGKBoLDDL0XWyADzWKRto8DmcTr_uWjNh8tPCE5L-BeAT7uF0LM9u9LDcZVX4PaiIdsIe3m7ajrWnAwruLDIYFZwtXTfoZqninKBtSabrkE4s6Ddn9mGzg2F-2ZHrL6vIY9zELbD3a4dPHxh3JYOub96bFBldv0-6kkUQWnQUVTOrRHsSJueRrGkJjeGzTxaNtRKHtNM_kvv8GKMD26t1FIxOqjVdEh52YyOAp4Rv-DF-dbg24Nti0w3fAakux94d9xYbzRuG216mKZVI4oj_8gQ4Yvhb8YUrukcgtBVpVx3v0Ek82LCGbDqd_QNIOq9eq0B7tvr1Z9ZkyNNKOsqSpuTcmehQgM_V1DIg7X0AG-VroS1cl6wb9DWEq2FPaUmnYUJA7gfE_AX3-SV0saggJgnRNaudpyUs5oB9kdojMrNPDXVBkgcrg9SRwXPSCxHOXmwBTsLBu3YAooHHv8KfoMnfzUkQyIP0zpkVISxTJBTtrZn7JehurZ7zgXz54piKH8B9ner5zX3ASN2k5fBhrtXmnziaJghlKdtQI9FQSIx9bfX2G1vBVuSUGv4MwOymhDakAFvg-VMRqZ1r7p37KmD8KA9zxJRObQ6PL8ONV8H6TaDG70HapzM6Q1ACPU45Eh4OycbP66TvzT3oeLfne3leRU5pN7-9YvURgtOExWV-AgIUR5KHAe47kwViXdxaYhwysQ26msXAsT4sol4x1rTy43pMw6uZehFYgxGVvUGsBOg72u1sbqoFuKT17mlIzRGWfXe7ie13-BoNJF08fv6KjRD_QBlSfAxxRNY9WQzJLzttMz5HnfrN-S7ZKxBWYPzVZqI8cLIKuOjfvO0-M-EA8VWZs8xJov8OqGFyd_fE6O_JysJjJ6TGp-pSohEqKxhE3YFLyV7sySQVF2A_LEknBYsBHuo5z54MxArDM034D96d4mGAQ5ZVas7lf0PMHF20NOl3cK8NRffxLii-cTtEWNwkNmDIqCbPkKpMf42kUlGXuXuBnMkUIbqSTWLB82U5_aLGC6Abs6sm2EucYLNQRroa3Ywlw1TAHBS_kHmV3bwAhFQPOdVXwjpcFe6RUgQlWvbhr5wMhg8CwBn9k7YhxP3MrbdMD8MO7k_WIbLbm4r-RbbX0FkYR7zkpGFCQBtwjKuTP8V8BRqZ0Ml7HTcRVZRt76RPX05La9tLDIMrjuZyR1gRXVcV5wXhoGBRjQXKt6cSJ5QVERs53yEH_lbwwRQtFPRr7RUQ7zB3Iofn2rvwoXb8TjcY4bBZpMS4J&sai=AMfl-YR8PweIcfpG76aNhznJbDKi4msqYaYiL43GTZ_URHB2oOed04Pu8VwWDR-a1Mxk4FXjfM88XTwF3sb-sLIEyZVA7hhl7w70rStAwVBLVPArkSZsk7e9pHNKHAevKWYuafClKA9gpL8RuiHi-LgiD2dMFF93S8-t7DkZinUjqMhbxhkAOwPYJ2zssKdaov87LXtk_eZPj0RcnboNlFAkgYg6O5R5bf1xyZNGKBNLjSv6IWaZzewQ7_qiU4lSEIPKTYXcEapNC5DuHfUaJdPI5JichdYk8FUfL9Jqt3UzGz528yNN-QccYIIC_2JgKQdmWaT7lGeiDy7b9DAvlN8YOy79sOZS0SuqEUN4-G9c1Q4Zm2GapgeO9A9fbexGo91m36BZziWFLNmY5YwwlBoldu2PvlLQMC5a5Agr80gMki5n&sig=Cg0ArKJSzDreAx_nv5fKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.95315&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 462C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 462C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9312 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 462C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 462C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CN0nRvYWZmpn6qvMCu3NFXfqMJsEtAL7zRk5rrw1bBZjcAWxUv9eG1LddkWdpN15Ke2juCiKAYNqncqt3RcoGsdzrOJyR1WxXrdwoU5EYKIhlkfM8
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 462C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSk7h5RzqdKVj4Tlk3pdp4_teUYQhfPxDywGZdZKOm54Cpw8GfKP4JOUHUcP9YhbkOeYUHUuBkQ4TWF5EdwnD5fSyJvw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 462C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:04 GMT
view
ad.doubleclick.net/pcs/ Frame B154 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuUDIOiqh-weIysnwTVAsL_jzzNmu_GMdxXyo7C-ooT1UmRJQx5CDdnPx26kV3tEqFti59T6N-wdUO9Wi-Dl8wS_uYoMbQ1iWuJCo1r0qi3jcXzWfBVupbxvjHsa8TnkFx2VGCD4yfJSDn8T7ZTXhqjc_PXvBWG2b_YGgXVu3CPPIRtRrZqh8dSTw92WRKMerTtOLrzjfw-CImga_BYoW1XqMOSlSRPcy0Tqou4q1JTzKHX_RxzlkoB4PCcEVBk5LgCplRLx4-BhhtW5qV83bqHFPgrkxO4vW9PKk4cSFhGUynis62f6tFnqu3vxQG-RU3g-c7iCM5bEqQN1Ao5h_sLO_0KnFcUZoTOW-eJmds-qvKi4m8f4V9SKmAM6iiQmSDrDztV38qynNKroKdbTRuPZcKYz5ltimLp9gb5fRRIznKORPHKFmQLwKFB6I-goSWVWfcvPsVw8Y9t1yCoiI8nN2sOtcPb5LLxzo8i_MBdSoj4WnBEPPqRuZCz1WBMsDl3feDRg6kaKUiqsIaszNNUfLej0Q1iEyddhrq2WMogJLjVHl0guE-xk0d0Je7NH7MMyOHSZe7-E_psmnFYlZuft6DovtZmHv8R9VTyk5EdGR1swcmboDfEanWBK5XpFAuD-U8l96l5lmYab6LMZ2PMLYJmbaKbmuSiTW4xcGeWnftw0UwfZq4J-cUigW74cUNkspIm7B4s1Ncz-hyNbsOrVUFFbs0DXB37SlP70hHdLCvpnAOTUhPCUgGroCevrMFOIHuFwgLv5_3w99ns5shZrPUcdv9fkziLLIggQ3--4Kj_5z5yQFnOKN6vgGuQL992v1qvh7pLgC45TCbNCUp8cF7qE0RaWNGvnvoVvKKfkYsdUUuXD11M06ZPtXmgAelCo79UIdliVIoL6IaCjOsqFM5-zS4GTgrHmu5WQ2dL-BD2X8kFaeFXsuYX3762uuid2Sxn2mDgJN2rZbPF3vEtkmvYdXnyKP-mF7W10V8F2etaymwR2aaDrMBEsGClyUEb3hUPtygL4X2iK0yORr8pnefpqza8_T_htzQnMdrwL693WccRyPfm8HrA6V2UADfv5DKGzQWf0D5n2n4udMZev05jnkBzWOspCcQyHTnoQ57Y9vJT4LY3jCxbQWeoTUCg9XlEW5HAHgJlqgkw4hz1BKyBjDkrak3q8pnCjdAorMDxboLltg8KbxPks48eSeWLrsZpmfHZSOHwl0URiwdZOf0O3U5qFep42Fhq34dfwCFWRh451_8Bu-Zg7lqNKTVICYAbOMj1dflnVvxGN6LBnl5vJ8pTmxFyRxRYA6Zb5QUrbfx5EZ_hjR6-z866fT2uDfkr59maOp6hoGSB5K30SinOUqgqc_rkyg&sai=AMfl-YTbcZrneCa08Px1wbIIZWBEs2iqlQx2IdUiW3PWqKCQ_u8Jj1umGjLvO29fqrRYExpbm4pRyROOev1gWtzncuwlRA3nAzeecHQKH5wD4--1BHhlfNKBjQSh9JLx3ErKLErvp59hvC8JCyQE6e07km5w8dWLBplEZoqqQoCTWdrCWgSeMZZyCNiOTFI8v8Itt8aCFIp7TS37gT9UV46OAL4hzm9MdenCIOFWvw9sBK6ED0X8agCMvB7ytb7hdoXYPU4ANWDfRtIhUiHmmowRAoJcUgSTWoxG5pTErzn-h7qvS7cQLTxR7TZCDLkG7r9dWmpX7peL3Mof8XxmR-a2zq25WQRsUDWEiUEsmNKLAc2RwzXBbGWYRYFP_c7bM1yOz7xNb3yyhNtRTagaQl3kz9sDnUBOJ26ABXIT3vzUzyRx&sig=Cg0ArKJSzHqiSbz_dDEjEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=85&vt=11&dtpt=84&dett=2&cstd=0&cisv=r20231129.18527&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 4200 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:10:37 GMT
age
158787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Nov 2024 17:10:37 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4200 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 30 Nov 2023 21:48:00 GMT
age
55744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 29 Nov 2024 21:48:00 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4200 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 01:47:30 GMT
age
559774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 01:47:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4200 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 24 Nov 2023 22:04:26 GMT
age
573158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Nov 2024 22:04:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4200 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:10:37 GMT
age
158787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 28 Nov 2024 17:10:37 GMT
css
fonts.googleapis.com/ Frame 4200 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:24:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 13:17:04 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4200 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 04:14:01 GMT
x-content-type-options
nosniff
server
cafe
age
32583
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Sat, 02 Dec 2023 04:14:01 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4200 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
56426
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Dec 2023 21:36:38 GMT
l
www.google.com/ads/measurement/ Frame 4200 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaS4EAfyYddAFytoa5CULc7PUAg3or054LmqUHS1bRQ630oIn5ga57x1bnjxVsv_Re-mWoL2oFqG77fyAVfZfxcfszAfWw
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
cookie-frame.html
ad4m.at/ Frame 37E1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
251826
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
82eb9bb848e4bb59-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 01 Dec 2023 13:17:04 GMT
expires
Tue, 28 Nov 2023 16:19:58 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bf3ixPuhNras4Op3d55z%2ByU7cO4grFjQXBdn0fHfym6lFRkAIZMZjEtoXc%2FTCnMR99B6%2B1s2uc0g%2B6%2FhvjXr47SOzOsWp25yrRLh6znJcGESjjMqEhnM2sf9sAo5t7QvIwMEgnM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame B2E7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6893b6b06ec654eb5e16a5ad35c5122daad11c79d676abe642821f25c6de6217

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D8B8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/4565584107362352414/ Frame 4200 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4565584107362352414/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1e4e94f58cdee318c4ae78f4c3a257d77c2ae348e55eb3ec19503024b0ecd9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 03:25:53 GMT
x-content-type-options
nosniff
age
553871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1765
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 15:44:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Nov 2024 03:25:53 GMT
truncated
/ Frame 4200 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74e40720ff16348074fee3b4aa944d2c6b9b1e6004887a5b3f94879a0d1d76d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 2D30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNWfMcB4REig_3f-58lNIIBC20jj1vIrIXMM9bH-Rd_FywQcpoF0vHHmKq_pG1pue0AvyzhSZnEENBwLkfayDrDuGkK7IJc49xa2XHA7p4N-wHa61txWD_ja6O2aNmBqwF8z-z3IW4SVDfxau98IdEdHmVz5-fZIQWGZ5Ev21oXLxmQ5Hc3FtF6PDUt_xal2zHMZgsaO6gvbYxeXUBlNrC1Jy5_IgA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlKzDtq5uaQebjrCAMvEmoQSb2Oqxn4qippBiFFvMAIIc%2BNtfeSV1E3CbREqr3OlkhTZC%2F77Oy8yrRXh7IQaaaYwOx5BW5wZSkeVpHr71%2FhYltGu2m1hfqtdWLXjXujUrFTmNZa6jrgaRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb8cc9e3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2D30
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNWfMcB4REig_3f-58lNIIBC20jj1vIrIXMM9bH-Rd_FywQcpoF0vHHmKq_pG1pue0AvyzhSZnEENBwLkfayDrDuGkK7IJc49xa2XHA7p4N-wHa61txWD_ja6O2aNmBqwF8z-z3IW4SVDfxau98IdEdHmVz5-fZIQWGZ5Ev21oXLxmQ5Hc3FtF6PDUt_xal2zHMZgsaO6gvbYxeXUBlNrC1Jy5_IgA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLTx9gCk0DABCmQW4y8wbYbH3Tr5NQ3vUOWSvFiSK%2B0kd3aXQK1so5Mg7%2F4pIci%2F9yWax5PlEDwX86hPCBH%2B%2BmEOnC7bFdKZaS2BtcEW5bcfrTL6FIQ1l8Q%2B2EZ6LbyU4OZ7H56ul7hzVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb8fd0d3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2D30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNWfMcB4REig_3f-58lNIIBC20jj1vIrIXMM9bH-Rd_FywQcpoF0vHHmKq_pG1pue0AvyzhSZnEENBwLkfayDrDuGkK7IJc49xa2XHA7p4N-wHa61txWD_ja6O2aNmBqwF8z-z3IW4SVDfxau98IdEdHmVz5-fZIQWGZ5Ev21oXLxmQ5Hc3FtF6PDUt_xal2zHMZgsaO6gvbYxeXUBlNrC1Jy5_IgA
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
b1d462aa-0888-4567-9bc2-62d5be02ac8d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2D30
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNWfMcB4REig_3f-58lNIIBC20jj1vIrIXMM9bH-Rd_FywQcpoF0vHHmKq_pG1pue0AvyzhSZnEENBwLkfayDrDuGkK7IJc49xa2XHA7p4N-wHa61txWD_ja6O2aNmBqwF8z-z3IW4SVDfxau98IdEdHmVz5-fZIQWGZ5Ev21oXLxmQ5Hc3FtF6PDUt_xal2zHMZgsaO6gvbYxeXUBlNrC1Jy5_IgA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
22ba3cc0-e58e-496f-ae6e-dc97ff931927
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900026.redintelligence.net/ Frame 2E26 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=40138400096789704444554012525026&a=234075e3&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=40138400096789704444554012525026&a=d2c5725e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478
adservice.google.com/ddm/fls/z/ Frame FDC2 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKjv96yp7oIDFS1TwgodK68BfQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4016076645798.4478?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4276
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYmtbm7QEwAQ&v=APEucNX6dBCVtLL3JOVNFJzk_5gx9lH60nyuJyB05NztV84FzTdPHjf5Jlx4KCzb9-sQurcG_6nUiJQOBhz1tKtIInALT75-nBmcdGMN7vGeNOVJIDEStidg-v23EflJlrgB91hxy-Ig4Cj3ri3qqCBcuBDupKO-X6UKW5cj8BwnzC_MtzPWQbrdiEFyNheTGPUvaoKPyUzGcubHZuDazql5fvCKs0ckJQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00ziAbnTghSgpHhzZgB%2BzudyAYDLYsh7urHssPufjy6mHxyr1A%2BfcEuJZzOvMrY8nvCw0X14yqxgnwBsxUGNs7SPPuWcovHBp1o22bR6fohS%2FajQ0mJYkb5fUMePu2DrAH8GMvAyjXXVKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb8ed023731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4276
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYmtbm7QEwAQ&v=APEucNX6dBCVtLL3JOVNFJzk_5gx9lH60nyuJyB05NztV84FzTdPHjf5Jlx4KCzb9-sQurcG_6nUiJQOBhz1tKtIInALT75-nBmcdGMN7vGeNOVJIDEStidg-v23EflJlrgB91hxy-Ig4Cj3ri3qqCBcuBDupKO-X6UKW5cj8BwnzC_MtzPWQbrdiEFyNheTGPUvaoKPyUzGcubHZuDazql5fvCKs0ckJQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmQj3%2B9AWbBARpmbfleftFWtf2O5JQk%2FTjaZ3V27jjmq9XH5HDnB8%2B4Tktfb84nIp8oda13eFGYgm0MpO5zMEO0plk72hw2QkEV%2Bs8VxS6oyKTyl3BTNjrA9XAyrpGIV0Ekbz5TqoxRDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb91d5f3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4276
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYmtbm7QEwAQ&v=APEucNX6dBCVtLL3JOVNFJzk_5gx9lH60nyuJyB05NztV84FzTdPHjf5Jlx4KCzb9-sQurcG_6nUiJQOBhz1tKtIInALT75-nBmcdGMN7vGeNOVJIDEStidg-v23EflJlrgB91hxy-Ig4Cj3ri3qqCBcuBDupKO-X6UKW5cj8BwnzC_MtzPWQbrdiEFyNheTGPUvaoKPyUzGcubHZuDazql5fvCKs0ckJQ
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
c04ba7b9-7565-470d-808b-85d8678e2612
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4276
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEYmtbm7QEwAQ&v=APEucNX6dBCVtLL3JOVNFJzk_5gx9lH60nyuJyB05NztV84FzTdPHjf5Jlx4KCzb9-sQurcG_6nUiJQOBhz1tKtIInALT75-nBmcdGMN7vGeNOVJIDEStidg-v23EflJlrgB91hxy-Ig4Cj3ri3qqCBcuBDupKO-X6UKW5cj8BwnzC_MtzPWQbrdiEFyNheTGPUvaoKPyUzGcubHZuDazql5fvCKs0ckJQ
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
7070db1f-441d-4ab9-8256-2645e8a1eb0c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A490
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV85PAf7FRa5SWUgdtpvTtoyFx9EE3ehsWJf4HXxza2an3mmKXsDKMbX82zGJBU4yZRS0d3cbPiq1wV4qaLlouCJZWPPkjeDCQDoM02VTOMrQcD8A0IjUBj4yXN6OPlQPhK-hEM1Ni4jhGTrGfjC--lfKE4XmawNmIR4HO4KZBfUq71OihHJcpFfqDZlmxSLMZ0tIPuosmbSgrdTqoPL_x-kLO39g
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHDnCpHjrhtZDs5L0NvdB8oiN2eIuqDDwqvab1zGN0dQp%2BgnfO3H5VDt2vGw5KnK0fLxr%2FIqlo0v8cDwQ9L9hE06rx705m4UCvmHBtu7bS8kp3Ww9FeyZMvzPy6Eu%2FVtksLhas%2BdiVMHCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb8ed063731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A490
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV85PAf7FRa5SWUgdtpvTtoyFx9EE3ehsWJf4HXxza2an3mmKXsDKMbX82zGJBU4yZRS0d3cbPiq1wV4qaLlouCJZWPPkjeDCQDoM02VTOMrQcD8A0IjUBj4yXN6OPlQPhK-hEM1Ni4jhGTrGfjC--lfKE4XmawNmIR4HO4KZBfUq71OihHJcpFfqDZlmxSLMZ0tIPuosmbSgrdTqoPL_x-kLO39g
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nun1dikblo879u8x6aej6GNgBUlI20Jz53DxQnJ0pLeXyVp2j%2F1twhqXLebZ%2B3LaS2HGTdeEl0UjpDLRKS%2Be%2BKYQaxlfViMNUHmd12JgYU2jJ1Psh1bkdULiCCZmAAhLsfFyU0Ou7cTmVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bb91d613731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP726b71BCt-5xkAJLOH2_g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A490
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV85PAf7FRa5SWUgdtpvTtoyFx9EE3ehsWJf4HXxza2an3mmKXsDKMbX82zGJBU4yZRS0d3cbPiq1wV4qaLlouCJZWPPkjeDCQDoM02VTOMrQcD8A0IjUBj4yXN6OPlQPhK-hEM1Ni4jhGTrGfjC--lfKE4XmawNmIR4HO4KZBfUq71OihHJcpFfqDZlmxSLMZ0tIPuosmbSgrdTqoPL_x-kLO39g
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
3137b3c8-9c67-4533-9d3c-c3e47a31f17b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFUJ1h3wZgmnHPSClnVAuTY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A490
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjfsgIQuuvH_AEY-o7n7QEwAQ&v=APEucNV85PAf7FRa5SWUgdtpvTtoyFx9EE3ehsWJf4HXxza2an3mmKXsDKMbX82zGJBU4yZRS0d3cbPiq1wV4qaLlouCJZWPPkjeDCQDoM02VTOMrQcD8A0IjUBj4yXN6OPlQPhK-hEM1Ni4jhGTrGfjC--lfKE4XmawNmIR4HO4KZBfUq71OihHJcpFfqDZlmxSLMZ0tIPuosmbSgrdTqoPL_x-kLO39g
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
an-x-request-uuid
8a071e6e-098f-4b0a-9b64-3ae997be159b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY1NzUyNzA1NTAwNDQ5MTgzNw%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 22C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssMj_tMp88ngTyM7Vc2vD_yVvC3X31c9BqHhTnH7jsWzSb-JF0D8v81ypmm_4KWh_iqOZY27FpQxzJXSOdx0gRiG2VfZY9Yw-Q3BfUVVvjg3cbJJxU2Y6bGawfbLT9_wHbTF7-iOUywxOXfOn3Yduotkse8v9sPGfVruJb4paefvp9OMGgc665EnOP1h5ibvxY2BpgjCzXYxMQsdW3FHRrdnpi5IAAXRmW17GJCIp00614uoXZuaCdD6Ui5Nx3JV4_ln1ic1Nw0c6iQ708N2LRn7_ykZABsEq-ebnPV7vNJ_S2yeCUlHP25GpJWzAT6xguRvbKm4-sBfydkbMzFd5p400MXXd6VUwWL6Q4yy-L7Ojwj-w4hdXXIQLzqzLRJ6AWOs4gcAO7rWxhVDtGv1r4LC67Yi-C1xuo_hdo3KRnxfKf61aETyxINoHE1KMfbzGKDGK3sPoncMd3MhXQAq6Gx3aHLoQMrVyaSBHUkvpz-MSPbjfLOTa4Nz7lm-JF8U7yLvzrwyeuZS4myRrxKwwbzRwfEJ6keafk_4JtnKMrWOY49fW-gJKRCXTJqsIBZH4_FGNpX3fWLQIztLiExhMhZcsmOrmeCW81bq-X7VlvyAVuYyuiPN3PvPMCpFSQtsQ-r3dAQaH06G43EfCnBUkIAhpewxi-2ySWe56f9Rrc40lAuw1YVWSiKwaxiBozkAHqBBSoUxMyka6nHYbO_NAi_TZJkDRyvM4jnWTb8OYS5RMViOxEEproDiGuF5FPN2ZhAeI9BlskjF79crlKaes79d2IUJ6JQ32klxTp-5a5zNIaB9_GX66VRsjobjTVrg3KKrPkj0Pq1MPYArEv2lr2yGqQcykrPI40NTlaLBYXsp0EABMdQkMZ68zyoljwG_47Hl6qTeI_kpcRJFctgaGdPF8OzYmCZ4CoGP89sIyprrQHJaB2XGvTe0xrggbu-aMdlb8ma54TrCc_OrpYKhCuXmN4SEVno1OUhn12qRgZVxBJACORvl8cTUuIMzdytoZoESFOoz2Ei5h4rjkJUlvb1w_ZfDbPbRq6BjhO9Goucc5Fy7UdzL-7_9AxBVJA7b-zV8QjhoDiIlWPdBqMJ1DuQfX0PYVoosrgNT0VE8QvRc0MvoIT9MQQbIuySPbHIptaC9Wyl8snGr-pmgZfIo5ev8FFgqAGuZ02pJrek2kZMIeUWl_ibYbnCBxO_EZq2AuxjVK9N4BbujGm41kGsl1SIFZ7ETcW51soXCGkFC-UMQMUvvssnm21G-4veuimwLQEn4V5_qGwrhqYlIel9_GfsvY-TNHewjWMI5xmzQpPg2aFNzr0WLq644jTPoEp-LVRZv2RQ4EHNwJCBzW06DLGr_BL2MkSmMQ&sai=AMfl-YQWz9tkA1vSlPFPNSu8SUU9udeitiLYJDLuzY8otHPBXxL6U1zqJBLa9Rt-s9T3E0Iz_1e8auOuZAa5DYN7GYKAbi4P-R9FpiVTpBukzughSSj-C-bC0uzoMi6k7rlMESNjEly_mGklKYdicNtoM7rougnH5r-ye60LcXtEeMnSPt1Rgr3tdy_hEBkKaFXhlMAus_IHhHpLMD8q1S8NdSFWJoiQ_kAuNd14KYPUOXzO3CO7je0LhO66Cicsv5dvUQ1bdf7Eu0yHjk_O3HmybO2Z_udsmQBe7HKmWFGBHDwF0oMnF-4gyYSYqvc1ZiQY1i5x_locA4kzCxOxZRdTjbyFOYoTV-4vcsRtMpSX9wDQtdrNDFMadqLktEzJTBECT3iVG61z8ceVK0-J52s5Pc-nWKHKuVGUKl2lNZD101S7&sig=Cg0ArKJSzKNDJwAA2zL1EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=112&vt=11&dtpt=111&dett=2&cstd=0&cisv=r20231129.96146&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 462C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstAqtdIOpDDF1YGNQXakY30OuUYbxCmp4qvbp674ZBCzncu1x-tPZ739wNGKBoLDDL0XWyADzWKRto8DmcTr_uWjNh8tPCE5L-BeAT7uF0LM9u9LDcZVX4PaiIdsIe3m7ajrWnAwruLDIYFZwtXTfoZqninKBtSabrkE4s6Ddn9mGzg2F-2ZHrL6vIY9zELbD3a4dPHxh3JYOub96bFBldv0-6kkUQWnQUVTOrRHsSJueRrGkJjeGzTxaNtRKHtNM_kvv8GKMD26t1FIxOqjVdEh52YyOAp4Rv-DF-dbg24Nti0w3fAakux94d9xYbzRuG216mKZVI4oj_8gQ4Yvhb8YUrukcgtBVpVx3v0Ek82LCGbDqd_QNIOq9eq0B7tvr1Z9ZkyNNKOsqSpuTcmehQgM_V1DIg7X0AG-VroS1cl6wb9DWEq2FPaUmnYUJA7gfE_AX3-SV0saggJgnRNaudpyUs5oB9kdojMrNPDXVBkgcrg9SRwXPSCxHOXmwBTsLBu3YAooHHv8KfoMnfzUkQyIP0zpkVISxTJBTtrZn7JehurZ7zgXz54piKH8B9ner5zX3ASN2k5fBhrtXmnziaJghlKdtQI9FQSIx9bfX2G1vBVuSUGv4MwOymhDakAFvg-VMRqZ1r7p37KmD8KA9zxJRObQ6PL8ONV8H6TaDG70HapzM6Q1ACPU45Eh4OycbP66TvzT3oeLfne3leRU5pN7-9YvURgtOExWV-AgIUR5KHAe47kwViXdxaYhwysQ26msXAsT4sol4x1rTy43pMw6uZehFYgxGVvUGsBOg72u1sbqoFuKT17mlIzRGWfXe7ie13-BoNJF08fv6KjRD_QBlSfAxxRNY9WQzJLzttMz5HnfrN-S7ZKxBWYPzVZqI8cLIKuOjfvO0-M-EA8VWZs8xJov8OqGFyd_fE6O_JysJjJ6TGp-pSohEqKxhE3YFLyV7sySQVF2A_LEknBYsBHuo5z54MxArDM034D96d4mGAQ5ZVas7lf0PMHF20NOl3cK8NRffxLii-cTtEWNwkNmDIqCbPkKpMf42kUlGXuXuBnMkUIbqSTWLB82U5_aLGC6Abs6sm2EucYLNQRroa3Ywlw1TAHBS_kHmV3bwAhFQPOdVXwjpcFe6RUgQlWvbhr5wMhg8CwBn9k7YhxP3MrbdMD8MO7k_WIbLbm4r-RbbX0FkYR7zkpGFCQBtwjKuTP8V8BRqZ0Ml7HTcRVZRt76RPX05La9tLDIMrjuZyR1gRXVcV5wXhoGBRjQXKt6cSJ5QVERs53yEH_lbwwRQtFPRr7RUQ7zB3Iofn2rvwoXb8TjcY4bBZpMS4J&sai=AMfl-YR8PweIcfpG76aNhznJbDKi4msqYaYiL43GTZ_URHB2oOed04Pu8VwWDR-a1Mxk4FXjfM88XTwF3sb-sLIEyZVA7hhl7w70rStAwVBLVPArkSZsk7e9pHNKHAevKWYuafClKA9gpL8RuiHi-LgiD2dMFF93S8-t7DkZinUjqMhbxhkAOwPYJ2zssKdaov87LXtk_eZPj0RcnboNlFAkgYg6O5R5bf1xyZNGKBNLjSv6IWaZzewQ7_qiU4lSEIPKTYXcEapNC5DuHfUaJdPI5JichdYk8FUfL9Jqt3UzGz528yNN-QccYIIC_2JgKQdmWaT7lGeiDy7b9DAvlN8YOy79sOZS0SuqEUN4-G9c1Q4Zm2GapgeO9A9fbexGo91m36BZziWFLNmY5YwwlBoldu2PvlLQMC5a5Agr80gMki5n&sig=Cg0ArKJSzDreAx_nv5fKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYXRhbHVueWEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=101&vt=11&dtpt=100&dett=2&cstd=0&cisv=r20231129.95315&arae=0&ftch=1&adurl=
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4200 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:38 GMT
x-content-type-options
nosniff
age
158786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:10:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4200 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options
nosniff
age
592663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4200 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options
nosniff
age
517195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 13:37:09 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4200 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 19:18:29 GMT
x-content-type-options
nosniff
age
496715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 19:18:29 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8746
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEITEcPgt-cd4nN9jSbaNu1A&google_cver=1&google_push=AXcoOmRobeGunvZ3aVtUE4_UHYF5_PRdQ6rrrLAubJ1PLT3kUVE19ceFKiVnTYlY7HbBv3bXUT4ADduZ1YGU3oWlkaX_uqPO3xDwyd0
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzExNjY1MzMzNjI3MjI0MDQwOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 8746
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELJLRXitlJDu5se8Kxq_FT8&google_cver=1&google_push=AXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJLRXitlJDu5se8Kxq_FT8&google_cver=1&google_push=AXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2X...
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJLRXitlJDu5se8Kxq_FT8&google_cver=1&google_push=AXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb9bba29839165-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
135
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJLRXitlJDu5se8Kxq_FT8&google_cver=1&google_push=AXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQnQHW7h7keOmvx5Y5dFLih6-k9tZdrZmwqd52fU_YomhZV65OiqjD7U-MI4leIxOCnd1HOLLvFuEiAb1wBnOf75XP7Y2Xe9Xhl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb9bb908059165-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8746
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKZEsNDG9E9lgTmauLGPZbk&google_cver=1&google_push=AXcoOmQLjrARgOg0uL7JyS-XgfQTtTHcWUwcpIDvQQw89I6RJu8jPh_r3PVue5Y5LVelucmL8HuKWRsYf9_...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLjrARgOg0uL7JyS-XgfQTtTHcWUwcpIDvQQw89I6RJu8jPh_r3PVue5Y5LVelucmL8HuKWRsYf9_C4ZayNtKHXb2sgQ1-pgno&google_hm=VIK7BHPUSpqkks9v...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLjrARgOg0uL7JyS-XgfQTtTHcWUwcpIDvQQw89I6RJu8jPh_r3PVue5Y5LVelucmL8HuKWRsYf9_C4ZayNtKHXb2sgQ1-pgno&google_hm=VIK7BHPUSpqkks9vX4iDBY4
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLjrARgOg0uL7JyS-XgfQTtTHcWUwcpIDvQQw89I6RJu8jPh_r3PVue5Y5LVelucmL8HuKWRsYf9_C4ZayNtKHXb2sgQ1-pgno&google_hm=VIK7BHPUSpqkks9vX4iDBY4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8746
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHOIDVnoCHM9AD3BLmdNxV8&google_cver=1&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLw...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHOIDVnoCHM9AD3BLmdNxV8&google_cver=1&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-a...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLwazK38c54
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLwazK38c54
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQMY0jdw2v4hVHuejCFwTTTMZgl2qymDKUStk-9G9dRhj9fZxforM_B6iOK1MJflAM6VXGhpmQRaddtCG7RC3u-aLwazK38c54
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8746
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOODKMw-bzLwZg-skwAHiFY&c_param1=AXcoOmR20nnQIobXrpqloFN3onF7P-tF-hcWjFnFEQEew9b8dgbKpT3g75M8cni-hFi9L2zqal3W0jbv_ekOTSgL93tp2qVS543Yu3o5&gdpr=%%GDP...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR20nnQIobXrpqloFN3onF7P-tF-hcWjFnFEQEew9b8dgbKpT3g75M8cni-hFi9L2zqal3W0jbv_ekOTSgL93tp2qVS543Yu3o5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR20nnQIobXrpqloFN3onF7P-tF-hcWjFnFEQEew9b8dgbKpT3g75M8cni-hFi9L2zqal3W0jbv_ekOTSgL93tp2qVS543Yu3o5
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmR20nnQIobXrpqloFN3onF7P-tF-hcWjFnFEQEew9b8dgbKpT3g75M8cni-hFi9L2zqal3W0jbv_ekOTSgL93tp2qVS543Yu3o5
date
Fri, 01 Dec 2023 13:17:05 GMT
server
nginx/1.23.2
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 8746
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEOUZvdJcdNMDBJxDQbxrvVw?ext-param=AXcoOmQk8rROh5Sp-Pg72VN_DbTzEMd2uGVFi-cqm0vZqdCW4NMUYvRnJKefAI8Trt6Jf_vFFxJydsCpw-A_6di3R8HJXE7k48TTBnhZ2w&partner-tag=yande...
  • https://an.yandex.ru/mapuid/google/CAESEOUZvdJcdNMDBJxDQbxrvVw?redir-setuniq=1&ext-param=AXcoOmQk8rROh5Sp-Pg72VN_DbTzEMd2uGVFi-cqm0vZqdCW4NMUYvRnJKefAI8Trt6Jf_vFFxJydsCpw-A_6di3R8HJXE7k48TTBnhZ2w&p...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOUZvdJcdNMDBJxDQbxrvVw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 15 Nov 2024 13:17:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8746
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEPPuIDnHdlohkKLup0dk5ks&google_cver=1&google_push=AXcoOmTvScQNKug1s9OhbrGTKjxBkk4XFD5Cgd3iXz6EafFGXK34Bsgr-LedojdAE8PmQdZp9rPyyKzOs5d-SiKdGxv6nE-l4...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTvScQNKug1s9OhbrGTKjxBkk4XFD5Cgd3iXz6EafFGXK34Bsgr-LedojdAE8PmQdZp9rPyyKzOs5d-SiKdGxv6nE-l4LpViLZuyg&google_hm=9d9fcb00...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTvScQNKug1s9OhbrGTKjxBkk4XFD5Cgd3iXz6EafFGXK34Bsgr-LedojdAE8PmQdZp9rPyyKzOs5d-SiKdGxv6nE-l4LpViLZuyg&google_hm=9d9fcb00c3ff4f881gmz4l00lpmnfpmw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTvScQNKug1s9OhbrGTKjxBkk4XFD5Cgd3iXz6EafFGXK34Bsgr-LedojdAE8PmQdZp9rPyyKzOs5d-SiKdGxv6nE-l4LpViLZuyg&google_hm=9d9fcb00c3ff4f881gmz4l00lpmnfpmw
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 8746 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsYkDQjVzD6k6NejQ-Ikk9piSNduojG4vOunEXd7w6zyiHcg1EyOwQy-ZNZqfpxSuKqeTV0xk
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D789 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZ85YsBxYYXsOkRWK5MEKduxl28vulw95QbLogKiUH11wueUioJ7K47gHKQa1po3VPQGkncbSWYHYlk4OdeNcPjf75dLQ0bXlgJnuCBTDNnkFFVPFPl4XtPMJDT8_8J9MhsXGms-_QypfIvDNdCMin_OxlY_dJY-nba-fRvG6EwYg5q5U&cry=1&dbm_d=AKAmf-COS87vhceylV7_XSH9u79Gwo_CMosHNClv1i9pULfYNjKS3qlzn4_axU2ZxXIH1ToKzvR0N0TZMOrmmqC0t09iKSBdQg3p3EGPLdZ0Ug-VZRBqrWLHvtNgUH2KMcCWSdyHXj8rmQ2AWSQsAVyR2uzf4iGs5NRr9eCXzjc-ol4AMD2KAfEwzSr1FbPHrTaTDiBMmFZHbpxhuV9RDolVBh1p5RrHZMUuXDgvImw-5bpKOFBE9iGOuHkqpH69GO8DW8qQPhZU_qJqEcwYl5hhSzKZauby1zcUlZk3iWOgmqFelMcV0OyUq8nBvddBK4EidqvaYnmcoDk2aJ1hmysq-9lzno23FwpnEAx8_4tARZ6-A8LaowNgn2fscCT65SUnwchuAWqdcHMHOhBPXi3l1yVy4OcFXjLCS0fa7hduBVS6hzKDAIdaxiuUA7jSsct8tdMTxKWNUzGNYyJYihLZG08uaEADYkW1qV9GOiJI5a1_kyYVoLoKw8BNvpMHIqMVM_-nn31v7urnGrvC_sobBPOnx6YiSjf__GiTAKosbm3U0N6d1Wv7ZppSszJ6iLheWEpXTh1PmgPdJOdXaNiABOcAOWq_7sCLdfn-0VdfsnpHuz_mvRV09pXghH13hsVjQWe6CdE4-Z2xFdVxQ6tBNGEor02vp9hMyLgKEesrta_gdkI4EV8hLkeDWTwW3KhnvVHnjGvm2yD2sgkX7nb1Sq9Kvh4cBsFavk6FvZGxmffHhH_rUkONGC5LTOabCOC4wbQgxk0Q6cOVNWpq_QIzrRs8lQ67YfwoaAJSKBRFJCIsQiQvy2xLl8F-w13uMAhAx1OHtXPNg5HcJppc2P6f9J5PftSh4ZtOfqRFZo5TM4aBvBWY0RWiYJaJYptCdTgzvrzN9OraodG6bD64MPdLuhJZBllQ4eZWf3Su19Ha-uBblEB7sot0NeRtkXe6-5LgG3U15fLQar6NHe7q0xoB4YMT5BzWK9rJ_Xhl9R-sBNX1Dd2ESv2H0CMEKfPey_crdPb4tnDjOVnOh1sUTqr3rBrrOZxkKRWCXcbkUmciTI_vVSPZ80B2VoU4mac6meTuCOg0OQpcfzJFCvH11nkP8pkweWCDEiGLdmTwO1u42XuKZvju3IUKzIinU_yak48DRDQ8HO1rvCbtGP8BtZ9ZSe20Tj1qrlaeqS-lmR_5yLSSiQBjG8jDcNJCy-8WgfZtkM68ZjbaZ5AjWwkI6cUElz35aa3Ck8oUnL-DROG1oVMidGXJiLwQaQEszYpBJ6mELpEz2Z4WxmQcB665sRXEgrzzs3KrDCNAv2vqk7_C95GuN60nc7uws_MpyUZdeErptmlOMZmVuQdwySbqeh7prFhZl4pb31n504w9kc4GJdf2tfmHsKWZK1VDG9Xgo6ZDJIlzi5e4KEAwsl-WSpYjvB_cBH9C7HmIi3lONsqC4XVgcMyaWhC-uB13XyWF8g14KIHK5qOukToLVbeE86uw4trK-RXaDeoPugEKAsZT_xEj6GvIjq_8oFvz9I-LOERt7B7NNlbtSO1KcxO--sPvJUaYnYv5ipq4YAp8SSvbQVswP_M-zkIKxYVVd-I7NMt3VZ8S4Sfj4nn82ZFCu5RUxcRSHoDoMUycg92r65xu7ljG5WZzi12RkDWwFq9kfQ5oPEnmA93GcBaVXYJ3-o1-vT0-qBPzYHorbfPDunpYM6xXGQbrSg-XbgVVvFLC09Fki_Kl7vITwmOvEc3y7lGQGTwo2VX2SKwZPfLtl7Q1lOBl0oydTHImc3wl4xMiKZGuen5vuhJi4ADpQWCnhKIb6pRBfR1dGNwJub-PBcTZy68A4xOuVY0eF0sQ0h5jZNCuognWO-Hl-0hCfZM9s-Qe43sS-fkwD4v_0gj8yBiIEtq0oYcYg3vnLCH-5_8IHVvFYcSUfZPghrSg-weODTcyzOncj-wmku5CAe9TEt2q3mQKhwKjM8Ys9Ds5F9d_Ldw94iXOdSfwh7p0_0BHTJjcfwphqyGfNfVXN52SwVBMgitYTkuam0KDOshWH50NSvjq0ukrqWibhsRthUFT8U_y-VLW7GZrMQ8nXwfOxNoBq2gZm2WuanUpb0GTcCTjkVNIsfVvtpyOmJoZhbnGAPoB6JAY-fpmHRTE1NGodpLHBy5ibNa81khuqGQDAxtcFsIvQXXb0UUCdRkyVfIFN-aqDeYsU3-eWvi2btPVYVqH9oAFmFW0B27E9g3WVMn8J16n3KMIEyzZlrcrqXnbAQvn9WUgDU5wndpGQAnMpDbpedqTN-RnLZxHQhjESZ4BloDPGVgL0Kel8CCEtmVwnxMNNsATZ-0uW14aXaaptZ28_SsTU0JbIsNmHqCGf1-mQvsja0rvIG1-RTiUa0bg0UKrhTPu0FPf0V6E8lNHDDti_qL43CEROK-yybEoMkC1doGbZ62pmLyKvQlPJ--XY2LzVJKitJ8fTM9UzFD41vCe1B0zrAlS-xThk91PW-8UOYq3OuxxOoQUqYjrKLD7OsampzxJNHXsO4uHEsqN-Kffm56UB0c7Rmu69X6WJvDM6_Ng-rPvIoTiPtWxs51rAt3nZ3ZL83pKOTzKMFACbIybMroDXfF5GQGJW7jTww7woqP0qhwcPRj2Qs8fKZsK-w0cMYpaL2--YEgYAN1dgKAVhulOKq1SwqENBbV60P3UquT2RycRRq3y9Oa-LlUxZ17y-1_FWPxQbH4ZiKZYo6uIZDof2e1rDiaAs_plYK77tjvmwOgI_2BWDjjYtaydT3YCI3Z8KYZdlDzIVz60KCm2z0BNAvWBM6QJSEM5QbWcXV40fjvTdrisQMWLCa7qwX-_mE2b4vFumxcMJShC9CXDtdxWyMWc_VVr1PzF6Jfr8HSqsjj89YKCv0OyzNww05v9VCgZw5n-q2aJUSNyiGaT58Fo-S-yT8AXhOKYlHwRDZ8BR0I5b1OUoUKpFSbUbhDGOHbj0Y5-npzMOh6tZ1cxF5Z8HfbZPDBjAKn4gKWv-an-WYpADtbQB5FUAi09Z0BlSCHp1HgWGoqH1mpZzU9EliCVEaCrV5CZx-gvsv9JUF4dref7nJf5m0OTKOKrYKzpMAs7aT9nIy9OC5Ifms2fPXf91sz-ZY0bOiviFehm5UCQVHEeo_K1x5R7wZE91Q88mDwxbiNrCDQVxEfkGNKf-YAuXrHcMJruG-NVt-LKRDE_MAfw0aFbg3u97qZl1s-qhSw33PWgdIobJ4pE5B--s1ztrWsrqBZRDNC5sdqrGdQJzIaYnN8b7ftmEeI1Zdo26pDCTvl01LCM_yLTQee-gsU5CZwHZ-AR_WK6DAQcmROpWL62qtLOzTay8TW7FX-7yYuDbAUSGM0HQVBbfMO7d5dK8PeO6J_IrRRtLk0RVwemrBlnuwbPAQX62XAmyg2PdH9wd9bJt-YYpYYz6exuVcQ3WAtIXdntbb5WWjPLOg9rJh_9PSd0XWmvNb4HdjhQ2LFcyLqV3mapLJ6aY8JeE1HilygraPpV-TEdl3aLfERSVhsOlpIfyPLtPmp8CFhvk1WS33wBpzzwraxota0OyMTjz1QOmIUgoURzoFQk_BI_2Ad22nV18FVEHpDi-hNKCjXFlAoB3RWCA3uzHZ2-clxdfqpPIyPUD9d8vDb6Iv_PecFp7piVj-g6AZY4ojP5gnlLu5wwT_Yg9rdt5Ye6BalbtPvp4srZmvk-tzGw_XCF1Rf89B8tj9_gx5ciEyR_hphnb1gmtYifAxdXZTi5DosgMzEHOR7LEoaVEupKtb_Q-btdkN1BVerrteFsvHkmA3-AKse6Z_oImKk2p6eiNvHK3fPnVlKBvHwA7YfCNAsaE4p2Gzo1&cid=CAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fvaughn.live%2F&ds=l&xdt=1&iif=1&cor=8861699252561605000&adk=3690638929&idt=112&cac=0&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
507582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:17:22 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTQzNjYyNDY3MzcyMAogIHNlcnZlcl9pcDogMTI2MDY0MzM3CiAgcHJvY2Vzc19pZDogMzk0MzMwMTAwMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame D789 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTQzNjYyNDY3MzcyMAogIHNlcnZlcl9pcDogMTI2MDY0MzM3CiAgcHJvY2Vzc19pZDogMzk0MzMwMTAwMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDA1NjU5NzA5MjMxODU0NzI0NgpkZWJ1Z19rZXk6IDY4MjgxMjYwNTE2Mjk5ODYwNDgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTAxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU4OTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNzA2NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x469a8f224f96a0970000000000000000","13":"0xbc793de4b0f5241d0000000000000000","14":"0x3b0d55e8ba700130000000000000000","15":"0xfa26f06fc7cf14250000000000000000"},"debug_key":"6828126051629986048","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14056597092318547246"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2E26 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900026.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options
nosniff
age
158785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:10:39 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2E26 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900026.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 20:59:44 GMT
x-content-type-options
nosniff
age
490640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 20:59:44 GMT
pvClk.min.js
analytics.webgains.io/ Frame 8B97 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=40138400096789704444554012525026&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-14.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:26:59 GMT
content-encoding
gzip
via
1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
75011
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CR6BjIBkvoDbqoUE-xLiTm2PuXsvT3UH4sMFKnDj5g143TZl3FXhqg==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 8B97 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701436924&Signature=BC41uiG6z9ihDB2i7-6bro-616OhOYWQLFwObXFpGqKmrJ3zYHz7vUF8o1IV9UWNEmS7Gwyjb~YrSyRjmWoZ-JXukPxmKSYN6FK94gJ0JFkOgw9oQTU7ks~DsRvTThdxrbzLoRGrwlMfESUv1IGgaz7iBhHtaekrLaTYwHfR1onALInHSuv40psVYPsGNybI6VytUbvjkKW7rERHFCYfGHUNDA1WEWnyYYbExkyBD~PbCK8qcOCzm4equrNhRwbT--l8cQQXbTYmTBRXaIsQRREruDKZ01XQSOtL2bQzoy0BWwIFl3s7uBg37ZQiBnMsPI-uyqAilhAffDwNcwqS2Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-21.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 01 Dec 2023 08:39:29 GMT
via
1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
16702
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
ZOXcPNGuZbHGp9aIlW5YzG8IxlmU-M-PJRKZK48ocuUS7iDZHkn6kw==
pixel
cm.g.doubleclick.net/ Frame 31D2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMWAlmyjD_1_gTupZE25ubw&google_cver=1&google_push=AXcoOmTqwXu1JIH4fgEGcNl_8-8O0_OzvXMSJiH2MVZHmHDfRmEf2u1WrgVK0k1RKCZLhla-hoSrNI_vpCXvwX...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTqwXu1JIH4fgEGcNl_8-8O0_OzvXMSJiH2MVZHmHDfRmEf2u1WrgVK0k1RKCZLhla-hoSrNI_vpCXvwXhJ4J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTqwXu1JIH4fgEGcNl_8-8O0_OzvXMSJiH2MVZHmHDfRmEf2u1WrgVK0k1RKCZLhla-hoSrNI_vpCXvwXhJ4JuifyWpiEg
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmTqwXu1JIH4fgEGcNl_8-8O0_OzvXMSJiH2MVZHmHDfRmEf2u1WrgVK0k1RKCZLhla-hoSrNI_vpCXvwXhJ4JuifyWpiEg
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 31D2
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHudgbbOu5n2La6rLeEzBEM&google_cver=1&google_push=AXcoOmQgydSrSntBX8ip7rXL5j5BoKkHfphsyifRMLAEykIW82DIANeNIQCCAFB4Pzyy6GNspg8_C4URF5P...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgydSrSntBX8ip7rXL5j5BoKkHfphsyifRMLAEykIW82DIANeNIQCCAFB4Pzyy6GNspg8_C4URF5Pzhjn1xCfbI67Vu79c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgydSrSntBX8ip7rXL5j5BoKkHfphsyifRMLAEykIW82DIANeNIQCCAFB4Pzyy6GNspg8_C4URF5Pzhjn1xCfbI67Vu79c
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQgydSrSntBX8ip7rXL5j5BoKkHfphsyifRMLAEykIW82DIANeNIQCCAFB4Pzyy6GNspg8_C4URF5Pzhjn1xCfbI67Vu79c
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 31D2
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPEM8aSf22RTUVl5u5eqFGI&google_cver=1&google_push=AXcoOmQQWg0HPtyEZWcJcqvhY2h6dpYuUMaHisXpu3RNvJm6nwjvo7WK1ctVanYEtHeolWJrgj9om8vjmFqZlvNGnaK0twQOBwY2
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858738488&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858738488&us_privacy=1---
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858738488&us_privacy=1---
content-length
0
sync
x.bidswitch.net/ Frame 31D2 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEE6oBZlLQHOcMakG-uQ1V2E&google_cver=1&google_push=AXcoOmRJoVYFDcLixmDtxY_4uqbntqMIxV6yreBRQwLVQvXsH65f9i_IDSEJXc1h4OuylFcNbq3r-y8sMptxoVqdKkplPQnigVhS
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 31D2
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKserQ0NT6eWUK_7H8g4glo&google_cver=1&google_push=AXcoOmTyNmE7r5yE6G9jHxZqw21CPcCH48xN_BA__0DLBvf1RNmAMjg-clPa_BFL3ICwqtpjEanzU25G4kOnP8NigqVR43jFIAmO
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&mn_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTyNmE7r5yE6G9jHxZqw21CPcC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&mn_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTyNmE7r5yE6G9jHxZqw21CPcCH48xN_BA__0DLBvf1RNmAMjg-clPa_BFL3ICwqtpjEanzU25G4kOnP8NigqVR43jFIAmO&gdpr=&gdpr_consent=
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&mn_hm=MzQ0NDM4MjI0MTQ5MjY5OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTyNmE7r5yE6G9jHxZqw21CPcCH48xN_BA__0DLBvf1RNmAMjg-clPa_BFL3ICwqtpjEanzU25G4kOnP8NigqVR43jFIAmO&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 01 Dec 2023 13:17:04 GMT
v1
match.sharethrough.com/E4rooAtA/ Frame 31D2 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHHRGcNCVXUZ4CkZ7XCQx18&google_cver=1&google_push=AXcoOmRh2mXhom12rkLF2p3lqOn5_KcMCGPixMq0gbRDtgGMV3JHfmqiS6xQcRywQJcP2ZmuVprAEJZ6wW88bDQn-Ty0zxcXlrn2Pw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.123.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-123-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
google
sync-dmp.aura-dsp.com/match/ Frame 31D2 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 31D2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTW5soYHhLV-KEBJT6t0enYCRpz8Sz6N5WgvHkj9LJfC6K3CnvKSGUmnBpJBLhMmra9u7wGOs
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 9312 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELb9UMBUIKLJhKzcM7G6uYM&google_cver=1&google_push=AXcoOmTHpHUpCzfJ0VtO1mfbQhykoYnRsyzaCzI9ilr4m7TIhD1uD21v8SlH_DFCyzRVH6_vBjxwwv0qv0GHakM_YMFL34Vh0vfbS80
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9312 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEExmMZ7o7K6CVajaLvOAdR4&google_cver=1&google_push=AXcoOmQ70utayvssb2lbytHaJzhHJxtdk1RIiT_iGnG0NwPuWTD_UknQuGVZ3b7TNhtA6p4hQT8LCi0wd6aJ5IZqyqkjTTlHLD5jPdDM
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 9312
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDxnS6VYdrodpEUF9ea0lEs&google_cver=1&google_push=AXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxnS6VYdrodpEUF9ea0lEs&google_cver=1&google_push=AXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1...
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxnS6VYdrodpEUF9ea0lEs&google_cver=1&google_push=AXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb9bba79f29165-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
112
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDxnS6VYdrodpEUF9ea0lEs&google_cver=1&google_push=AXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTR_7PXBmFJ86vaHj84G7H1PqQI4vPrK3RZcMW4ENWo3umQU8EQ63wvmhpG0txKmxdu6FODIOK1oYSBq-NdUJ0YmuONsP1V-2pU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb9bb9586b9165-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9312
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPwNL3ca7oxOGl9uETl7MG8&google_cver=1&google_push=AXcoOmRGQViv3wv0lDLvFRFBzHAN3Q_1iASW4ixtvF8gxneCkgPp_U6zRev9mykL3a7Vl4DCO_mvXh3PB6KNvofdEf1C20GLXyqbEwc3
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRGQViv3wv0lDLvFRFBzHAN3Q_1iASW4ixtvF8gxneCkgPp_U6zRev9mykL3a7Vl4DCO_mvXh3PB6KNvof...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRGQViv3wv0lDLvFRFBzHAN3Q_1iASW4ixtvF8gxneCkgPp_U6zRev9mykL3a7Vl4DCO_mvXh3PB6KNvofdEf1C20GLXyqbEwc3
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B7D870E15F436E89C28AD85D830FA5&google_push=AXcoOmRGQViv3wv0lDLvFRFBzHAN3Q_1iASW4ixtvF8gxneCkgPp_U6zRev9mykL3a7Vl4DCO_mvXh3PB6KNvofdEf1C20GLXyqbEwc3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 30 Nov 2023 13:17:04 GMT
pixel
cm.g.doubleclick.net/ Frame 9312
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENUG1BOV2E-RXCJgUPxEQjk&google_cver=1&google_push=AXcoOmQ35vg__w5fh4oxADxG-dDp4P6EVj2F1zRu9rwJGCJeC3bjgoxbWGOTqO2aMwwS0PFS0WH83KSAWh6UlN9P8dX3SozCc...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858823460&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858823460&us_privacy=1---
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=858858823460&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9312
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFcsAGgxATJO1iMcsTIY760&google_cver=1&google_push=AXcoOmS9xPk6nVzbmKfNdKsLcpsSw5YT3ieyRZ8zsWWIM0CSU13DkXsaU-d4rMaxqA5qtknP3Y3G13wPC-j_E8o4tUpid-8...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS9xPk6nVzbmKfNdKsLcpsSw5YT3ieyRZ8zsWWIM0CSU13DkXsaU-d4rMaxqA5qtknP3Y3G13wPC-j_E8o4tUpid-8acFuIeQ_J&google_hm=eS1BWkhJQ0lCRTJwSH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS9xPk6nVzbmKfNdKsLcpsSw5YT3ieyRZ8zsWWIM0CSU13DkXsaU-d4rMaxqA5qtknP3Y3G13wPC-j_E8o4tUpid-8acFuIeQ_J&google_hm=eS1BWkhJQ0lCRTJwSHJLaWFhOFdVd0dWV1lsVWJwVUxoeH5B
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS9xPk6nVzbmKfNdKsLcpsSw5YT3ieyRZ8zsWWIM0CSU13DkXsaU-d4rMaxqA5qtknP3Y3G13wPC-j_E8o4tUpid-8acFuIeQ_J&google_hm=eS1BWkhJQ0lCRTJwSHJLaWFhOFdVd0dWV1lsVWJwVUxoeH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9312
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECEvl2dc4VfjZwSK7V5v1-0&google_cver=1&google_push=AXcoOmTAL_kHDAnoJlfGpMkozDXYf0DZ0ogZZ98wO7vPh1GU5Ga4KUjgzxGz__3xCN95Ttef2DOEs2kh6EQb...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAL_kHDAnoJlfGpMkozDXYf0DZ0ogZZ98wO7vPh1GU5Ga4KUjgzxGz__3xCN95Ttef2DOEs2kh6EQb21tabRFMAGaXRMPPdY4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAL_kHDAnoJlfGpMkozDXYf0DZ0ogZZ98wO7vPh1GU5Ga4KUjgzxGz__3xCN95Ttef2DOEs2kh6EQb21tabRFMAGaXRMPPdY4
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTAL_kHDAnoJlfGpMkozDXYf0DZ0ogZZ98wO7vPh1GU5Ga4KUjgzxGz__3xCN95Ttef2DOEs2kh6EQb21tabRFMAGaXRMPPdY4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 9312 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kn1biGPtrWZCrPsbVoXUk9k4rUEfvMoIpNFMr5ezcMLH0-Anu8okdBnGJ5WGb0L0hlN1ft
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 0C96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMxZsz9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoE_QFP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l37BD1PCGUMRQgoqkm-2c3nJKZMoLJCOjDRcLS63RpUN63eUsoHOr4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oIDgAoB-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcBshccChoSFHB1Yi0yODI5NDExMzk5NzYyNDg3GNyKFQ&sigh=B0TCn4nlws4&uach_m=%5BUACH%5D&cid=CAQSPADICaaNt3K2qbrUtFaBab5egXwXVjYB2FsiUB9LqM-cjRO5SXqZ3V0s8mCXQm15iV9VZ_82dkot-4XTbhgB&cbvp=2&vis=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 0C96 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hha5gp0sayq7qh48bd6t1ptmnh1cx85gnjrbb9j92cpcb4t9v977cpep695kcama9zv9b9s5vdfdtvwrmd646zqtjtaxc578pysdctexwbpx45qfz44r3wv4gj52h62vwt8ecnp0eg93z46dte11t4kfqbbsqz40wgt1ae6h0k1yvr4448nwmh39v2jew04sg39pfneh1w9ra802j4t0fp4n7pwf576mcm48y89qk36ak2g22hjmd01dd5rxb5zptaq213cthbz82jh44q9xk7q301wghrhethx35n00zknkmrxamp3jrrq22fbxm833c147e391wypvwhty40qs47brkv00sbyg1mcs6e7cdby4eydbxp9ytm4z50baqch9nbm9me85psef50&b=ZWnczwAI5UgIVQXqAAlEdwbBRkqZJgBGYDgsWw&cbvp=2
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame D789 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1701436623747872&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWeo0z9xpZeDSLYzwgAfgpLvwAqblvaBprZWcp8kP8C4QASCk5PsiYJXyi4KYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgTuAU_QHIPVRvtD5ail8rfz_j5eDrxTxkEMEZ6HCgWaH1v_OirEDlexmiFtb9TIwlVfbaFp9SohQnL9rIQq0NlrW4bbd7VLEA2bMSxYCLnSbrCmMwE43Vkz0HmsoqNo5jmLhK-jnOqfh89f1ABK5Ju9OdCudg57wvNV1H4d9TAztLehZQO530XDaGfxSTivhwxpOjZIv7R7QarRWyJCbNOAvEzVaP1lJn75IgNjX2wUavi-Bk0WVCnoEUPGjyXh4WKnLYs0-nokQEmv31D2omUZFSSbyw3IM8i3Bjm18UvQ5zNqPeUkOfspCADwZJOIaybABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYiKfCrKnuggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIwebCrKnuggMVDDjgCh1g0g4usBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB%26sig%3DAOD64_36mtVkV1s1TeKDp0mtkVuBfaykrA%26client%3Dca-pub-3565385483761681%26dbm_c%3DAKAmf-BjtsKkvZz5GasZYk3XK9nt7Rp3ZroePM23Z5RVopBD5b_xrEvB1g_ImM43T10mpiU52I8zaS5xUqWpik9xC8aU3gNgZY-1v7sKU8xUfSDd17iZPcPMg9YBZ_uVqYvFAkuyLepFBL-5yJx5CsGja1-VbklTwbaCVJLZXbtuZht2BTr4Kn8%26cry%3D1%26dbm_d%3DAKAmf-DSUrQmoyKBqRt8SqktXH5m6njUWWzDlFU1q0wol8hroy2meYkbge3-p1GhK7vvhrgoNZRxfI_mLfXGNTB6o-ZRmroAlU1LQcMHmn-L4LhEr_hGv9ik3VitethAmOcqLEokEgT-fkOQvvyTaqaxgfLpgo_wZtyx_STAvYGWYd6ryhZzU-eZkM62OJMbggaKfKtTPEwCEOeUQs5xAW3ZCKTmysmUY0eRNVxvgUdsFeHTh0e3t5IsmBDPQYMuHsG-_sc_3bNMQUmNx2hkyYlEkadxnQqc6f6ZUvx7NjNXqgGM-287Hy1F-vCwKf2lhMQO_FWcRXiNNKwWfgaci3pfH7qveFVJRSamXx3LK2F5TQ4HWxIpEyjf2hjWy2IQxLi6WQchlpMKKsu993iuYFVmQho1MhIfdCH5-dbzQpCWEbg6oRiIi6JdMzAoWy1mnsPwSovS_m9jt5ZbZPQXadvGCWM4cXVaLC1nai4i0pg6Jf4X29njtWEwUzqplshT5-A-xAaimUHJ1Nlj4tYbUe7GYAAIOUiFDj81mCiCGelxwkAwz5dlSOA%26adurl%3D
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9212d61bb00f01d460f73d3e9e1a2e1ea67f1baf8cca04eb0a6fe6a17be8bb3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4172
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ Frame 636E 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7629aa7b393210a518637f428ea3ff2aaefe25b5e51672e7087851ccdbff540e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93098
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 13:17:04 GMT
truncated
/ Frame B154 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11d9a735f024d54929c0e099af843e0990b36cfa925af316ca859e4904ffec54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CD7C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98F5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Ba2hgztxpZZGvNsLBgQftq7SYCwAAAAA4AeAEAg&bg=!GBulG1TNAAY3kmNgF5I7ADQBe5WfOCX-mhKtzhUrKn5esziimP7IZA_EhR2ioeMZdDb1-OOT9qo2XsloLTWwRGyASVwLAgAAAj5SAAAAAWgBB5kDEFLsx1l0owPxOpktbHsgKcDFj-Q3pbSLvp5IXgiKJqHqlFfMANBi0atKKARCAg-LdJcjscjZCCAMExVJoB3i4bhnO0O9qTwgT5VX_Q_ffAuEqTa1uXz9MwwfnOd2ba2eFGUkaiFbtyuakmp6F02auiAZ6qpH9j4Fk2jOn6BpIixB7wzrmAmeITB8YfYfyjEWb-MsUirCVTe95fwyJMsdWm5_yJUlY3HUlNwsEaJ0z3CrXA_5n4eAfFwoIGvlHVh4l2Fmer4mXVcC-yaOUt5NlmlnoBvkiD8ro32NI2nuc-G54VK7bQlG8J0kTsqzDvBkrJGrnvuJUkMJmgDu6tZSNen6hQRYG2FeDjPsCFVOciZu0tGiiCiedmo-HSe73mt5jLpwEAVZo7HqNtmwzTotReYAm7JHLTcV9GVRpBBaXHAXBa28wicNKELwKOSCsve1-WQ1AnzDPyALuSRmqKKXFG2DlWWX7U5TahgNSsNHoAM6w3egkvSxRgs3GvxsOdu8fQqABshmI6AwzRgj0HjobqME5ghMFAuLvuomn3VBKRJO1MehHO-2istU4R5t1ZkqyBFJuoqgu7S2kG5QoaMwrR2mWJrZYb1stRSEDthNXBUjq-DUhq0uxpgPmo1b3ODYTMbqX2uLwDPcaaLQefuwqeTOlvLrt2T-FE6Z0Hlaj5alhxNvVAgLc1WXOYDdGUEh6RmHrtLU6V_yAqBkUntHGCC3bm5dFFstSXVkQBo89oUzGsmjsBCa8PnDJfPG-YQqZ_4eCtD7O1ClOVaV3KgFX3aSWGCsWxqNtzlKB00shxi6uIhGdiWXBjsjIN0_TCrF5Xn9qfEGlqhWa7NuxLj5LH08GiUyNBAoFjEEkfxuwWk5WGLfhGYW-WE2-4mvQW-uskgBVE-UtJOlo1CHNkU5Hf_if3kbBvuA9KT1j2pBmPCJX5-rxeSP5XjiymbrgPvxfaOoM-QiPRG09AP7BsFLrVpwW5MvWCM0xHECJ5Lb1oSgEWZHySglUXo3AxHy-4VNbIj0xOV1H746X-ql1xrOUPQ
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 22C7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b97c9886e48a43681eac73ef7dfb3f229dd764b66ede77c9b6b22ad77d09f023

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A8D9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D8B8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA14 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUSvCmG5lv6d81UdfX8J4KONmyY3A5VAKyedvH_xVsEzR3NpNIlafme68_Ix6Weahg-XKshO-PKIM_ghcGL0i-QFYolXfO1DgcZEysSWHt3WFPuigUpLO08_FvMxZtMfcZjbKgDX6b0wLb&sai=AMfl-YSa61inGQ7eu51p6_WW6itzAMrARhug7t4AuffebMahIbuGOy9b5yEFESTcclEYNv69BoCE4AkJ6vJKHl3Sk04NHundDpAASztuf2_FxrNR11zxnilgjOBC-NkYwG0e43UXenPVaQ2YRzLVUMctxwM74EySgBFZaLHF&sig=Cg0ArKJSzCYK_N4GG36zEAE&cid=CAQSTwDICaaNeXsERsR3X0bo9B3VE2aGfEOgB8jwQAIerA6l-gs7AXBdC-cKuXFjDRFvi4b5i_oC1dYsSin9x9tdjr7QDcW6Ngd7mUeawzpBEbUYAQ&id=lidar2&mcvt=1063&p=171,561,261,1289&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2143607945&rs=4&la=0&cr=0&vs=4&r=v&rst=1701436623606&rpt=267&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 462C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae937f47356fba95064254ae48ecb89e3092228ba9c22fb20c4a143b2662d97a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B1F8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:03 GMT
expires
Sat, 30 Nov 2024 13:17:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4200 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 04:14:01 GMT
x-content-type-options
nosniff
server
cafe
age
32583
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2471
x-xss-protection
0
expires
Sat, 02 Dec 2023 04:14:01 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4200 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
56426
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Dec 2023 21:36:38 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B50E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:23:27 GMT
expires
Sat, 30 Nov 2024 12:23:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900029.redintelligence.net/ Frame D789 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=96e9f801d3&subid=&uid=ecb81507cf3a5580&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWeo0z9xpZeDSLYzwgAfgpLvwAqblvaBprZWcp8kP8C4QASCk5PsiYJXyi4KYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgTuAU_QHIPVRvtD5ail8rfz_j5eDrxTxkEMEZ6HCgWaH1v_OirEDlexmiFtb9TIwlVfbaFp9SohQnL9rIQq0NlrW4bbd7VLEA2bMSxYCLnSbrCmMwE43Vkz0HmsoqNo5jmLhK-jnOqfh89f1ABK5Ju9OdCudg57wvNV1H4d9TAztLehZQO530XDaGfxSTivhwxpOjZIv7R7QarRWyJCbNOAvEzVaP1lJn75IgNjX2wUavi-Bk0WVCnoEUPGjyXh4WKnLYs0-nokQEmv31D2omUZFSSbyw3IM8i3Bjm18UvQ5zNqPeUkOfspCADwZJOIaybABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYiKfCrKnuggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIwebCrKnuggMVDDjgCh1g0g4usBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB%26sig%3DAOD64_36mtVkV1s1TeKDp0mtkVuBfaykrA%26client%3Dca-pub-3565385483761681%26dbm_c%3DAKAmf-BjtsKkvZz5GasZYk3XK9nt7Rp3ZroePM23Z5RVopBD5b_xrEvB1g_ImM43T10mpiU52I8zaS5xUqWpik9xC8aU3gNgZY-1v7sKU8xUfSDd17iZPcPMg9YBZ_uVqYvFAkuyLepFBL-5yJx5CsGja1-VbklTwbaCVJLZXbtuZht2BTr4Kn8%26cry%3D1%26dbm_d%3DAKAmf-DSUrQmoyKBqRt8SqktXH5m6njUWWzDlFU1q0wol8hroy2meYkbge3-p1GhK7vvhrgoNZRxfI_mLfXGNTB6o-ZRmroAlU1LQcMHmn-L4LhEr_hGv9ik3VitethAmOcqLEokEgT-fkOQvvyTaqaxgfLpgo_wZtyx_STAvYGWYd6ryhZzU-eZkM62OJMbggaKfKtTPEwCEOeUQs5xAW3ZCKTmysmUY0eRNVxvgUdsFeHTh0e3t5IsmBDPQYMuHsG-_sc_3bNMQUmNx2hkyYlEkadxnQqc6f6ZUvx7NjNXqgGM-287Hy1F-vCwKf2lhMQO_FWcRXiNNKwWfgaci3pfH7qveFVJRSamXx3LK2F5TQ4HWxIpEyjf2hjWy2IQxLi6WQchlpMKKsu993iuYFVmQho1MhIfdCH5-dbzQpCWEbg6oRiIi6JdMzAoWy1mnsPwSovS_m9jt5ZbZPQXadvGCWM4cXVaLC1nai4i0pg6Jf4X29njtWEwUzqplshT5-A-xAaimUHJ1Nlj4tYbUe7GYAAIOUiFDj81mCiCGelxwkAwz5dlSOA%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=4041395042318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1701436623747872&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWeo0z9xpZeDSLYzwgAfgpLvwAqblvaBprZWcp8kP8C4QASCk5PsiYJXyi4KYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgTuAU_QHIPVRvtD5ail8rfz_j5eDrxTxkEMEZ6HCgWaH1v_OirEDlexmiFtb9TIwlVfbaFp9SohQnL9rIQq0NlrW4bbd7VLEA2bMSxYCLnSbrCmMwE43Vkz0HmsoqNo5jmLhK-jnOqfh89f1ABK5Ju9OdCudg57wvNV1H4d9TAztLehZQO530XDaGfxSTivhwxpOjZIv7R7QarRWyJCbNOAvEzVaP1lJn75IgNjX2wUavi-Bk0WVCnoEUPGjyXh4WKnLYs0-nokQEmv31D2omUZFSSbyw3IM8i3Bjm18UvQ5zNqPeUkOfspCADwZJOIaybABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYiKfCrKnuggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIwebCrKnuggMVDDjgCh1g0g4usBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB%26sig%3DAOD64_36mtVkV1s1TeKDp0mtkVuBfaykrA%26client%3Dca-pub-3565385483761681%26dbm_c%3DAKAmf-BjtsKkvZz5GasZYk3XK9nt7Rp3ZroePM23Z5RVopBD5b_xrEvB1g_ImM43T10mpiU52I8zaS5xUqWpik9xC8aU3gNgZY-1v7sKU8xUfSDd17iZPcPMg9YBZ_uVqYvFAkuyLepFBL-5yJx5CsGja1-VbklTwbaCVJLZXbtuZht2BTr4Kn8%26cry%3D1%26dbm_d%3DAKAmf-DSUrQmoyKBqRt8SqktXH5m6njUWWzDlFU1q0wol8hroy2meYkbge3-p1GhK7vvhrgoNZRxfI_mLfXGNTB6o-ZRmroAlU1LQcMHmn-L4LhEr_hGv9ik3VitethAmOcqLEokEgT-fkOQvvyTaqaxgfLpgo_wZtyx_STAvYGWYd6ryhZzU-eZkM62OJMbggaKfKtTPEwCEOeUQs5xAW3ZCKTmysmUY0eRNVxvgUdsFeHTh0e3t5IsmBDPQYMuHsG-_sc_3bNMQUmNx2hkyYlEkadxnQqc6f6ZUvx7NjNXqgGM-287Hy1F-vCwKf2lhMQO_FWcRXiNNKwWfgaci3pfH7qveFVJRSamXx3LK2F5TQ4HWxIpEyjf2hjWy2IQxLi6WQchlpMKKsu993iuYFVmQho1MhIfdCH5-dbzQpCWEbg6oRiIi6JdMzAoWy1mnsPwSovS_m9jt5ZbZPQXadvGCWM4cXVaLC1nai4i0pg6Jf4X29njtWEwUzqplshT5-A-xAaimUHJ1Nlj4tYbUe7GYAAIOUiFDj81mCiCGelxwkAwz5dlSOA%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
b533e55c1df8a26cf6508af7ba5e3517aaffbf3fe5c835ac71a94c0cb0f57db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97648300114709504444554012525029
Connection
close
Content-Length
836
Expires
Fri, 01 Dec 2023 13:17:05 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BF6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bs7P4z9xpZZ-dM4_73gORvYYIAAAAADgB4AQC&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOBmXtr9C6dnXzivPy55GncSKGgxSOIaiwPvpYNeFhWQIC4xi2R9HWb5SSJcG0GxXAgAAAZ5SAAAAAWgBB5kC_7xx59jfbGHHsuPXhhA22DzXmxlMKW5XmyXtI58eG_H-P8PyzlXDGnJgV5R_HiBpYfp1xVm0VlXOGGBgWDqvryrBOT9IK-88trkMXSSZCqc7jurz1XxwhNBGWGKeHWiXmNkkIJZ2-q_VkSzXokyVnincRfadKpN7WT5RWVi54bxdC4i9pVuvTEqcPzNmDxVyGXCGBMXaeFBY_MJuZ4N5bCIe7vTUUNCcFwDf-tFHKVvHIPuTkz5tbG523yPvUDMka6e5jkSN0xQqdh4CpvZXG2lsUM0riz2CkmYsDR_DTq_rYizj732UkZ3nDBCxnkCqerIIdBei-rqv6r0C3cYoqtkSJe1kAPmHbCaL0uTjYet2ij7MgnusRPh5i_laVDgWljR_UJiTGxPFDQnaKOfs7Re7k5Siex7F7pIjugHrLrBm2fJxdkC6g08s_Q6iAPEPYgzZsgFd9jjJaJZcAiYI-S1oZAscsm-X4BxlmWzBnPFkXdDPEMif_kpNw_YipElJH_J6ov9HapFO4uxENKLmFLlL8h_OGiBfDrqxKzYewuRd2PZOuUUlZm4OfLrAfCmyKnJcyjZaUqdjbZwvjGzTIMd6whsrc-uPEWB2A2VJEo7PmfTuN6zrygt3tox7OMm9JZUdpyhYmOWcyRAwfr6y9MM2MjFVe76GpNcF2fdJVnwHgVIYZtREu3AdesGNu976vZS9jaeYvzmodOqqvARMjsfeBTMkEtC8FcnPNNJoz9hE16kFw7pFHSuz0pxoAqDfnSCRK-2i0JJ2WsHArpM-HDfYoApoOB5hqGnMbw2gXMzOZBrulfoBqB6QtHcedwGFgeJx8hxfNIbgdvLPes0Lq1jm7YpM6fjTKHPyFzMvYX38r_gt91cLfB4ON4QzIddRTE9rwAXAsHhzxoAqdpbkl21RTogy1xymY1TDdvT5fMUUiqmPduRCNVlZJPOFiJs6g_b_SKQ_qrbVfDjHqYdcTqPgs9gbB2517NmMO9EU9Gh5-on1zQCcPxApiPOMybg3
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dr
as.ad4m.at/ad/ Frame 1006 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k9qyzj3jn8y71em9gmcqkjc9vh1enx1pxbfvywhs8w2ay5gtfr3qvveehcwhdzm2mr9cpvghv6x1t9asrqs87khw7hzbj0he2frxxtw2w5jaxfwk9mb09acb4q4r1fpyse81596spewmcs4etteh7b9agtkcffsnskg8qbbt7prjwbve4gcsm9xgxghrghy8xyqc73vp4cyps44vxqf2mf7kvr16kr1wbm65zd35g02smvy151qdxm68jk5rxq4tkpwd9z4ehc5mwnycpfmtpz8aegnzq36zn8rf6djda1ncx3cmjvyqjvk6093a4n7egbt2xv39aqarc7x6mg9syn8z13xfqyymv3h0v4tc15h1bh19m6te61ynb2143h5dd0ecpy8fn6bbe81hhcre31q2h1g1xjzagkaxy376xjs52tptra5x5ntkarm5resdrrvqac8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%26client%3Dca-pub-3565385483761681%26adurl%3D
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4188684a07253ebb3c51be57be17d3f038ae83e60fb52554a617104e3fa2bc1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82eb9bbaab34bb59-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 59D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 59D1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
62267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:59:18 GMT
l
www.google.com/ads/measurement/ Frame 59D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX-rH7XB1b8DcnV_j1A5sWZ2hB8zcsB1N1GFz0MR1LF-Yg4fn4QM3xjagPXxJ03lyikazXXXqLY8nDGZdQs04l_jZNAA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 59D1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 17:29:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
244032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Nov 2024 17:29:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 59D1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 13:17:05 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
starti
s-113.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-113.channelexco.com/ppx/starti?sid=&domain=http%3A%2F%2Fvaughn.live&se=6e83e0bd-d89b-41ab-ad1d-13e944392e1a&pv=117.59&dd=vaughn.live&gpvck=v022835727__300x168______DEF__nil__356&sa=shd&s=0.0&p=1065849310&cb=1701436625073
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.158 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame CD7C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4200 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZW3D0NxpZY_BBdLQ1PIPisi1-A6-9tTIdL2q79qAEsCwgOyQAhABILSQ-iJglfKLgpgHoAHbwMeAA8gBCakCt8Xp39jIkD7gAgCoAwHIAwqqBIICT9AxhNzyfiXSPdnGGT759-WqyMK2tSdDEeNY3IMIGn_dUUJyj7NnuQtcEHvPWgR-6KF3hdOIm016KUI_AeTlTtYGBjXFVpgh_R2rLQ3V5aHGo3xKPy65ja5yb9eFVKKSPCyEoZc2uc3SiNjyv6Eq80g1jAOdV-wOSYlzQI8V_uxJ16PjBX6T9ssvfdE_-tbh0Q3tGAEVcjua0JzFcGG4ZSPtKF9qLuOXqDh7nL_e6M-snYS33clpjExCrSSs0gE6kOurGP2UhMCFLntM6D2V8OWP5CCu_9B0XMjpI_QNTdOUtp0seM0iMz0DGR2VN_kgx1hEX8b9Lu-xONnjRxvui-8CwATqk_iengTgBAGIBfLruMZLoAYugAeNv7h_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQkN4D0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljJktesqe6CA5oJTmh0dHBzOi8vd3d3LmJhdW1heC5jei9vLWZpcm1lL2FrdHVhbGl0eS9zbGV2b3Z5LWt1cG9uLW5hLWRhbHNpLW5ha3VwLDE4MDEuaHRtbIAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI3cbXrKnuggMVUihVCB0KZA3vuBPkA9gTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0yODI5NDExMzk5NzYyNDg3GNyKFQ&sigh=dAIB-vaVKFI&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwDICaaNwI7XGy4Cqy3GdpBhQW1J1sKRTMlbjPAuQJLQwW6hbF9IfCus9dHWMfGWKX06hlBjVEDYnzcZGAE&template_id=484&cbvp=2
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 1006 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9qyzj3jn8y71em9gmcqkjc9vh1enx1pxbfvywhs8w2ay5gtfr3qvveehcwhdzm2mr9cpvghv6x1t9asrqs87khw7hzbj0he2frxxtw2w5jaxfwk9mb09acb4q4r1fpyse81596spewmcs4etteh7b9agtkcffsnskg8qbbt7prjwbve4gcsm9xgxghrghy8xyqc73vp4cyps44vxqf2mf7kvr16kr1wbm65zd35g02smvy151qdxm68jk5rxq4tkpwd9z4ehc5mwnycpfmtpz8aegnzq36zn8rf6djda1ncx3cmjvyqjvk6093a4n7egbt2xv39aqarc7x6mg9syn8z13xfqyymv3h0v4tc15h1bh19m6te61ynb2143h5dd0ecpy8fn6bbe81hhcre31q2h1g1xjzagkaxy376xjs52tptra5x5ntkarm5resdrrvqac8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%26client%3Dca-pub-3565385483761681%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k9qyzj3jn8y71em9gmcqkjc9vh1enx1pxbfvywhs8w2ay5gtfr3qvveehcwhdzm2mr9cpvghv6x1t9asrqs87khw7hzbj0he2frxxtw2w5jaxfwk9mb09acb4q4r1fpyse81596spewmcs4etteh7b9agtkcffsnskg8qbbt7prjwbve4gcsm9xgxghrghy8xyqc73vp4cyps44vxqf2mf7kvr16kr1wbm65zd35g02smvy151qdxm68jk5rxq4tkpwd9z4ehc5mwnycpfmtpz8aegnzq36zn8rf6djda1ncx3cmjvyqjvk6093a4n7egbt2xv39aqarc7x6mg9syn8z13xfqyymv3h0v4tc15h1bh19m6te61ynb2143h5dd0ecpy8fn6bbe81hhcre31q2h1g1xjzagkaxy376xjs52tptra5x5ntkarm5resdrrvqac8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%26client%3Dca-pub-3565385483761681%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1680751
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqvUrPC%2FroZFrMoVu0EIEy6f5tFq%2FZt4wDDi7h5bV2UZ9q0LXG4YiUQFyz1zr5me2buRa3w5SDe7og7kUIc6L0%2F3%2BhScb3oFWaoDaKPaOlwMzfkQG8pjRpMZS4i0IQy0VK2I9CTCGpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82eb9bbb0b84bb59-FRA
expires
Sat, 02 Dec 2023 13:17:05 GMT
r62eglto.js
ad4m.at/ Frame 1006 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9qyzj3jn8y71em9gmcqkjc9vh1enx1pxbfvywhs8w2ay5gtfr3qvveehcwhdzm2mr9cpvghv6x1t9asrqs87khw7hzbj0he2frxxtw2w5jaxfwk9mb09acb4q4r1fpyse81596spewmcs4etteh7b9agtkcffsnskg8qbbt7prjwbve4gcsm9xgxghrghy8xyqc73vp4cyps44vxqf2mf7kvr16kr1wbm65zd35g02smvy151qdxm68jk5rxq4tkpwd9z4ehc5mwnycpfmtpz8aegnzq36zn8rf6djda1ncx3cmjvyqjvk6093a4n7egbt2xv39aqarc7x6mg9syn8z13xfqyymv3h0v4tc15h1bh19m6te61ynb2143h5dd0ecpy8fn6bbe81hhcre31q2h1g1xjzagkaxy376xjs52tptra5x5ntkarm5resdrrvqac8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%26client%3Dca-pub-3565385483761681%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187338
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xtn0mNiXiARbWwUuv2%2FF48xnwZVyi5OrXNUXq7JplHEaOhdO7O5iSDGgoxZCH7YyxsYPEy7z%2BzUs9F1yz6napKzLhslXmWWAVp%2FFcFnkWL%2Fy6wCIqSluUpYxC%2B6b%2B7z9UePxvZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82eb9bbb0b86bb59-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 29 Nov 2023 09:14:47 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A8D9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B1F8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82eb9bbb4e635d45-FRA
content-length
24
content-type
text/plain
date
Fri, 01 Dec 2023 13:17:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm9BTJXWJvyepSnKXi0nC7%2FYOlb2TDcBwuOiNNhjE%2BYy3enPSjjIa3lCLXI4HlX5wfCsgs4aaRnny%2BIIR6w5QWyTgmOpXVSsng4yjctClHBOnN8NslZ2pD6tfq9dYYLOym8BRMQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-bdnd
rs
ad4m.at/ Frame F03F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7159fe05362e4beea4b66b00a94a4c44cb5591de54606fc4d2b0821d494237c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iRS4ELzr2bUguhTSaCgLb5V7uR63pC4HHmeHGoXkmQQBJL1TsBjvY7dYtPuWwexBgovTki25sMlWmpOnGEX4pyEuj55rnx9EtK8ZHfWw6Zt%2FMWs75ApkXTP%2FSG7%2F8wcq0SIcQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82eb9bbb8eb05d45-FRA
x-backend-server
aa-reachservice-group-europe-west1-bdnd
alt-svc
h3=":443"; ma=86400
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B50E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
htlp
futalis.de/ Frame EB2E
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=97648300114709504444554012525029&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3356614728
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3356614728
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=96e9f801d3&subid=&uid=ecb81507cf3a5580&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWeo0z9xpZeDSLYzwgAfgpLvwAqblvaBprZWcp8kP8C4QASCk5PsiYJXyi4KYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgTuAU_QHIPVRvtD5ail8rfz_j5eDrxTxkEMEZ6HCgWaH1v_OirEDlexmiFtb9TIwlVfbaFp9SohQnL9rIQq0NlrW4bbd7VLEA2bMSxYCLnSbrCmMwE43Vkz0HmsoqNo5jmLhK-jnOqfh89f1ABK5Ju9OdCudg57wvNV1H4d9TAztLehZQO530XDaGfxSTivhwxpOjZIv7R7QarRWyJCbNOAvEzVaP1lJn75IgNjX2wUavi-Bk0WVCnoEUPGjyXh4WKnLYs0-nokQEmv31D2omUZFSSbyw3IM8i3Bjm18UvQ5zNqPeUkOfspCADwZJOIaybABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYiKfCrKnuggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIwebCrKnuggMVDDjgCh1g0g4usBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB%26sig%3DAOD64_36mtVkV1s1TeKDp0mtkVuBfaykrA%26client%3Dca-pub-3565385483761681%26dbm_c%3DAKAmf-BjtsKkvZz5GasZYk3XK9nt7Rp3ZroePM23Z5RVopBD5b_xrEvB1g_ImM43T10mpiU52I8zaS5xUqWpik9xC8aU3gNgZY-1v7sKU8xUfSDd17iZPcPMg9YBZ_uVqYvFAkuyLepFBL-5yJx5CsGja1-VbklTwbaCVJLZXbtuZht2BTr4Kn8%26cry%3D1%26dbm_d%3DAKAmf-DSUrQmoyKBqRt8SqktXH5m6njUWWzDlFU1q0wol8hroy2meYkbge3-p1GhK7vvhrgoNZRxfI_mLfXGNTB6o-ZRmroAlU1LQcMHmn-L4LhEr_hGv9ik3VitethAmOcqLEokEgT-fkOQvvyTaqaxgfLpgo_wZtyx_STAvYGWYd6ryhZzU-eZkM62OJMbggaKfKtTPEwCEOeUQs5xAW3ZCKTmysmUY0eRNVxvgUdsFeHTh0e3t5IsmBDPQYMuHsG-_sc_3bNMQUmNx2hkyYlEkadxnQqc6f6ZUvx7NjNXqgGM-287Hy1F-vCwKf2lhMQO_FWcRXiNNKwWfgaci3pfH7qveFVJRSamXx3LK2F5TQ4HWxIpEyjf2hjWy2IQxLi6WQchlpMKKsu993iuYFVmQho1MhIfdCH5-dbzQpCWEbg6oRiIi6JdMzAoWy1mnsPwSovS_m9jt5ZbZPQXadvGCWM4cXVaLC1nai4i0pg6Jf4X29njtWEwUzqplshT5-A-xAaimUHJ1Nlj4tYbUe7GYAAIOUiFDj81mCiCGelxwkAwz5dlSOA%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=4041395042318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 13:17:05 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3356614728
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
request_content.php
hal900029.redintelligence.net/ Frame 98CF 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=96e9f801d3&subid=&uid=ecb81507cf3a5580&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWeo0z9xpZeDSLYzwgAfgpLvwAqblvaBprZWcp8kP8C4QASCk5PsiYJXyi4KYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgTuAU_QHIPVRvtD5ail8rfz_j5eDrxTxkEMEZ6HCgWaH1v_OirEDlexmiFtb9TIwlVfbaFp9SohQnL9rIQq0NlrW4bbd7VLEA2bMSxYCLnSbrCmMwE43Vkz0HmsoqNo5jmLhK-jnOqfh89f1ABK5Ju9OdCudg57wvNV1H4d9TAztLehZQO530XDaGfxSTivhwxpOjZIv7R7QarRWyJCbNOAvEzVaP1lJn75IgNjX2wUavi-Bk0WVCnoEUPGjyXh4WKnLYs0-nokQEmv31D2omUZFSSbyw3IM8i3Bjm18UvQ5zNqPeUkOfspCADwZJOIaybABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYiKfCrKnuggOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIwebCrKnuggMVDDjgCh1g0g4usBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNOWzbs6nlUvhvQMj7z1Vx3CLk4nNAfhMMeEd5J-CoE_B4wOs-2BDxtpMxi-9HjXmudmzgGMRJcxgB%26sig%3DAOD64_36mtVkV1s1TeKDp0mtkVuBfaykrA%26client%3Dca-pub-3565385483761681%26dbm_c%3DAKAmf-BjtsKkvZz5GasZYk3XK9nt7Rp3ZroePM23Z5RVopBD5b_xrEvB1g_ImM43T10mpiU52I8zaS5xUqWpik9xC8aU3gNgZY-1v7sKU8xUfSDd17iZPcPMg9YBZ_uVqYvFAkuyLepFBL-5yJx5CsGja1-VbklTwbaCVJLZXbtuZht2BTr4Kn8%26cry%3D1%26dbm_d%3DAKAmf-DSUrQmoyKBqRt8SqktXH5m6njUWWzDlFU1q0wol8hroy2meYkbge3-p1GhK7vvhrgoNZRxfI_mLfXGNTB6o-ZRmroAlU1LQcMHmn-L4LhEr_hGv9ik3VitethAmOcqLEokEgT-fkOQvvyTaqaxgfLpgo_wZtyx_STAvYGWYd6ryhZzU-eZkM62OJMbggaKfKtTPEwCEOeUQs5xAW3ZCKTmysmUY0eRNVxvgUdsFeHTh0e3t5IsmBDPQYMuHsG-_sc_3bNMQUmNx2hkyYlEkadxnQqc6f6ZUvx7NjNXqgGM-287Hy1F-vCwKf2lhMQO_FWcRXiNNKwWfgaci3pfH7qveFVJRSamXx3LK2F5TQ4HWxIpEyjf2hjWy2IQxLi6WQchlpMKKsu993iuYFVmQho1MhIfdCH5-dbzQpCWEbg6oRiIi6JdMzAoWy1mnsPwSovS_m9jt5ZbZPQXadvGCWM4cXVaLC1nai4i0pg6Jf4X29njtWEwUzqplshT5-A-xAaimUHJ1Nlj4tYbUe7GYAAIOUiFDj81mCiCGelxwkAwz5dlSOA%26adurl%3D&documentReferer=http%3A%2F%2Fvaughn.live%2F&ancestorOrigins=http%3A%2F%2Fvaughn.live&random=4041395042318&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
6e7579f68cef7ec5de407af0f69b3851d143c51db7a880b4797635789c1f4326

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1997
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Dec 2023 13:17:05 GMT
Expires
Fri, 01 Dec 2023 13:17:05 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame D789 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2229232&v=11671&q=344795&r=296283&pref1=97648300114709504444554012525029&pv=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame D789 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=97648300114709504444554012525029&pv=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
1235.json
id5-sync.com/g/v2/ 		251 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
69398434b52ee0a2a6df0d6e2e2ccb06aaeb994a77fe469614a6a560a10c9f4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 42B8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 10:52:10 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 10:52:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D789 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2debeaa65241546a47461f81845ccf9c9a4ad9c183f1fcba3dfdd6cf854fe84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 18F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRkuLz9xpZafXH_X3x_AP4cme6AQAAAAAOAHgBAI&bg=!y8ilyIfNAAY3kmNgF5I7ADQBe5WfOBoaaz2DLMq5DOakuGmQhE4NRO3nTbkddqtroa2m8mdHWVgqpsBav3XG4y1F5RCrAgAAAUxSAAAAAWgBB5kDENPVBQo_M-0_U8DfqvE9H0T9nTBw9DH_wySqycHVGV-8xyQIENebOfafZZJr29KQLXs1u-eu78jpCVsTspTWM0qFLHnvzMHM9G5oCxUwWcgYphtHdLGnnowIX0JuK2L5aIlsOG--xWI6yJOCQe-s4ppYy-UK9pCnomkQZZ8gJXUIjqnl8IIgJQupuq2-bTWJD4_j5wacZNA7ALlUkapOA1w8vMPoKH70u1zMZSwY2ByugkDMDPHQiKPg_IfxBiPdhf1R_93mu_O0_vB9tgHJ7gJeDLCilEMuWvAfE0gR8TLSXbn3iR-AWJxcAyrrH9AbcT_FIKVZ5ExWkcYtts9sz5PS-5_xvEQMWR67iv2Zy6_Ybdrp-tB1Bb5uZPhSNd_HR_YAmtEa7w8HgEYGeOUurbhvmSuw0y7Qaj2LXDI-pP4HRRvOaR00biZwr6KWbK0XGVnTmwgN6gRT9hCuqgs2CHZvsmXH4f5tUG8DWeO47vXYGVVNYDQIGRWIs08vmxnaw_m1qkUL_A9Nm7y041AOuDPp6hDW7VuxDPEx_fhR0YesThGKO0WVrb-iQtynQ8vMFc-qiwyhW1jehh5f4VdU60j8_DokJYs_dcHOjOynlcdrq43gugpKSRpf3PxOjqOBt2dcYqkHP5x3rOAaqJd9rPzA4RJfHv0oESSGrGfqorxbOod5Iu7sl-2F2DnJhR-MF2ibT03vAzXq4QX4IwSl79fHqPAcJ-2dt5dpu24uJfPSkA0lvFOHos99Cujxstow-MyA-F1IcKlvCfbaobMWPFCSge-gLH1_U5qs_UXvjDQagP0dcxdoo1y-oOsTmdJi7PL6Op7Gc2MeLwBGTH3QUJeP2Qyao_DhmAR4TO20tIR0ZLcUPwTSjweYHmNZeZzlujOM4x6mlL_KiZdu8utGEbwKCIF14B4jrhPKk8GLY8HkREK7CscdbAW4sY6zVcz60t5j9_fVy2fhguwEqoU2CYJx_kfpsXJs9g0TJ3mtFIiFkc7pFkdb3qUcG4U_ssq0Qq43HmtImn1iz--uFA1phzw
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 59D1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
114382aadd4823ecdd9d5222666e01f30db0cfddbce92e79ba96085c5b80a6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12C6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BjPAGz9xpZYbAI5WU-gbV1oLYBQAAAAA4AeAEAg&bg=!V1SlVBvNAAY3kmNgF5I7ADQBe5WfOBJsb-3TBD8GGSvWbFmf4W7ND4NZmLteN4zT0hAd3I_UFrgHbWe4LAqHBg7V8XrPAgAAAT9SAAAAAWgBB5kDBojP-f5hQdq1bXW9PYDoS-kddvB_vad2Xi9RHjkOu5J7u0kNQ0vyYPxy7SSsSdIqOsCNzRVKCKLzqoR8yoQjizSt6knpouU3Dqwi9W85RrlnUxWlYuMrVCYdE10aqadLLt2ouPdyT_w5OC86f_-MGcrE71b4m0__W4iXkl5q9tLYmuu38CgnqQ-2K1QmnOvgBCs_tyuO0GyV6ChaOzdDm71jZNorONjm0kjmTm4UNLZGMe5J_qheaRiqg5X3ExdhKcLC77A7xOe1FFvL5J62hEtOvqISuVh2DjyRmXhX9ZntSarUJ0bSNXOL8dfXJrbaXO9H9cqd3jZYx8ESpYWW4OeYSzQnkLg_ydV4xF1lWJFzhTB7lozbp9H6fCfY_o_C4cl2DVPNnRCdT4vDS8NbCVFJ9pfW2BKlTNSjJmVGSMFIByJsqEoyk451Af8GTbxaRVXUOl2d5YrMoEWpNiTrIYahL3xDE4YO6YpVkfQlD11lCRXyBnwtUN1Bo0iEeA4uXshp0-4tH8VVGeRB012y__VGXy-8fa_5T80I0lHBzWSvnER3pXrIYmolEaJClR_13I6tZr0Qznckd2X_G5amiNHZwGmiOk1iTF5Pu2ua7Ib7PBBr86EkVq9mXGrnOmBbUqmstqDQji9yv7C90DhKUsfSXnXj03wgkuwvSjxQkyk3u6m8UIJcA-oZUo32oZzxkZEks0FPjQy9z5StAdImG8q3_Ah2Bd0vvDG4xZhDxGDGY17KaGIaK8ZCrNfBKeAUpN-xLsP2c0wl6V0liXIbTm2WAQaDvoR0VEve9-7mY2e6GE8VF84PZpv6zA4YncAi6fpuo9zFdzJPbEZpLSfz4wp3ZbeKdv6sen9FTVz2TcELja2PAH0MUVdTHqyL5-2UwXeigtxET58pMzJ13guIQM4ksm_MhH_LpKRJRmGQFj6N1gIeXSDwFMGcg6jvMosv-eE0Ml3gpBmneCdydKIDgGuHDiyx2NS2qoKqyo4ErykL6aiJ2nJAPwx6t9_UMT3ObHEkBfS1vw
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 98CF 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:32:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 13:17:05 GMT
/
hal9000.redintelligence.net/scale/ Frame 98CF 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71422/creativesup/image-1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4b6e7123c326a238f790aeb54a66d993b9ccc0636f980774e445cef5041f23ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13919
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 98CF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
44d593c062b69209eee9d245ef75a66079d2ce02ded4c7696dbe4100274915d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12998
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 98CF 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8adcbc5768f396b58e0bef09417b88234f2f4421293fc16afe9d5ac5e5937d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15527
Vary
Accept-Encoding
Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1006 		350 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27861
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cid%2FfYHSZthUNDd1kOXftgsM%2FlCVHZ0NOLHnxct4B9uY8pVx0KD2UAfue3wcfctTjDOez8DLn26zKSq4HEL%2FetkFwN1oYElOiGA39w9LoSgmzo0c2JtUTTH%2FVINkIwpnaPP7iriOIDa1hyIy1afjYTkG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbc0e774dbe-FRA
expires
Sat, 30 Nov 2024 05:32:44 GMT
rar
as.ad4m.at/ad/ Frame 8CC0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7828f08d633db531c49d43321fbb21485b3236f1271a1a753835599173ce8baa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hex55wpbrej231m41beqtydh725c38pm14p82jycszz3vb0cdmjvjsvbgware5ya55td74ybc1f081d4sc8gf6y9y10ypptb9pdh9562a0ynts99jvwh5v2x1cg9fk3dj9gcqfgb34w37583byxknqm21awj2w636n35nww0ns2w1dq6f1yhzwmz7zs5qvdrbgp49k9gbna4twvj737ncx4a6aj3f1c1kc3655m6taqnxddy05vxs6s5ncza6jctehyrptm0k8adpfk1zkgsv15vpz6nswpe9na4kb1rqer55x2qymkhpryc0q9w0xxaq1erwp0qt65v290xdmxswgrn2k2k7cp7saswhaeddx25kpqaj6ytwr7jf18mxwfvt51xqwn6q8z8kj6vfwkkbnxrngp9qkdvhyaeatcp20wnz3d62hpcvhj1x0ssn8hnexa1dz1&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%26num%3D1%26sig%3DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%26client%3Dca-pub-2829411399762487%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82eb9bbc0c8cbb59-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
hls.min.js
cdn.ex.co/player/hls/1.4.10-exco/ 		267 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97fb107f26dfa81080591d1afd85f1f5a9b681a91b98f22e65ad6b2111766fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
82759
last-modified
Tue, 31 Oct 2023 13:17:42 GMT
server
AmazonS3
etag
"60aaafdd4d62415ba39125b40f38575c"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 08 Dec 2023 13:17:05 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Vary
Accept-Encoding
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
128094
X-XSS-Protection
0
Expires
Fri, 01 Dec 2023 13:17:05 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
rtb_vast_proxy
p.channelexco.com/ 		60 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=OjkoVWUpM157U1cxZ2N4Td8wLWmV0a-L7auhOJa51Rc0IN6bP9wRq0EUcyrjZxQfZxWUYTy0IPyyBa874g_-qGg_x-azRkbwRjFPkO40hN9QZ1B7WP6hEhrtKOFsgTzmK44j0pWFp740MLHlKVXI-AYQnvO_Qf1vS0gmmBKJAuaUIW4XiQUrEhNXHK18YGUrB1b8LLi7-pnqU5wQ2U8JAoyDJpLOmtR7TS7QoCtxRNOGj2rsEtWvD-ua7KnxRn5qnzGtzEr-tKpEoLxKoFVE5wf7w6IAR2M4Bgds3DE88N16CnH_Q9mhAENyabpLXip-9dxKt6jnGXxIyeIdL13Eu6uvxE2gFt2rydXsKTXXMT3V1hs8HcCMc6oiFKs0ovEZPUxKlqxitthgZrkYM3uozgiLwMWhbfwD5R32nYvynp-Cj0HgGmhTIaj7ki1PQ7FTXt_kwMDTeO0tBTzv3RNNLtm23MTXbCXKkyim2HTMi7DMNenB_p24_3_iUIB0CeSHUXHeulln-sYbrnMvU5jrUMDNhieRTGTN36jlwnRbOpZ_vdf-u2_pSR_pPZ_PLyRbH8yPeQMIYrqLGfPhWBtQ5ruf4-GDIVpl3_G1hxueusi35dYhnczyhCswAaLgsAyw3qOxoyLeSqkc-tI6dO5p00ukTGwk73X_fk3i1XK8Ne7a61d1-gN9cIiPkIXcj0GJFC16PZmIJD-p0O1SJgptpMucbzvyjGylflqy8qBCCUfi17VdppSY97uziphQ4dl2bvgNp0y6tMlwpz0UTeBJdegyU1l5LjsB0D5klKpeTgVzmGMY7r0wwQ9j4IdySxAfpqmYzmlCwmK8ONQUZYlfoVVamFIAHY2Q2YRj03ENYyOyIfrK9NUpWPoXnp1VRgEArG82ngsRyRGJwOmOVcZX5H-Pf9lw_lnRsHmj_JaIUZgzAq133CxpP2MAoXy1sj8hw4q6_y4U4fHrCrVdKcd1HDh23FxZzhmyrKiVzQ6xxHzjIbCoqGHaBZ4-mjCrfn0KAbYAVEa2ytxeoNTcIowhhph2t6L9ZQFai9STrcWVyXAiyd94DWUbuucgBMWu5kOyc4NG83v_XewtdJbgv6tLG_mWRW7vDgLPsDqhIX0Xw2wzU5RiQRZrlqgOJR9WZncNk6SoChCpRzRTmIgyzhHb7gFQMmxgqXvIaYj3BBla0H1abIGS8z6mJ8N1T8vxwOCEi-TPKcg7jvySI7h0JZdjXzDgKmMGIpB_SBQiGAA0Cimu1l2nSNA5JL5mKMUoMTQ9xERWC5gS3ViXhG9Jicy9ss_7DuA964LIO-9o2__7BWCJFAFeheq5EBYw9fnFumf9TDqKn-2avwQ1omU-n2Nl4iZPXrK1c3nHwphoYNBenmTuviSQce08RsYzR4_jq1cUAPikTksZ6ywnppf6rnz2Mkt1ej3CZAEF0INZnVFUgwlEVRdog0J4pMLeOwdRL_iiiA_FJlxr29FamT9K9E6k_2qePhym5gOjxfJvdu6UQQiyAqSEk7fNRhzqqiR3imubshWeXCvhIJUTktN2NYlG7mCxK32f6k4HcjwkT5aBl1K3UnPuMHshqbfMxicNE5VM20VbJaTRz1TpFUyz2OWQmoh5WZmgmhhNPCx20HI8fWHEcRGVJdMa5To4Uq_JW0rtyGyl_VAY7kt39r-GTSu6MkLUuB5oZSN8v675KGri4anaobcppqyU3IZaqLLj9YlRyzAJAqm3NVFojxFYERjM4W8nDicov_uwKyHLOI1mQ_hbkAJRTqi0sb06lX0TADXG2UbxGfby037WsyT16BCQwoFriXiOHt3KAFRLaGZ9gVONlz8TTmMgyhsPD0A6wn4kWv-1Ztk0gCxPuPuj23rgXkMPGei4VCetONh88g2QI7EoYtvAdG5AC7sREaaldRrDakJ39PRrqL86-GZYOhlE-yf4_s_kqcbAYNnfHNiBJ5OayRiYCnbEBmY3ZXcxcIZqqY1b0bXLISlV2VzniN93kRHIiUO1GL2eqnyUOi0sROI745w6U2yGI50KxXkACNYfJUNNFH5Mc9mIyKuGono_AEJ_rEkpRc48YmPc_we_o-MnV9hm22ctQl3QsLosiqWN9HYFUFweU4LZOgVS_PoL6_nVxMHK4HoYDrUEyMKPYwmDMUfZ12YmZSwSkVNS5TzUIAArsyOg3LtkyoGBFMOq9WwkLky21NqooXWd1AGSpK2Ec0l1x_YBueXVs_1-UCK_3yV7kyPpek8dsURYFWz7GxNrB_x2-ggQ7mb6DlJAjMsXEJkMEIeRj7YeGfWvr5C-YDi7HCT5HzuSVv4F5yOT4Z_OxehlQN941hCRF93hgNuuHXLIWTnNaoZpHNgmeQNRQUrlHiTetF5UQlTRgNHprDCfRrF_WZQ1n_tAeX5ikegkktaiR2OUOzRFUENBV1y-G2VhiIfDvks1I7zxdAn8h7GGh1SccZZ02kyaaoVKm-i5fJn1cBRsdT6ovnWRYkrxofG2D41u8iTJsB-SLV_CMmgzBRz22OCeTJ07eN986iE_JMRsblh9_bynm1kUN99t9eorJbplX-md42yBf_TBLbc6myxShbEfPKAUumkc18iPxkG1Ebi1EMviTDPtkAxXwZirfY9-Ti0m6iu7axx3rKbrDKVxsaQnmDHGWAWiOIZWMMOaXupW1vm611lMbHjd1h8qNfIcBE5RsDPlHfA49mY6ZgzTyq_nvyobYSFb1RJHM45Rr-06633hj5jRY3iUPGYzI_PUFpQ3MUGfSonAo2GpOQw2PSIeKBXU26HSTAw%7E&ap_size=2796&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.158 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vaughn.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options
nosniff
age
517196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 13:37:09 GMT
thumbnail-720.webp
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/thumbnail-720.webp
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eae8becbf14b20a3f18f2851bc6da830f3b7f66f81c4ca2ca31e0a324db0515f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"647ee987db6540fee9ac4a4560e275ef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
12201
adview
securepubads.g.doubleclick.net/pagead/ Frame 59D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmEkQ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSEAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiOReRBjVJJSFUnv1lEvWTpzTrr-Bxuq-5pAnViycv8ZIUIDOncn8e34AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oIDgAoD-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcBshccChoSFHB1Yi0zNTY1Mzg1NDgzNzYxNjgxGNyKFQ&sigh=q_WDIadv2ww&uach_m=%5BUACH%5D&cid=CAQSPADICaaNZHCSr_dTjQTeTD1XRr00uBgmiy5JyfetjeZgqTEAm_U7A9eh6elQJSS1zUy86TjvgeCN1Dvj-xgB&cbvp=2&vis=1
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 59D1 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gh9e5swef2hg6fgyazb1s09nvtp60ya260v9q9q60cj1y3tjj5rzvtpxxc084hfy66wm29kpc1pxm3yy6j3z5rhhr3v1hmg4rgg16fastwzwzwje64fxwv0qjyxxf3hdj95zb2z4qbkp300mvrn7rczp81k7neb5m4qvwc756vxzg2d7nr4nq3q6g03nzjnp74wwassp7q44a7w1tthyzn85t10q6yt6218c4q95wzzwzyb7d3m1dzvdgy0tfc8x7sf98gcyw5ke76t1d2ab2dzfz8zn5fep1xgxv5p0j6t1ae4kae49smj374461jr7eghj2fqwnnpvb1xmna7zzc159r3htp498y3bryhpkwppm7s70tvs4tyzvmhtdrswe4mpcd9pf942n8&b=ZWnc0AAB9b0Ke7CZAAo__D6vS1I2pAWx2PcxUQ&cbvp=2
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
ts.js
cdn.retailads.net/ Frame EB2E 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3356614728
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 42B8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELSXPzY2vu0GIEuK9x1syBc&google_cver=1&google_push=AXcoOmQLB6sr4jwxuWFzvLZT7nSUOmkGluvzgFgrztM_Ktil3G6MtCZu054IIYL4TjpIcc-flXqVehLwfVv5kJC1Sju2rphmiRN5
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzExNjY1MzMzNjI3MjI0MDQwOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMrltXOu7pNKSWVuaE_E6tQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 42B8 		43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEA3TyrqpPc6J9YPP_CixAqM&google_cver=1&google_push=AXcoOmT320K-t11LqkUOFn5riHx_K5qXoBKe_vlg3Fv1znQgngzcbcWFdWubswSE9NiAN4NFO98N_tJH4atW5RibmyZZ_WTw9i9f&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT320K-t11LqkUOFn5riHx_K5qXoBKe_vlg3Fv1znQgngzcbcWFdWubswSE9NiAN4NFO98N_tJH4atW5RibmyZZ_WTw9i9f%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82eb9bbc5c409165-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42B8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIblLejTBSq9_iFYZoCJqi4&google_cver=1&google_push=AXcoOmSbKOL6vcRgmDTdvAiN3eVnMdmUhOsIZnp2gMkx0KahGYJpC0MYd5ULZPEuK8802YhwiBUwXwLD5EiZdg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmSbKOL6vcRgmDTdvAiN3eVnMdmUhOsIZnp2gMkx0KahGYJpC0MYd5ULZPEuK8802YhwiBUwXwLD5EiZdg45Ya...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmSbKOL6vcRgmDTdvAiN3eVnMdmUhOsIZnp2gMkx0KahGYJpC0MYd5ULZPEuK8802YhwiBUwXwLD5EiZdg45YaRXF7-qtEA
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzYxNDY1NjMxMDU0MDQ0NQ%3D%3D&google_push=AXcoOmSbKOL6vcRgmDTdvAiN3eVnMdmUhOsIZnp2gMkx0KahGYJpC0MYd5ULZPEuK8802YhwiBUwXwLD5EiZdg45YaRXF7-qtEA
Date
Fri, 01 Dec 2023 13:17:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dds
rtb.openx.net/sync/ Frame 42B8 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAiOy-aT1Zv33w2ZJaYixnQ&google_cver=1&google_push=AXcoOmRidvq4UbfZQsXGObU5eaW-9HhqHstKjUoM7_ORQLQG6vfLf3Gj_g_g3Aeo2hGWVsktMkCc2HuJ0NcTSKiZDHNR_oTmfm8S
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
us
sync.go.sonobi.com/ Frame 42B8 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTR2hRu1Jx-tr8sXiDQ9LZ2UEFZsget2TxSi7i8yQs-WIjgAUFAYLjSYQia8ZWnKsa83hy6C1y4uYmcXs4-q40RHQq6ka4o%26google_hm%3D%5BUID%5D&google_gid=CAESEFyK5_a993d4glAsdng0lJY&google_cver=1
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-201
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
-
s.ad.smaato.net/c/n/// Frame 42B8 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKlV5Y4vjER5R_er5YltnjY&google_cver=1&google_push=AXcoOmQUh9jQnYEMtqMmLo8rHiIJG7c4Oy0wgetmgV-SRn3vq602m2JtNRdE_tq0lxBNYnOqE9W-JqXapTepBjWNIUzxuBRJpQ4
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:9a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cache-control
no-cache, must-revalidate
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
NEGxWGTHvEnXO87if0nfoeN0GV8_3BQYEqsUBTrcd08YENvPO8PpuQ==
x-cache
Miss from cloudfront
/
onetag-sys.com/match/ Frame 42B8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOOGDOPZZFGHGoudL8Tdj0g&google_cver=1&google_push=AXcoOmTGU-H52nW6QvJfGunkjcTtak4xX6w7Z5rUihY1PpiFgC0-Qw_wZGOX0Ublv8JqFIU1lEbRVctvRCy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTGU-H52nW6QvJfGunkjcTtak4xX6w7Z5rUihY1PpiFgC0-Qw_wZGOX0Ublv8JqFIU1lEbRVctvRCymkgrN_iOKARd35-aRDA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 42B8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8tFL3DPpZr5stkHnng6v-xb49oItFGVj_0L7yiTHGoWLtljXmH0ze1BN6PwTZIdYrIBqTIw
Requested by
Host: 28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
URL: https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie-frame.html
ad4m.at/ Frame 4B07 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
251827
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
82eb9bbc5cdcbb59-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
Tue, 28 Nov 2023 16:19:58 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bP40Q1hWxLaBMpnje1Tw7vDdZMpUreLxyHqoLKwK7NX3SXpdVeVN7pIzs3CiREWlwbyboNuLzoQXJ5Yi%2B2ROCwmNks5bWjJbMQrQeVWvZz%2BvDMD2uqSBFudFUDjwIPc0yayN7Hw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
expb.js
cdn.ex.co/prebid/production/release/1.10.0/latest/ Frame F2A1 		548 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4fea57052bc2887cd1b4afb58008d49c16ee05e99a89884e52d256480a8f74ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
185510
last-modified
Mon, 06 Nov 2023 09:10:33 GMT
server
AmazonS3
etag
"768c2e7b48963c886b62705653fbf382"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 08 Dec 2023 13:17:05 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8CC0 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1680751
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV0sZg9CvAcW5KHDdlKCIWW0h96Ibjmz9pPlkk1%2BR2au1Ml1haADBZ1LeM8HZ9JxMXRaUMe%2B1B9F%2ByzsRfRaaxfsrwy0T6wVxUJyebOulnIl%2BuJ5qnGdRY4VPllF%2FRhDHEACcNEoHHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82eb9bbc6cf2bb59-FRA
expires
Sat, 02 Dec 2023 13:17:05 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8CC0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41388
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FG3yDRjP%2Bk2I9bOuIVkV6lh8TscrAZyA0KkF9lwslfEuhDgybwsC6CVWhFI5eAxTuPPyNpaLkay3qgXLewtvx2VgndxHvCKd5WeoyOo0NFcna8o9YRdYNXgnGqQmY9hxagAdx5bxqun1aMVG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbc78065c7a-FRA
7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 8CC0 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1919166
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21332
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:58 GMT
server
cloudflare
etag
"50190e2f2596fbaf0b3827698ee24008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X673%2BG%2B1D2mnwCvb0GxmDrgaW8nnRsTOzVdmSdrde5BCTuHVRLNtcvLYVcwkheSUCgPCK8wWCD6w2QpkwgrSTfyECtIy1yN1YVFNZ6Xr397aiFuQ%2FLgYzj5G5%2F0BdHnPG8xVcHkTnixJ8sg8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbc78095c7a-FRA
view.aspx
pb.media01.eu/ Frame 8CC0
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=92018...
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=920184&produktid=girodirekt&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:04 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 01 Dec 2023 02:17:04 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
53758
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B2A2D18E:D278_91EFC182:01BB_6569DCD1_3B1A65A:41F0
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=920184&produktid=girodirekt&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 8CC0 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34427
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IhmxDVUO9EGW6q3DncJy301XEtW9uv1URG6gnjLQu2oq75GGtrlBcePieCB%2BOr9J%2F3Cti5E5eqtm7j7k1ePd9%2BucJm5JGUkkVkxVJq8hCstZj8HyJwrRw8ju9rZZaVzQAwrCDNNK60Ihx3U"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbc9d23bb59-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 8CC0 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
285290
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp1zcyYFE6Om1ijMDGEkRBKY8z%2FTw09wZyXdv6l1KdZmGo3YpIYDaHEbnsgChPPgjip0l%2Ff%2FzjYmJ9BZUHBi7NuGtYildjqCxH3GilkN7be7BR035OYp3HGhkV7eouh48m95ZE%2FhYnOkYxuZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbcad25bb59-FRA
cshow.php
www.awin1.com/ Frame 8CC0 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 8CC0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213077
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF%2B33T1C8LOVKOxSkPqiakwnsigI0OdQyt3O%2FIylAAPHx28XZsUZB2xihKCmqWKkwZSM3geUK1KtO6GpWm7Rbg9wHbiQ1If1t78zEyjydXGx0DncNYjfKbsjusdXENiECkRWMJoc752Ck5zl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbcad26bb59-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 8CC0 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1919307
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEZhhLONqRw0PIFIMOQUMwt88fFZ0tXctaLsaZ4MqIWkIzI9iE70ctSfYk8oR7MqN%2BrX2k%2BG3NUgMf8kVG0ssVctFjPhEtSydPCm2qrIXOKhq4stdMonbtb3IV5foHLla3s%2B9QK%2FyeSagU2W"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbcad27bb59-FRA
cshow.php
www.awin1.com/ Frame 8CC0 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=08a15483013289adbfc96c7d271636f5%2F6572877181427532710&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625218&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvqjq78prt6mpqjbpf9qq5kqx9ptrc8ehz30jphvmxc44t8zv4ph08twy1e8ay0ew59bj4fpxvzey72d183zfegf0e3f4rxhetnyvbvewgmjcdg9599aqtt6ydtxyvdw5y6282rz0zs1y7rh3xmqxay6f10zw8kes777kr4wbkfk383596gy2vdqgs4rpc2n6x2q0s3c9q88r4n2k0pws8yt14egz1b1ztvhre8stxpb41fyhm01cdatbm19m2y22c15mmd09sfm41td539mgnn%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCCAn4z9xpZcjKI-qL1PIP94iluASQ4YGEXLaoworwAsCNtwEQASAAYJXyi4KYB4IBF2NhLXB1Yi0yODI5NDExMzk5NzYyNDg3yAEJqQIOqMvSYEeyPuACAKgDAcgDAqoEgAJP0BkRD-cDlA611ZefMNyG9FeI5TFSZm1RQNDR1_vfM7_Rve55s4_GL80hHTDlB31RK-hZ-UJ_oklWPXYuNWaLaxO_vZ5XAFUdQAxq6Q8YuqEfiFhGp-9rXHLhiJUUZWKK2VbhJz3a66H_moJy5iUax1Xk4JrofZS4bCDGNVpgfrMi0yc-7urd2_vb0dC1ZWLghEyCRJnuDghi49F_PY8yTMXy01XFk40WpIZQbEif1EQsN_Hyygyq3kV2oylElysBJ5eL7wbcrZn7mACUA8Ef4jWbgg0l3_JB9WJRqUMQSg3sDTfVTIBzcMCmLg270JfJAj8pMV1WxTDwPzNjzj9m4AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOOIuKyp7oID-gsCCAGADAHiDRMI8Lq4rKnuggMV6gVVCB13RAlH0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1eG2DIjcbWTGN9AGlpsLBdSf-fqQ%2526client%253Dca-pub-2829411399762487%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
viewability
hal900029.redintelligence.net/ Frame 98CF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=97648300114709504444554012525029&a=e6a587cc&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=97648300114709504444554012525029&a=57dce239
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
master.m3u8
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		430 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/master.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c4e2225061ee113dedc17c2ffdcf5e703ccd51e685e9a245fa534e3d7e6dfd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"e7b8070c5a43a48dec9964d6ca53b054"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
189
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 98CF 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options
nosniff
age
158786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:10:39 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 98CF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 20:59:44 GMT
x-content-type-options
nosniff
age
490641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 20:59:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8B8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bt02lz9xpZYrpLobOgAfP44WgCQAAAAA4AeAEAg&bg=!mJulm9TNAAY3kmNgF5I7ADQBe5WfOAqr3i_rgkSGFdbVGhcXUNH5kszAzPxaQguRIb68_Wi85wrdNe0Bu4AldWym04epAgAAASRSAAAAAWgBB5kDBa1oGCJAbjAoziidMaK_q8-afDbaeToFB6Q7QkVCvkjtUiGyzdFHKhgoIdRm_lNuXULuggE38ztWJUE-Npe6HCEN2T4LkrXtiiMFuRls-TKKLpNa_bSSEI-x0jJNhrbHSNSWTm4SS5qlMw5HMVk2mQtU0445cLbOLN4G43USeTelBo66cqLTU7nFGUCaBC5OBl7vGzdE6UjDDs-z7xdlg0CudWYQP83ZcrbHRkJv5xyRSnHLj5yWmaTFxFl0hiDjTGYgREmHWIJ6TFotm_SGgurgsZOY6FYW2QfLylZgvNJhd6vfmcH7MsAwkyxN_ZYWfwcpj52XBWS7p8eWf8kA3FUIeLsY-C5WYBkjs_Mii9LntNiHs28YX0jxzcow0879HEVf-3WLGXY5QyQBEMjyIqAoPnLEf6gcfdC5u9E6H0RKGz9HW3v4ZM-ClZfIbTTvAqBrwSsgMcCZHy4fn1dqEbspYzsn0V2iaVmI0SICHEyXtH-8Dl9ZpyYPgXciMLGQitSsBWwSvPQ5XoBbwTd488N5BXUrB_cUmMXxbTpwY3bkt48EnGjYGIu9UUhajvyo5KMsma36VCiZKn-gxZToPtGP9hWI461vjgXTVilrlmd9upN69o-jjYf7_E-LmQK-QoS1p5_fDtjIeREeyrwtAL2-XXJlLGe5gMst-Qh3rhdole-SJA-1CHeQXL1Ey3X-NpelJQSvEDgNePZe4wdoxSfdHAU13E3BiozNsNowe47VHK0SrFMpGlJOZ7kKa83ixFWCOeUZIdLSdvOivfhP2aIPNiPvw5ep0nMYbz66-Jbl2kDRKcGfIf2GUe5Uep8iLkLycsUefAqB5sPjQKv5f0V2eec8y4XNoDKoVZ6EVEUMS1rTcVH1dXOXwzwBhwysHYsOhgCJp1W6UZQF2IHCavjayAtypXdUp_2DR7dgbCFX-eLgrElQpgTjWSXLOHu1fAuBSMqNU5AHcSHGtds2yB6lPCj144hUB6leL_T2OuM-8niYjSEUolzjRyo8zRI-YGuj8s06
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E7C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstq4TAmjcrYyDsRVf9kHPcDYAog5VSEXT0povHxXoHiDhDML19bOPrJuMEVYWLJSXBlgSiXEchOfbN_xbJbA-LJ8IKhydebe6Aeq_SSweJ32M4_K2L-SHo7emKXwJWucF78YnSRDOVrxG_d&sai=AMfl-YQ680gEaXra3iO2jnp-o0PpQ0FsKVU2fTriuSfqDmbQJNrBot5yUMyOplnW3VA5lcns1hEjXTgDYcttqzq756WiksZOwNp-fDSpdyWAwKyQfm7Q1xH0FloIfaFpD7DZCvj8LDbC9Q&sig=Cg0ArKJSzD-ei-5CJ5SuEAE&cid=CAQSOwDICaaNDUl2pED_dJe6gNmudB6nkHa8p_MBfmKwSeSEcjL0Bh-LJOt58ERnij9mN4jTXKK036XQFppUGAE&id=lidar2&mcvt=1024&p=0,871,90,1599&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=243108928&rs=4&la=0&cr=0&vs=4&r=v&rst=1701436624026&rpt=369&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encoded-3.m3u8
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		1 KB
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/encoded-3.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b21e1e2e96c871c92bdabb5020c620a1e2c0a48fe83fa8a3f78a1182008c738f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"2c6a12a329ad60f17a912a0dd78d06ef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
253
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame DF6C 		752 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
267678
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
246766
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Tue, 28 Nov 2023 10:55:47 GMT
Expires
Wed, 27 Nov 2024 10:55:47 GMT
Last-Modified
Wed, 15 Nov 2023 19:11:18 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 13:17:05 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 881C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 01 Dec 2023 13:55:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD7C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuxiYz9xpZcmOMs3T1PIPu72NoAwAAAAAOAHgBAI&bg=!kJOlk9zNAAY3kmNgF5I7ADQBe5WfOOFr5nLm7VvJI1UnKMSkCl-Jfb4qVy_5GcrDlZZmjPU8fWVfwNZ0VBuKRNYSQdUnAgAAAPJSAAAAAWgBB5kC9zS5yO2p9BdABX8JVnjZw1o3t6PkB8C8Wcv5m2VA5nbDT7NmgckK0tncAT4qSy5zIXmYuXHYccP-lAsl0jy7gqXJbStAieREVbn3R51HG9Ii_OO9XhZ19lbjyqQhwQCpsEQP7eu06Tk6ULKiiY0TE7oTlH-iMwf1eVRkBjTCNmCVtT6IhaqNKjxaeVP2UAswfRa6DeVIt1Mrqmu4G8Ws0cNKs0cyAH6WyiU1w1IdJaexCQ77GoZMOBZACS4vBdpcrwlzdd8pO6vove0X4pLPulMMSLvuRcvlu0jHo1nGZpLxTmuN263S33pL_N2yVu5PD8jRXQdhuOr1dwueqgdBLAD8zWw67pU-ksrWo1LVYAEdSQYJcrPVc7Pk7TdDS0xq3GIkWJdGKF6nEoqHY0sNkzj-70hCVmHwwqbOnAknulFl5mhMpjo5lMU1hpm8r5MvjMM6kYA6pmpgz9E9ayHb0yZTpvUC15x6MBY4symG9r1KeSyXUUpHOmem81KqICIOFn_r8fe4t-eSGZnLYCIT1NXzMUcXTRM39lQ84xSGkeuGXeG41_Y1K_p2KTZjcRF5NG0w7hd7xMFl1_EnOGg8SnTf0oDpfW9PJggBcoG-cJOZll0PA_gpm39-TEe6KUd5xdlxBY2hlRughmKOit0KTRypXppzFj4f5GRd17axGVr5bhFnDDx6rEVT3weojZkcRdrACYAJZDCg25B8odZzhwxKolW2gdaMdGDxZmwAaET-zBxZ-kFI9AWIQpJ3zJUCwoNSigjoejaLpfQPokMdeLCIECAr-ml0ecvYsGDWNDv-f_OkQcmILqshvovNxfny0rS9V3Ej3Hda3rawutMfAMv2M6UcGaiOJEsq9VU84GSAzcLmYT6_A7ivFcr40i9X6bs1G7iwRL9FzOx9PLDtDEulRW_Tae92z-61VYqGo6hfo9b2vnrFwV8my43F7U4_xU7ArhxKUHSCyVsbnaYszvQo1lwiOzzchPhbbTyWQxDrYV_RwJWiRQ
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAMXY0NxpZYi6AYTegAeM8pDgBAAAAAA4AeAEAg&bg=!p6SlpOvNAAY3kmNgF5I7ADQBe5WfOCGu3sGVy1ZyVhC8TnlGsXjl7m8aL3kfsGoX19fHfIlj6fBVNpk2vAvDUAHqV2b_AgAAAPBSAAAAAmgBB5kC_-OO4hS0nmFBpLkXWPqzVwoz4Ng_HqMjVftr25eKDV308LdEN7cAqEirZLbT-kMWzVuL1mSJ3kzNqjh1M14rHEWmLmqAuGKYdixJRZZ706dfKJ-vKNLzveGDWdQAn4F7aHUr_Q__kyeC5t8MbNSlNcJzrv7dQE259fZ-TapClcNrwvHay0ThQlGqK_Y4MyR5KBazeiuAWFbUg3E0J-XrxIDNvlpsA9sJyxeIVpdm5dCaKJO9TIsGeQMl_YFvoljBDae_J4g2tLFab1uEhr7fR82f10wCKqisMgJy-z_V7XPwabwnmO6FfKXKjdr8DFyptZoQgAAK-1USkPVKo2ayxhmQY57URLLb1WR5XQ6V-bU91hrcVGpZMYeoQmxxQIHm8xXm3LefKFwO7kT_aFVniZ0L-tSGc9gWsb_ZoYV1uMWynEX-iYzir_NVrnz9l5wlabkM_-DX0msFHXfqwTuya_EyyDKqsYO5V5DZgVg5S8_SJQOm-9pq4OqhD4QGUSWVjsarZLyCvJZJ0tyXYn9EmorKcrPEkCD4rYMiQYzsk3tFdMcc-IvzRfR3Q5CFp6Puhok2-TVhS5m2UkgwDTAWpLM2HAIOq8cnEYSfbBjvjKdKA0JYcrdrQxnf-iQN82LdWvNMUUYDI0Vphq1U88lNE03WluZljGED0xbUgtbNsaTiTAN3EOZPKGtNFD7E7l_95vTpa2H3oLtOcOT5bM9KIimer2P2GugN7r7aJanQUwxmFwbnQHbbWKPqDyMmhl-oIruomKGOQGY9v9cgq8WqiMJ1ltJJEaV9dIzGohN0VibNYjseSrH1fFq3QumMWXjywM0P8LXvpjZx4Piuj3gXPysEYzcA1zQB7MyzjQ3hhvbL9k5a4RZh_ulULMD4BIfLQg5ukoWygNYbwyWXEyyTG9qreReMbFViSw4mDlFE4j0zgbdJaPjFl8ISDlGg8FwNKOXCMM4_b-dufv3f3_95in1g-l8D0V-3H6u45FIwoal4zSyUHxqbWWpbEvRbTdOA
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file_3_000.ts
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		367 KB
330 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/file_3_000.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
be4e0938b5db4912fb5cad602ab950c4796be10c84c2c2b354c2f29cee3af245

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"a7b839bc0eebe697129d64b3afea014d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
337037
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bsz2Ez9xpZb7uIsz6x_APtKaB8A0AAAAAOAHgBAI&bg=!nJ-ln9DNAAY3kmNgF5I7ADQBe5WfOCEUSx2F0hJr-eEsNd2p4lRMLny0onIaaSckV1S9cMdICxxVoChn_Z2psuBqfrojAgAAAPFSAAAAAmgBBwoAjLG0RiPLnu7ozzh8tYVYNyRss8IE6_6kqKgj_XTXNp2nYIBnbLvSodW3LawbxkcqIvHO77rPzzclGZvP3XInYR5TGPs_G9qxU3BITz9GvGGyLszJ1596sMSvM4ocDs-KLs-t1sleuXsvXuPRnFw1nMqgwkryVRsiTPfErqpCvclJSM4PL-8_MXu96QJrmQL19ql3m0EHpr4l0nC_YUIYTTtmlzIEHamcD5eeg0ejZ0H-kkYcAgGygnvfGaXD8ejOEhY7k3kiyaB9LA1jURVgV62MvjTb-6LXRiPojwP-w1hwGiU6PFpVeECtpCuRz6-eFpa1Vzrl43TMUjW9vYB0tVAZBjNGOOMfaSR3FY8v2A3fd0tZdKlgjembjfjyZw8ohAaZeOXvPI9KvC1SzcHma_6p6t2bLA9836Kz14iSiITZYM2eFg_-yl43Yo_TO2E3spByzJJ3khy8-jdOoCNh-esb_8z_9lbi8BRv18yGS65RW8-4Ry1cKoXulSj_IR6mnjK45OKJN9NRFXFiIIQ48RDn5utRrcXZDROPIzu39JipeFJV6UIqFozIKc7Ow9jWUmkjCNw005r8UmA2cjGsBRaAaPvLDJBF1eS-d6z2f0AghqMW68DXIuZN3sSVKzabRYozW8Gkao56rdrZVS4OKy1vALEOyp4XfcGRrHPxrL2W_trjs4TnytxFdiJoLJrhGszQwL41s2dpGzy_OfB8QRQ13Mzr8GOqjo5vo7EkLd8tdTi154YqGyTRA3-8ZqPED3iImk2YWi6hUb4G1liaK9v6x2QkFfksTeGJ4QOoJd_WLXpsVNw0nhUsxHREPVyqhOphGOQmq2M6exLSvmjtd_YswmOyWGqRTIqMkjGnDKm0k9Wq3pqRXxm3svsVfDHNNUx1ssmLRknrgiudDLenFEQo3FIQZm3MtQzkjh6wiEv4N5nL3_Q9yjoHwU1baAVEXsxoj0-zGp4fDgZENl0WT2D7AB9btnwePvo8bQv4IfG3CXt-wdj2TCrmBurByPm4veVUcMtCCleu_22S0xJ2jkiPZIdXh7gpEEtK_Vj49no0FHrg2ni3BgiK840iF1phNqYrs_VBk7DERAvmAHzfgGR5DU17xwUN9_d7ATeW-1dayRzsJrO6LFhDJFRulGXsPSiCQKlAM6o5BUbDMWfC-IYEJ7QHuWjVHiuMAYlRWsp0bkpKeQ
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encoded-1.m3u8
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		1 KB
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/encoded-1.m3u8
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e1cff8c955310d168be94ef5a6d30914944cc12b7ca1a7a75b5420c01d7db7f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"a3f8feb4ea955fd69d87ba0dfe22b952"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
253
gen_204
pagead2.googlesyndication.com/pagead/ Frame B50E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BV10q0NxpZbiPKdGtjuwPiP-n2A4AAAAAOAHgBAI&bg=!8POl87zNAAY3kmNgF5I7ADQBe5WfOODKlNFPOQsMHdWROIGQj0IdHhM0nzdgwx9e0ndOINnGo_ZkiJrjB1V-y_j3YwbbAgAAAN1SAAAAAmgBBwoANyFWv9al9Nx8RnQAc3-wzVc3TPGf4Dor5ocW8MUKm0Vyi3HvRlp5c8KlCDHVpTEwdfCOMBSL8pyZAwpeC14XTSiJZpnQaGI2mx3gJV7KwvAVNwQQk8Mx_GqwuOZ6BgnrVUMDTGD2K95V-MnUunh2u6C8C0kdX9TXG4FyrvtknRYBvKI4wRj2fm2-REsroMEbeLjsUrUhGnORTFd60DUSP5LZbfk_yXD5YBsThzKgRT4GDbO5rY9lQQTK4XkEHCzyALADRM2BcF7PS2hAMaUe-6zvfEWll_KI8RaOZhsT1-kgHDUhzNhXKhJB2fM0_1tV17_AF8NNp6noJg4xa3mQgPMXSido7QBZJl94P2Lg-HmYBvJTBcEpQKYS1n08POxLb_4iI2aA6jGgwOoZrk42XPxmDeGiVZrr4xt--95qpyGoqlvUFb2ET8TihTORprAxN5C1jJFGr6urRfU0THeKfEroVM2WYBxbfb-S71AwZRgllZF7oqoRywL1lfzP4_yD_W_gxvAux7dDRgtI7-FMX611Wfn8D7J9BmgSyukBOzNT7XGVTDxdVTqUtzujRk-VJpSU9dlPS28Kxz0Ub-8QS9wS7gXemX7dKELGQGc_okD1ah7i0SYrTIRLvPPRZ0cA4X6oqWOAIXpzIVWIqP-Q55hsz3sqK7fttadeYKKpVUYfQxrq4uIDV1ZDDNtr9Or5prZXoYHl83LZBuQYsGiNXYn0WEAxRlB8gj7q1csrkSbH7wJG9lXp6eMgi0cU_L35iwGmtEi4O8KBdjUF1IeYLatj7mH27QNmbCJPmZKpZDIJfvckjIArOmYUwNi7gnPpGAJdm85vVD-YS2kjpYgX3BgZD9nUl9IovvUYNDqtCfbNLFB2jCKwwJdoyMxWUFM3UAS1BwEmCQglphcJa7PaVVm-DvX9anVBClqA4RoeYfslEDE-RNpr8tXsAVEDIuQhq77RNy5T2vevdhSLfpzHOxsuzVw0WN0DVLznTvZi6N30NJfkqxHztVxHhM94wFY2293OG8PiO5Sn20wg-G1CHsqEnTYz3BcAprHfX73RUhlYW4U9712jVAapLzLmce6WsXue8u0RncA8rqasnRBi83s8eaC-
Requested by
Host: vaughn.live
URL: http://vaughn.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file_1_000.ts
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		549 KB
514 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/file_1_000.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1b579aaab35b78bb15a1265ca516443765ed2ea702660e029d664f58f747865b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"fb3b7f31cc9311ca9f00f2b68a72c117"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
525287
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82eb9bbecacf5d45-FRA
content-length
24
content-type
text/plain
date
Fri, 01 Dec 2023 13:17:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GN9MCl4OQy3HXLrNzOGV7bkmLARp0nrtHdEktLWU8hICpgpJCW%2B70YP3XkO2YrmhaEREaMDD3XNnrMynvB8kZBUkJE2gtVSG7BXJkKTwl2UQtyLCHvQh%2FBlYvggvSxEJiNQcwc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-09x9
rs
ad4m.at/ Frame 1006 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be76b28e2ac2553c07293f828a1d161f6f0a9441c5ad9ccc29879146563a49a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY6u27Rxex2%2B6kl5RVHoaG%2FsjIiuUV8aX%2BEiOQ2Jn3K091MMpEBgrLa0kByt%2FAxVLf8oEgpmk3LLc%2FRgg6YgOz4YCX%2Bv8wXejgv%2BxwaXxfgEaZCMCD8LjF8zLkZuQTkDdX1bu1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82eb9bbf0b135d45-FRA
x-backend-server
aa-reachservice-group-europe-west1-09x9
alt-svc
h3=":443"; ma=86400
tracking-event
api.webgains.io/ Frame 8B97 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:05 GMT
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a0bcd38b12dcd6243e1f4cebe666c1231448a99fcc5711d37368e0e1048f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12413
x-xss-protection
0
rum
vaughn.live/cdn-cgi/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://vaughn.live
X-Frame-Options
DENY
access-control-allow-credentials
true
Connection
keep-alive
CF-RAY
82eb9bbf2c9cbbdf-FRA
rum
vaughn.live/cdn-cgi/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://vaughn.live/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:48b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://vaughn.live
X-Frame-Options
DENY
access-control-allow-credentials
true
Connection
keep-alive
CF-RAY
82eb9bbf2f7271dc-FRA
ads
pubads.g.doubleclick.net/gampad/ Frame DF6C 		127 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F170737076%2C7882738%2FVideo%2Fvaughn.live&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&min_ad_duration=15000&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=251920186370514&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=2948452029&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=BA8CBD2F-B85B-4F55-BDD6-C63151E73C08&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=http%3A%2F%2Fvaughn.live%2F&dt=1701436625788&cookie=ID%3D0aafaef5899ebb5e%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MZCx_ibCoSLKzIu4Zxk-k5zieEuOg&gpic=UID%3D00000cffbe6d0568%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MZMekaODupxwrlOmrltkrcKY61_aA&scor=4497772080639547&ged=ve4_td4_tt0_pd4_la4000_er354.611.507.911_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c81198aacea8024ddf3470180ec7666da5bc9dc0acd42d191187dec64f192464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24893
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
bafcdd37-99b8-4c82-aa74-038d540404f1
http://vaughn.live/ 		267 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://vaughn.live/bafcdd37-99b8-4c82-aa74-038d540404f1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1042d1b60174a99afa3cbafdeec59701e6930ee129d5a837b7001538df09414d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
273447
Content-Type
text/javascript
rar
as.ad4m.at/ad/ Frame 372A 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3581602f31606f43681762569c02996407d2d3b0407b54df838dcb37d18360ec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k9qyzj3jn8y71em9gmcqkjc9vh1enx1pxbfvywhs8w2ay5gtfr3qvveehcwhdzm2mr9cpvghv6x1t9asrqs87khw7hzbj0he2frxxtw2w5jaxfwk9mb09acb4q4r1fpyse81596spewmcs4etteh7b9agtkcffsnskg8qbbt7prjwbve4gcsm9xgxghrghy8xyqc73vp4cyps44vxqf2mf7kvr16kr1wbm65zd35g02smvy151qdxm68jk5rxq4tkpwd9z4ehc5mwnycpfmtpz8aegnzq36zn8rf6djda1ncx3cmjvyqjvk6093a4n7egbt2xv39aqarc7x6mg9syn8z13xfqyymv3h0v4tc15h1bh19m6te61ynb2143h5dd0ecpy8fn6bbe81hhcre31q2h1g1xjzagkaxy376xjs52tptra5x5ntkarm5resdrrvqac8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%26num%3D1%26sig%3DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%26client%3Dca-pub-3565385483761681%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82eb9bbf4fc0bb59-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
file_1_001.ts
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		764 KB
727 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/file_1_001.ts
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ff37c18dadaa98d22a3316f424752f3947bcd4c4b122a4cf7baee7a78bf389e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"0f98fa774628cc0f873dbadb6399d4b8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
743586
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 13:17:05 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fvaughn.live%2F&domain=vaughn.live&cw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://vaughn.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
195477
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
247 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
http://vaughn.live
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fvaughn.live%2F&domain=vaughn.live&cw=1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
173817
expires
0
f
fid.agkn.com/ 		0
0
prebid
id5-sync.com/api/config/ 		135 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
isyn
prebid.a-mo.net/ Frame 3222 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 01 Dec 2023 13:17:04 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame 7FA5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-15.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16199
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 01 Dec 2023 08:47:07 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
x-amz-cf-id
yGQGdSZDR8IgdMmMyvFCHY45A9osN94bi22S86GmgQG74L3FkKcxZw==
x-amz-cf-pop
AMS1-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A390 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39003
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
Sat, 02 Dec 2023 00:07:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame BB98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dVaqIEv0Cr66eeaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
server
33XP019
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame E8BE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-187.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 01 Dec 2023 13:17:05 GMT
ETag
"623de86a-cf34"
Expires
Sat, 02 Dec 2023 13:17:07 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4F17 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 13:17:05 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4B1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13385103
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 01 Dec 2023 13:17:05 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ams1
sync
cookies.nextmillmedia.com/ Frame 1C11 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?type=iframe
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.189.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-189-170.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2981
content-type
text/html
date
Fri, 01 Dec 2023 13:17:06 GMT
server
fasthttp
usync.js
eus.rubiconproject.com/ Frame 4F17 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 23:38:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37341
Connection
keep-alive
Content-Length
13236
Expires
Fri, 01 Dec 2023 23:39:26 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 372A 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1680751
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZwfC%2Bl8XoxW%2FF%2BumeKqlpdaY9MWn5mJ6lZwjS0rrDOz3SX3ljxn8myVbtShXJmTanPGK6QGdm8stbU%2BOzWe5b68dsUJ%2BQXRIkiW%2BwfI%2FOknwqWEkisvmuuCxWMlSPHjV4u0k%2BeNL90%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82eb9bbfa832bb59-FRA
expires
Sat, 02 Dec 2023 13:17:05 GMT
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 372A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
299827
cf-polished
origFmt=png, origSize=5231
alt-svc
h3=":443"; ma=86400
content-length
4680
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:43:53 GMT
server
cloudflare
etag
"f16f7910a6ef14de318e485901cfa4a3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZIxWXxIqWhVG%2FdMEA08M%2BcRyjsuAH1MBXMcEasYV%2FDI1zb3Cc2eSHXT2RG13WM0hsnh%2BXfb2CQEVUdg%2FAXxI8%2FWulyrBujPG%2FjSF8VesKuDMzwsbaIDo4u8Eb91cAcN3q74uAgOJIhCuRr%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbfa834bb59-FRA
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 372A 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b170f93a0f60699bb90efeeb218ef113e88a1025522c3a3d2e297f3540d895f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
795372
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29459
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Nov 2023 08:20:52 GMT
server
cloudflare
etag
"3a2c3db25419881df77e88816547f105"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkcSW77fgUhbjic7e4EEc4l5JZ8i0gzQdX9UsR%2FnPrXLi%2F%2FxMPfH7Wn%2FZMJ84Q1m3L46OQ%2FBnA%2F%2Bovy6SGTq6ccrKLAP1FfHZ7069Zu%2FIYqR8EbYwayD53Y7p%2FMb4URWpjGujk247jVk8SfH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbfa836bb59-FRA
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 372A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
835996
cf-polished
qual=85, origFmt=jpeg, origSize=12951
alt-svc
h3=":443"; ma=86400
content-length
7758
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Oct 2023 22:22:01 GMT
server
cloudflare
etag
"12e3523b35b31c7ddfe7c77dcdb14a34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX9ab%2FPWbEQfsOuKpn%2F9BN6m4KxynI42tgd%2FHT6pewKfYyySW5%2Fe2FFdm1E8y2OzA50cHROCYHBUYn2algUVIK%2BMxVI18jIqVMJqExRqgj2VTxggVv%2Bcg1ug4i%2FlNM7pkFroNsDGM0XX3BPx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbfa83fbb59-FRA
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 372A 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120172
cf-polished
qual=85, origFmt=jpeg, origSize=23329
alt-svc
h3=":443"; ma=86400
content-length
20802
cf-bgj
imgq:85,h2pri
last-modified
Tue, 31 Oct 2023 16:54:32 GMT
server
cloudflare
etag
"e320c43993ae8577c544483e96756c59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKHggitnIabKixC5Z7CPnOvwmdOQMjeGxl0lZUhODTRkmkalwUJPpPknJnJiIPrEk%2BCJiiZyaKnZyy1zAF15A5VduhA9G3H6gu8qpsvBRUGuqrbJKNREDpY%2FTOOeZQA84IrysHZ4gCp%2FOlTx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbfa842bb59-FRA
/
partner.o2online.de/a/ Frame 372A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPaDxq2p7oIDFSmY_QcdeXoDDQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:06 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date
Fri, 01 Dec 2023 13:17:06 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 372A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837264
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5cmsnMtvdDYA%2FGZiPUTOcKH5miDcSffPuT4rGPw9dN3QdgosEZ10NUMjSnJH35octR3Plf7c8zpv0cHwi%2FWhS0p3V9oEF%2FbioMjyn7QH%2B9nFxh0rrcXWI27fUcvDgMVBdAnC6Jsp5cyrLZ4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbfa843bb59-FRA
E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 372A 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108303
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31793
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 07:48:34 GMT
server
cloudflare
etag
"ac24017e395215a412b39d1cdc9c2ad5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev9xg%2Bbzm6S7b0ONDBqutF0Q4SMjrev7%2BJHZaQ8qlCFcTrB5wpQZZBkBf1GMxKNCZalWhXOiwy3O9Z286guIUvw7U6CcJTxWl9kdBxsFWwfFO64V3%2FLnvoaCRjfv%2FY%2Bl3lHe8B%2Bb7mG55BJ5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82eb9bbfa844bb59-FRA
ztpv.php
www.conrad.de/ Frame 372A
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1701436625_ec7658f0-904b-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1701436625_ec7658f0-904b-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
82eb9bc069cb4d7a-FRA
content-length
0
expires
-1

Redirect headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1701436625_ec7658f0-904b-11ee-85f5-22347f548c7f&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
khaos.json
token.rubiconproject.com/ Frame 4F17 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Expires
0
async_usersync
ib.adnxs.com/ Frame E8BE 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
an-x-request-uuid
c2320fd6-f0e8-4a71-a1f5-d10f05e3798c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
13926
g2.gumgum.com/usync/ Frame 4875 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.46.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-46-191.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9cd2a003e15ba9418fff5cea8670b9cde97284e405b253acf898b451070f2dca

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 01 Dec 2023 13:17:06 GMT
etag
W/"0052002364fa9b32b339db97a5edc6461"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame C880 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D158 		887 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b173f9a2c3edc6b91c982290cb74bbb983639565e3190ea30196e7b9af1f5062

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
887
content-type
text/html
date
Fri, 01 Dec 2023 13:17:05 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B078 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8025eb05db107166999cb2700637739ccd64a60cba54c455472cefdc9792b0f5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82eb9bbffcb23731-FRA
content-encoding
br
content-type
text/html
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTqFtsZ6zIjddJdtAVPFy1K46TABSCEcQKYi%2Ba8W4WCLcJk%2B%2BhpBDn2rHqrLLtxm5vGxqbQBFkfpSrfM6m%2FVxE7k1sosIIU1ZKNHE5Q5MtnRwt%2FquNijildQo8RUyuUoakfbR%2Ft8BZiM9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E2A6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 13:17:05 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 01 Dec 2023 13:17:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 17ED 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39003
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
Sat, 02 Dec 2023 00:07:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 13CA 		0
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:ec00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 01 Dec 2023 13:17:06 GMT
server
istio-envoy
via
1.1 45f8047ab98fa87807d2f5362a7fb75c.cloudfront.net (CloudFront)
x-amz-cf-id
ZvIqyw_qLM0Ol7mcWKCwDQXDpDmrKYu8EdZFIZFMpekrSVQ541XH9g==
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 091A 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 01 Dec 2023 13:17:05 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame D13B 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-45-225.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 01 Dec 2023 13:17:06 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 7FA5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5657527055004491837
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5657527055004491837
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
an-x-request-uuid
c8527a1d-7df5-45b1-b734-03829123b48f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=5657527055004491837
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7FA5
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Hv5dsRZHEuMUsCk_RyuTHmln
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Hv5dsRZHEuMUsCk_RyuTHmln
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Hv5dsRZHEuMUsCk_RyuTHmln
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7FA5 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Dec 2023 13:17:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 7FA5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=19691427
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=19691427
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
etag
RX3c440b4c87b24a2d8dc3008fa08feaa1003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=19691427
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 7FA5
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084928632915245
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084928632915245
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084928632915245
Date
Fri, 01 Dec 2023 13:17:06 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 7FA5 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-201
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7FA5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Fri, 01 Dec 2023 13:17:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 7FA5 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 7FA5
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-9e4a492a-341e-32f4-aef6-f6905a5d23ec
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-9e4a492a-341e-32f4-aef6-f6905a5d23ec
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-9e4a492a-341e-32f4-aef6-f6905a5d23ec
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 7FA5 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 7FA5 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.123.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-123-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
sync
ads.servenobid.com/ Frame 7FA5
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:07 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 01 Dec 2023 13:17:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 01 Dec 2023 13:17:06 GMT
link.html
track.webgains.com/ Frame 372A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7a5kdpnqqp5ad69yp7j464azm4f3yqy3kxc9fjv83twhyz9ed84sy1x08jvt4mkrj1ejxj6gtekzvxpam0gte5zrh5yw5199jpxwebhbvnaejd7c0szt9k9y6asxd9dn1r6r5hs77vgzc4n41dnrsxsy9qj885zhb3p3q66vwq4w44gsm7c32aqh2hh07j05wzjsj12pht8mgpvrc7y060cvy89rekt6k0fsmhp2x1pa91223wpagedag48c93c4fh8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%252526client%25253Dca-pub-3565385483761681%252526adurl%25253D&clickref=oneidWPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.224.52 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-224-52.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4b9a747aca274ce41e525c01ec7ada9d7ddadf32893c1fae85f87c5f1b64d241

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
last-modified
Fri, 01 Dec 2023 13:17:05 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 01 Dec 2023 13:18:05 GMT
f5bfe45bb2
tm.simptrack.com/tm/a/channel/tracker/ Frame D0F4 		44 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.108.81 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.108.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
44
Content-Type
image/gif
Date
Fri, 01 Dec 2023 13:17:06 GMT
Expires
0
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05BC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 22:16:29 GMT
expires
Fri, 29 Nov 2024 22:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BCFA 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7e92feaab9ffb7b8fb8a50fd6a6e9fc38ab2264cc43a221ba6f228755e2b6780
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6ir1Il1GvDZPqS_6qYRCfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://vaughn.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6ir1Il1GvDZPqS_6qYRCfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:05 GMT
expires
Fri, 01 Dec 2023 13:17:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
725.json
id5-sync.com/g/v2/ 		251 B
526 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/725.json
Requested by
Host: vaughn.live
URL: blob:http://vaughn.live/80789371-b351-4340-825a-1cc2590502c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
037b4008bb5a63686a2e4b6f6c189eca2ae44bf5b0e2ab6a655d3f8e6d2a3f91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sync
ads.servenobid.com/ Frame D158 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6487503489310055869&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
wt.rqtrk.eu/ Frame D158
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6487503489310055869&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6487503489310055869&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.71 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-006.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
1
content-length
43
expires
Fri, 01 Dec 2023 13:17:05 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=6487503489310055869&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
9.gif
id5-sync.com/i/102/ Frame D158 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame D158 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:9a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:16:10 GMT
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
age
55
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
rMayL0UwZ4oMDdkZbaBfebs3DMUNCoYRu-ODhQdH7rdUUn-PDjxS7w==
/
rtb-csync.smartadserver.com/redir/ Frame D158
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4245d9b8-491d-43fa-8949-df6b3e3ebe89&gdpr=0&gdpr_consent=
43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4245d9b8-491d-43fa-8949-df6b3e3ebe89&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=4245d9b8-491d-43fa-8949-df6b3e3ebe89&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
824496
content-length
0
expires
Fri, 01 Dec 2023 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame B078
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWncz8bzbm7zKfdQm559AwAA%263236&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3116653336272240409
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=0eadefce-1820-4165-86bf-a6d08204b375
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db45f2dd8-9734-4e6b-b334-61e7609...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928632915245&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Db45f2dd8-9734-4e6b-b3...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&_=1701436626.670165
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&_=1701436626.670165
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Fri, 01 Dec 2023 13:17:06 GMT
via
1.1 fa63af50c0e4f34ddecf2b2d0dca224e.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
AMS58-P5
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&_=1701436626.670165
content-length
445
x-amz-cf-id
gWXZxvU0ALMddDHbdisyVnLPfiixk_vgy8RgCtvTTK7o2UMsWLSJhw==
ZWncz8bzbm7zKfdQm559AwAADKQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B078 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZWncz8bzbm7zKfdQm559AwAADKQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:b946:ae1e:458e:a1ae Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B078
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5657527055004491837
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5657527055004491837
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lIdhnx3eJJLUVihI8Lr1qQRqaFeAB8n9XfJDVe1sdBO1wu2DXBuRLmr4Z6B%2BQdR%2BA9Z7Tm%2FYkh8R71oHX0lGRNfWl%2FyzT7OV6i7uNnNvOeufPTp50OBUpzzMxT2LVXP3SmDZaVI%2BZDc7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bc0edfc3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
an-x-request-uuid
525c54e3-e68a-4a68-860e-ac75235a319f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5657527055004491837
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B078
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=39f1249259da198312c99b8dc6669&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buse...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1031_7309306953232341845&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?userId=AAB3DU7K07oAABORdvDpVw&dataProviderId=817&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1701436626128076-516
sync
ssbsync.smartadserver.com/api/ Frame B078 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
content-length
0
ie
match.prod.bidr.io/cookie-sync/ Frame B078 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.22.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-22-123.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B078
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKFoyaTTSzOzVqufNEeJ1qM&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKFoyaTTSzOzVqufNEeJ1qM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rs2%2Fcz6%2Fw5O1GSAEirQfenru4NhA%2BYF%2BDZ5gwqn3mx2X9PRYpUOmEgLm4W3C%2BkY3RSu%2BK09bRYZbbLOsyCw9CHg1QavjnQ%2Br9PxM%2BYO8jcNptQUikkzaxaJjdml24AU4Mv4p9WjeSPgKKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb9bc05d3d3731-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKFoyaTTSzOzVqufNEeJ1qM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame B078 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:9c2e:6bf6:2687:8d4a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
sync
ads.servenobid.com/ Frame B078 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZWncz8bzbm7zKfdQm559AwAADKQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame E2A6 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 23:38:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37341
Connection
keep-alive
Content-Length
13236
Expires
Fri, 01 Dec 2023 23:39:26 GMT
khaos.json
token.rubiconproject.com/ Frame E2A6 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame BCFA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311280101&jk=4058331024228082&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 05BC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
pvClk.min.js
analytics.webgains.io/ Frame 372A 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7a5kdpnqqp5ad69yp7j464azm4f3yqy3kxc9fjv83twhyz9ed84sy1x08jvt4mkrj1ejxj6gtekzvxpam0gte5zrh5yw5199jpxwebhbvnaejd7c0szt9k9y6asxd9dn1r6r5hs77vgzc4n41dnrsxsy9qj885zhb3p3q66vwq4w44gsm7c32aqh2hh07j05wzjsj12pht8mgpvrc7y060cvy89rekt6k0fsmhp2x1pa91223wpagedag48c93c4fh8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%252526client%25253Dca-pub-3565385483761681%252526adurl%25253D&clickref=oneidWPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-14.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:26:59 GMT
content-encoding
gzip
via
1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
75012
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
eC7jw-ZB5oHaTZbXWouwDTV0gGcfJQNPQmzgjh3JvioKG9RM_QLnMA==
1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame 372A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1701436925&Signature=N74knRdNQTWZ9kt0D8XUwfEKQ1IuvDetT00ueAPItOPwjhVm5VVN1CFXE1gY0T1umQvL6-iCtc9W6PqbZxQtEiXRZ3e70ZVoyIr9FdBH2ln3lW2aSQMQwJXr4pcppWA~TnPR~0lgPWSYyJ9B9VRIbkwse3zJp5w~2c4eKKdi~nzXC8FZOAEaSf0Nls9J9V5Znhtko4uE5IF-WxNJ~mQp9O0hkhwy8U0ac-gzUFXyNsDV7U-GOXxlZ6fDJTX8El4U2gWwvRe-EcOtyguaXTr-c8ZMAe6g2xSsoql~IHAL~2mj9uJxQgEDOlypmlbdgneI~1-uPJ1rNb29ew6opvf-Tg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C23576%2C537178&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=451d1b9b7f9402239a5337f60742f37a%2F16889705490450659156&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701436625773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4dgtmv6456gd767excp5b1jqg23qqygkppxawsf82as52r8x86v94mfga12hmrh8na3eem4n5c6zmynqf8437h6tne0hhfknqnqvbjd1nv8ysmnw94rqxjqms1qdrg8etgsp1f500vmxkywjh2xax562mgbqx924rrxyr63vryjdxz1mxbmv7wf5yxq9pc3r6c5vjq4qbh0j2msd2szqz5da19ek55afkgfq9kezygg79229g70mf2cckdrsxck6y82zk89sjmrvy7za00hg4a%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtSnJ0NxpZb3rB5nh7gP8_6iADZDhgYRctqjCivACwI23ARABIABglfKLgpgHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSHAk_QEQRRUUUfn_7kfwdniHbDlpCru-6Y5lq_cZkjhqY_Jqvz-78kitDuQPRXtVszHuz0uSv4DqMVAl8jmezhxDUvk4IcrZrEgcV_kCNEmDkCOpp2ak0nB1q9AC8oEOs7CaFpsnY_TRlb-FhqMT6KEMzB5MpLFraw2Xss2rqMeh-GooVht1npKjZkKPtZcDy-sBMnv0jBcQ3wdO5FfFo5_NrtAWvyDdCblzEQZAAK_7E-mCDqH-6gZdeQXTdQqCo3RVq_5h8U6ZSbxrTNUhj52LDR_-86v-JTeXEdShiORaZDrMCesdJnd94MK76gX8jS7BbDocBx3_WggFkE8JskFDwAAId_dGL94AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WILbzayp7oID-gsCCAGADAHiDRMI-YbOrKnuggMVmbB7Ch38PwrQ0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2U3g1t-7iq8w4tTD3kNgnqZtVRqw%2526client%253Dca-pub-3565385483761681%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-21.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 01 Dec 2023 10:32:36 GMT
via
1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:42:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
age
9876
etag
"252bcf3942798a64e6a899b7c6e034d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5216
x-amz-cf-id
sdSzP-rN6tu1-naKHAnKOhkW39D-4jYQI40nRQP4phwqr0fVaKYvLg==
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5657527055004491837
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5657527055004491837
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
an-x-request-uuid
487ac0bb-23f9-4d66-9a8a-5019e7c77414
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5657527055004491837
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 4875
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=mWcOA8sxXAqCNlwCymAVCc00CguCZlwNnTAt-qhK
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=mWcOA8sxXAqCNlwCymAVCc00CguCZlwNnTAt-qhK
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=mWcOA8sxXAqCNlwCymAVCc00CguCZlwNnTAt-qhK
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=3f91a1e3-ff61-422e-a03b-d7e78e1828cb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=3f91a1e3-ff61-422e-a03b-d7e78e1828cb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 01 Dec 2023 13:17:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=3f91a1e3-ff61-422e-a03b-d7e78e1828cb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e4cf43d9-97fb-5acf-6fe8-f790acff0fe9$ip$178.162.209.142
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-e4cf43d9-97fb-5acf-6fe8-f790acff0fe9$ip$178.162.209.142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-e4cf43d9-97fb-5acf-6fe8-f790acff0fe9$ip$178.162.209.142
Date
Fri, 01 Dec 2023 13:17:06 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-PBP77MBE2pf88nHgrg7AbjO8TgCJT2YeNSTH~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-PBP77MBE2pf88nHgrg7AbjO8TgCJT2YeNSTH~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 01 Dec 2023 13:17:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-PBP77MBE2pf88nHgrg7AbjO8TgCJT2YeNSTH~A
content-length
0
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f6c820f3-c84b-4ef5-97ee-296c59f393a2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f6c820f3-c84b-4ef5-97ee-296c59f393a2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f6c820f3-c84b-4ef5-97ee-296c59f393a2
Date
Fri, 01 Dec 2023 13:17:06 GMT
Connection
keep-alive
X-CI-RTID
aa06a682-18a6-419a-a367-1948b3bda235
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 4875 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=MpklkSCITB8IUsQ76ftr&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=MpklkSCITB8IUsQ76ftr&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=MpklkSCITB8IUsQ76ftr&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=3ba0yniQf0A4&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=3ba0yniQf0A4&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=3ba0yniQf0A4&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-g2vkd
expires
-1
usersync
usersync.gumgum.com/ Frame 4875
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6487503489310055869
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6487503489310055869
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6487503489310055869
date
Fri, 01 Dec 2023 13:17:05 GMT
content-length
0
sync
ads.servenobid.com/ Frame 4875 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_6f8cca68-2cf6-433a-9df2-ef16d259c46a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 3A11
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=8106690664101716930&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=8106690664101716930&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.46.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-46-191.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=8106690664101716930&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 4C1D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZjhjY2E2OC0yY2Y2LTQzM2EtOWRmMi1lZjE2ZDI1OWM0NmE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D2B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39002
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
Sat, 02 Dec 2023 00:07:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 76F6 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 01 Dec 2023 13:17:06 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame 5860 		0
0
usersync
usersync.gumgum.com/ Frame 6D0E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 01 Dec 2023 13:17:06 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT Fri, 01 Dec 2023 13:17:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RW_C23cc6Pd2iet1Eq91096At6HRjLiY7MXolTASLi0&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5E92
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 13:17:06 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
generate_204
tpc.googlesyndication.com/ Frame 05BC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XpamNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.js
eus.rubiconproject.com/ Frame 5E92 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 23:38:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37340
Connection
keep-alive
Content-Length
13236
Expires
Fri, 01 Dec 2023 23:39:26 GMT
khaos.json
token.rubiconproject.com/ Frame 5E92 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B97 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9864159992246&version=m202309260101&ct=77&x=1&cor=2021843440994647800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ssc-cms.33across.com/ps/ Frame CE8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 01 Dec 2023 13:17:05 GMT
server
33XP004
x-33x-status
2000208
setuid
cookies.nextmillmedia.com/ Frame 0ADD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdp...
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.189.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-189-170.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
server
fasthttp

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
server
envoy
x-envoy-upstream-service-time
1
setuid
pbs.nextmillmedia.com/ Frame 86B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=5657527055004491837
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5657527055004491837
86 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5657527055004491837
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=5657527055004491837
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame A983
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_conse...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
86 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame AE4E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26g...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZWncz8bzbm7zKfdQm559AwAA%263236
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZWncz8bzbm7zKfdQm559AwAA&3236
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZWncz8bzbm7zKfdQm559AwAA&3236
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZWncz8bzbm7zKfdQm559AwAA&3236
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 93C8
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=1ec105d6-6efc-49d5-8b92-474be54103e0&gdpr_consent=null&gdpr=null
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=1ec105d6-6efc-49d5-8b92-474be54103e0
86 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=1ec105d6-6efc-49d5-8b92-474be54103e0
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.26.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-26-180.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 01 Dec 2023 13:17:06 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=1ec105d6-6efc-49d5-8b92-474be54103e0
server
fasthttp
prebid
rtb.openx.net/sync/ Frame B096 		43 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 01 Dec 2023 13:17:06 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 62A8 		0
42 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 01 Dec 2023 13:17:03 GMT
usync.html
eus.rubiconproject.com/ Frame CFB3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 13:17:06 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame E7B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 01 Dec 2023 13:17:06 GMT
X-Sovrn-Pod
ad_ap5ams1
getuid
eb2.3lift.com/ Frame 0801 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 01 Dec 2023 13:17:06 GMT
pbsync
ads.yieldmo.com/ Frame ED46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.117.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-117-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
usync.js
eus.rubiconproject.com/ Frame CFB3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 23:38:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37340
Connection
keep-alive
Content-Length
13236
Expires
Fri, 01 Dec 2023 23:39:26 GMT
khaos.json
token.rubiconproject.com/ Frame CFB3 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0c26bf0e0878be6b26493f33577d6373
Expires
0
csi
csi.gstatic.com/ Frame DF6C 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lpmnfqjq&c=3972155198386&slotId=1986077599193&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=mxsrMBBM_yc&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c17::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:06 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame D789 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8576981210480&version=m202309260101&ct=77&x=1&cor=8861699252561605000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 372A 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Dec 2023 13:17:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:06 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311280101&jk=4058331024228082&bg=!ra6lruHNAAY3kmNgF5I7ADQBe5WfOHS0YXwMVvAJQLFUkUvD4Ur-eSECTU0WhgCbXZbcmOijH_-UEt91XbiEW-TV52HSAgAAADZSAAAAAmgBBwoAIrOfVatm7t8tZMQt2s9pxw3E8KFObnUg6hNlWcfenixuBoSZAsjDa1wSXfMHNO_Ua_5qTKeW45Jmj7CteMtYbCsWZ6d5xJUX3Y_-lFfdDkTG9YeAm_R_ze7_Jdvc9QKlSKl_wuXyT5ATP_aCzDfi9_bN7oKQL_QXhNDgFium10DNrym_44ocm2g6i-QW_esU8ajAun3f_KZvXsmvJXQGXAGBzgXzG8NDf3vlMDxi67rSYtOkryJZpx94XYJOsaidYHNlj4phV-SHL-82XnTttepeMjQ4Z_UBykApyvAvf4YvltPZ9RXYuuW38wukouS5gavsJJkt0PdCXJ31s_N1VIw-26Rd_jqKDGBecFs0VbES5yq_WbAOMwuv-wYqQ5g3VtJTAgzrdamB1jv95H3TSO-q2VBp0vtnML7VSxeHvPyUZztflnbx_4eCizWCA7lwnqQp8qzHYaJQ2vNrvNzFE1Ctc8BViYSUdbNFwTFSwUNdl9tk-B4TVKo3gzDzEuYd2zXdkmcwTE4Lq-jTXnzDJQW2a5Fqv0YmxacF2xknTLlBN5pH41_tNJTKdeJBwK7rdywHRip1qJYr-IpBV2-X1tDDUEETy_E5Vh6hPbC9lrEKmzFP8GRKDsU7dfq-SKBQB6dPJG1trN-cFdwzz4gRhOsFrNxR6-O1LSmd-L8IQ-m-Bi3x_aV55p5UWPPD21ru7j1No_o-FPh8Vq89J0xOXq2jYPAx60Fr7wMhLd5xd6-KG41ik--0xOhe9neNDVP7n-toMlOto9arITfkIPnNCkEa_3GcD86SIoSOpSuR6r0rO_K3TxZGPKcm6ADC9wQYKUXJ5ctuTB444COIC1NLSq5HP_7ZY2Z00lNzjiHYtirPI8prMoLBeyhjilhD1qQVs5yk8S9d-Ds8KrW9QpVy8Q5kxEcAdVm3oWSedgDruQGN6f3i041MnBrWiSeBtEn-l6RznK3_EVJAvxJkHonTHiVbnc8H2AI6G59Zp-gG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame DF6C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lpmnfqze&c=3972155198386&slotId=1986077599193&ghmsh_eids=44736292%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&met.4=ghmsh_s.lpmnfqzg~ghmsh_s.lpmnfqzg&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=720x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=aNaRmEyOEH8ti7KM
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c17::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E8BE 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:06 GMT
an-x-request-uuid
52165f82-4af2-40a8-88d0-706b2fd42c66
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:07 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
prebid
id5-sync.com/api/config/ Frame F2A1 		136 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame F2A1 		43 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://vaughn.live
cache-control
no-cache
x-server
10.45.9.155
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame F2A1 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame F2A1 		173 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
885442d0769125b5f69806f7bc6f4576ee0baf20a4b47babe928d47ded2ea288

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
http://vaughn.live
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
Expires
0
cdb
bidder.criteo.com/ Frame F2A1 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.48.0&cb=61865393895
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:07 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
colossusssp.com/ Frame F2A1 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:08 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
hb-mm-multi
hb.minutemedia-prebid.com/ Frame F2A1 		105 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.51.172.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-172-254.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ac076f7b2fab89da4739ffd489b371e41e320bb6056fe434eb0bfd3a9ae774b7

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:08 GMT
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://vaughn.live
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
6565c4af8eb03a833582fb34
exchange.kueezrtb.com/prebid/multi/ Frame F2A1 		0
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.kueezrtb.com/prebid/multi/6565c4af8eb03a833582fb34
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.176.200.183 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
64.176.200.183.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:08 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame F2A1 		145 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3e273b18d28e6f3cce0b8a7c47d4f2e5921416070205b5072a6a2a9746285562
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:08 GMT
an-x-request-uuid
80882375-086e-478e-a058-8c3e08b67760
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://vaughn.live
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.142; 178.162.209.142; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame F2A1 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-124-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:08 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ Frame F2A1 		87 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dfiAsc9o8r7BWSrkHcnnVW
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cb5fbaaa8d84b52213e59dc0462870d01ce27a2a0f97232c385a1cd428342274

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Dec 2023 13:17:08 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
http://vaughn.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translator
hbopenbid.pubmatic.com/ Frame F2A1 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame F2A1 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 01 Dec 2023 13:17:08 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://vaughn.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:08 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ Frame F2A1 		33 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
pubads.g.doubleclick.net/gampad/ Frame DF6C 		45 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22611285429%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_vaughn.live_5&description_url=http%3A%2F%2Fvaughn.live&sz=400x300%7C640x400%7C640x480&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2432393327991661&cust_params=pf%3D2f169f9b4e6a&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=2948452029&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=BA8CBD2F-B85B-4F55-BDD6-C63151E73C08&nel=0&eid=44736292%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=http%3A%2F%2Fvaughn.live%2F&dlt=1701436621503&idt=4241&dt=1701436628340&cookie=ID%3D0aafaef5899ebb5e%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MZCx_ibCoSLKzIu4Zxk-k5zieEuOg&gpic=UID%3D00000cffbe6d0568%3AT%3D1701436623%3ART%3D1701436623%3AS%3DALNI_MZMekaODupxwrlOmrltkrcKY61_aA&scor=40943987803970&ged=ve4_td6_tt2_pd6_la6000_er354.611.507.911_vi0.0.1200.1600_vp100_ts2_eb24171
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0edde6c94532251be267f77ae2ba56728d64393db1cb76f516f416866594574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8210
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1235.json
id5-sync.com/g/v2/ Frame F2A1 		251 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.10.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
98a19c6b89c231e6c2daa807f4e04b4101a6d5e43a29987995081fa7ba1dcaa7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://vaughn.live
date
Fri, 01 Dec 2023 13:17:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-92S0CM3WMK&gtm=45je3bt0v9119025529&_p=1701436622421&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1641055854.1701436622&ul=en-us&sr=1600x1200&ir=1&_eu=EEI&sid=1701436622&sct=1&seg=0&dl=http%3A%2F%2Fvaughn.live%2F&dt=Vaughn%20Live%20-%20Possibly%20the%20greatest%20live%20streaming%20website%20on%20the%20internet!&_s=3&tfd=7376
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92S0CM3WMK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://vaughn.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:08 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
vast
bid.g.doubleclick.net/dbm/ Frame DF6C 		37 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BuVpXcmY1_O1AVlG5JHGqKMqr1lWZAH1-6K4VqBB9Oy4LVAbOxWJ-TnBv-6lqvmcB-ICaUolew3MD4-ZswqAKaT5BgSA&cry=1&dbm_d=AKAmf-AF-E-ZZgfOQsuz9XQ2FFTIWsICKGf0yv_TaiCTlhX0mI4oI5wnaiinmKFyItBmt_SniWhqpzvl6c3ch1UVM46iHOE-Ml9U8fxUCjlfqhnzR1YP-6xtzbpPeOqIJprFjk0LQif4veyFnvXq4ZOK1UtH64PgErXcAbz2jRrgp7zZr7Z0_Q14fJwSEImyL3egFTFPUYf-hZuGHl9mvaNbw1xHu2ezGJ4Lu1O7-_r-njPR2Swkbz0ik4t7qlfZdxB15i0xIhtE9UHf-4muupZ-yfqiJCvoXWR7gRgF_DbShdeL9ltfnWxmD_Ph_UHdxSL2A7nt5v1iuQAq7Z0y9u-qBGiEwGZKypOstvjx52GQeycIFK40FkNhuULgaAQs9BlVsr6lwlO4l250RrOArV5lVpvcoQwo5Bt7sI1mj09ph8wVZdk_EKzHmkHbVp9gc_ux8zkib3XpEh22Rge0TJJhw7HDMLIUHqh_zmE9RkpMTkjTHHwCiHN6B4EOCF080uVUv-P2mTzj94JYn_A2t7YRby_BwZNVLmhmTE1onlS44ZeUpyjEJ5EX7g-13NNrbI8fkR20eFMJWMSA9l4JK7RN6HPMqq89-VxQl_jg8yVyBAxUohav5EIG3A7UKeiTQPlTLzuIRAiDXW3mKA5oxMVlktcNlomQs8tPDZ2Uj633GnY6Z5QONS7JyEo7lYLiTZM22WhzALKQXubjAI2dGgMVcjyd_ZysQFbSlIyiCQ8oBfUCQU12rm_IaGUqteZpR6xrIxHdniozM2Gz80oE3JTpSDUnVcOtDQYeJTNc3RYj0W_SZGWFk2eFZIXW25aTtMohOLCc3muPN_jYLdEjmudK0AMewE2xYjUb8KJKkfLi0U-GGqaWs0JMXM1uzsoAPZp7fSgfm0xUGjFW5qXkCNZG2j31e6hHdGWh2mcOh69I-nueItoZzoPiUi7vyftcNlxrjrNIl3hGJvSCmHpQRvQ2-JNI0r4Duvr2d5sMguUl3pVP2f8FsG9qCsHLw41-_SZy8zDTOqZgJEz-PFkEgOKjMP5p-uKLB680sGVpUupyjHo0eSXcGR-GE_JvsJegJV-ZQ8xuXRsPKrJlbIKiplGBWKjY2LzsENx6AG7dKBPYJYjXvyNtDrBWlC4kU755hVX-oF3fMDfEvh8iNsBNZvlPXQGA8FNUeYaQLPvj5QNhj_cG5ba65bCssIzVU7ePxx5iAqJObPJTDheWZaFQ7LV30iiLKjfeCkA_zsfanA0djHykEBf8HAGo4MriaqFzY90ipE9HEuMMXlaileuG-UCr5dQYplA_UHgj1QP-V-QgO9MZSNmBliuqARg7gYk2UWxezddCQFUie1KMbzQIAxrS46AqUkcXmafd0eWrGo1fD7tMevDl0gQIkq4pcYvnyEa54M1QxByF1wD5TgC_YHwwzguZ9iUWPJBBIwpXtAUawtmLISzN2QLNIvRgeJ7lNNjHoNBeqS-OKJ9wKS5iprrWcSIIspnIG2NB8ecoHCa79YnwQePqQCQSRdyUuI2Mx-L4LQH-MD54Rz-0vDVsn4GeyHqGK-Y4NXJ_2oJzfiDIZeNF_jelb9Zt1L_pyW7lFtEgK1pcvJGOlRONGeVrdVZO_T1wyNB4PLGThuKr_gYpWrEGur9Rf9M2W70_H4P3IMSVv8AZfaGf9pwwSGueMtlOFzNcNjfZTuoCInGd6CKbAQixeSzXaMbcyKRNMQqRuJYecMlAQAPLj7n7CJgZBSoyYoQvnp_N1KLjFIBYx85lqw6qk4W7vgLsiCKctQpzVaUYrSi9cEyRkVE1-WM9CiZIanebudxTfxoWmXMSHdI3PZfnSJdg9RwMT2mLzk_n_lTmIRFztDVClS87r0QXt4EJbSh9PlneJFeIce61aI0OLNy_21pgUC4a4oaVfuNZLG5XoRsg_9yh68W9mXfw8n9t9-h9OMaQs1--L_9E4GzX6CDp_HP-pQA8dAZUWQA4N3j23dLsZkS7mOhURKoqdR5Wu8eCUMSom7uKg6XSNa-b0KGJ-nHojYMVoLQcwscrIOyMUofxo5Wu2_CVbjKPIHx2psW5uHqzEsTvhOau_1KsvAP7N1aPKtb0yHAqGNK0hMxzQPN2Smabgej-AoNtY8nP4wk8D844FByGp7aA92qlmxTBJmyeG7hBweVPDTbRRtoC3-9uRBuiGummBfkVyUHxmpD7GehWHwIUtvYB1EyxPPmMGO2OGde2T5zfgAdwOYgqJbsV4Hwf7UmxJ1yadUgPnCPxIu6gETSmxEDlMRm1S9q9DDBF4ydtQHDw2KzAh_AQz6NEuY_fpb3mfOUkQXnnt3NDFo56G0QVEa-gu4GFn3pB6OrF_zOeEFuIQ1Y1WITlLuck1QdrDWbP8lBHz5BOZfDkCTLTOhwXLFuuAckBgWducQg8UfvT0bhXR3tBEGRvpH9yb0Ed21ay_4_y5NmuES5Wr3UIEjyeUv7HSQIZI4Vqq61L6xF2i6l-7bmgjRJFd8TL3QgcC0Ud2nmhYk77bitALAnwjcC-PbVKA2zywKWeBbgEnf0d7j2JmZPZe7VoBJSFpg_JHdpp3FG3ZD-Z4zhJVEcl9eXpTBSi-gLMD8pRnIA4qzFe49rcbbeu02Q4rfdSmSYXApH4DEbzM_Aok8z3NtryagmhDHCIRtciDcNUlNxIuUt3D1ZV7lj1cg5Axz3y2f1q9sfG-krDIJ_M6a-JXS0mlHajX7xnHnmLpamfVYZF69IRCIp1p3tsx0Ij1McQeCP6dXce54ZaOX5R-Bj0eVZ-cwA7JaX3MvAhxsrzaZVIJ0B-EXTCdi86xC58GJ_0S48BK6nHEtz2_aNl3LRJ9mRijU-pZB1TnhDjH45Xrreuyya33WzCj7NsvNPeGc21qWepF_APdqetKfl2ndNKtOcXloatx8a5_DY41-UA3UzcpsYP6cVO92ljGFm3I6t7saOeqa16m2crst9saW5GtwLor_hjWM0Zd6VjU24GSW2Yn80SJvWNmFnVhL_KpbLEsGzoxhuDotrGy3Qtx2-IWqaO6QzaKKPtNTiuIHBUS78qhTd6dqu8-4DyxuGpgz3Z7wanErJWktqFryM_by2HayNH2RUudCoe3aXbL0GkfWzzEo4StsIYpuCepOkt0sQ5f6EbqxpWxSmyNXKRgV6KBxJHyQyOVIS01I03W-iDR1Eu99-zW4Ak2ILn9jpUY-_FkCFewAl0ZNlAN1MA3UlpNCmm8qaRZYjK9GTGs6WOBe9kZtXIS99OxrIZjz9KXUS_eLJkDsCWlrqHLSpmpkE38kLH6_gm0QgZyw7hRjewmQIEzkkF4MVGZzBv6vg06aeV8a6e_wuIXDxD4iFDZ0OlUFDij61AoMoY0sySnH-iyOYXWWaOOVlnKgKfIFI-dPGV94vKLrzbWfYQVnlTt7-uDyyumDN3MuX-sXPT3mUpgmn6gS_uHfa6QKV8uA-cfPZ2OrFgrqtjPWEugAKlmdBvXNoJhtdKCCDaFxLyJ7uta1N10qh1tp4n6PozsGf8Yh8qSUFVgaHqYhdYgimZd7B00ICYr_RLNcFQJ1eYkSHTbKdN_QPLiTKryPKKKCplmb5bwElaHrKcLr9JdrLGl6MhvBA4nmxVG5Iqr0CDX2ivCcH_N5AtE0k9sejFeZy9UDRhpP3VJy4LMzXDLDdbgH_vR7k-0j1o7tjTSQBIU131Ccv-Km3gLafL5N6qSA8R5Fs5tPmL98QSAiqizlrxJ61b530nS3Cic1p3xaFu9B5AJ5DAFNycdo0fIFVe8R59IZxfNYLS3l-CIKP8G6vQGxYhOINxAf9dBGRlhQmUGxFe5-EGkwQ&cid=CAQSOwDICaaNgPQbWN9QeyBFguPIFu3HwHmeND22AIx_3Ne9RlKyKAXmVPHtXVtvpuAWecf-385imrvpdM6BGAE&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&nel=0&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&sdki=445&ptt=20&adk=2948452029&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=BA8CBD2F-B85B-4F55-BDD6-C63151E73C08&eid=44736292%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=http%3A%2F%2Fvaughn.live%2F&dlt=1701436621503&idt=4241&dt=1701436628822&ged=ve4_td7_tt3_pd7_la7000_er354.611.507.911_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f157.1e100.net
Software
cafe /
Resource Hash
ae79475bd86d476111c3fec24b8614e1170bcc9ae8b54619397431189d0537f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18522
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DF6C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=3~lpmnfrfe&c=3972155198386&slotId=1986077599193&vmfc=11
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4003:c17::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:09 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:09 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:09 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DF6C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQh61NxpZdSGGL-M7_UP1dSw6Aip5uP3c8fPqfyHEsCNtwEQASC5jY4oYJXyi4KYB8gBBakCDqjL0mBHsj6oAwHIAxOYBACqBPsBT9AR3MiEnGWatPMxC0l6pw-i-cMoh4zsofkim1dlVjIhJz_HA7IAMtbfPzSa1TBuJKeeRrVoOb5ezYQm9YDqB4A55TlG7OqmxcdT8KWp8oKmupNODE4RoqL-2IWwQKBxOHpVS2ah5Nr1VQizR0SUIkkE_WgVn_kYfT9s6K49eIkzZLIgznDc6uWxtEg6GRCgdSmKTZAweMYDBLploGAK11i0u7VtAu4UAL2b2CzOqJTYcgTOUYZaDHETi-imLfY4EVz3aWHI0-CPINwTwnws1_e-mFsqV_9Fhpc_toL8ke83HAbagTle1i4t1N-si-voS5wkork4k5poEffABI-unt7PBOAEA4gForiLm02QBgGgBnaAB9ya9YkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmPfdrqnuggOACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI9qberqnuggMVP8a7CB1VKgyNsBPgpLgVyBP3kfzjA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=mdDBaWtLUrA&label=show_ad&sdkv=h.3.605.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NzkwODI5MDEyNTFA4AMKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzA4NjgxMDIyCTIwNDMwMDk0MkCKAVIzCMcPEA8lAAAQQigBOgs1Mjk1NDY5ODgtMUIER0RCTVAAWhAyYTZpenVRM0JaQW1RWUcyGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame DF6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CcQ271NxpZdSGGL-M7_UP1dSw6Aip5uP3c8fPqfyHEsCNtwEQASC5jY4oYJXyi4KYB8gBBakCDqjL0mBHsj6oAwGYBACqBPgBT9AR3MiEnGWatPMxC0l6pw-i-cMoh4zsofkim1dlVjIhJz_HA7IAMtbfPzSa1TBuJKeeRrVoOb5ezYQm9YDqB4A55TlG7OqmxcdT8KWp8oKmupNODE4RoqL-2IWwQKBxOHpVS2ah5Nr1VQizR0SUIkkE_WgVn_kYfT9s6K49eIkzZLIgznDc6uWxtEg6GRCgdSmKTZAweMYDBLploGAK11i0u7VtAu4UAL2b2CzOqJTYcgTOUYZaVHCxkuOcvseqrrtJCad28SUIci2UjZrQkBFqnn8g9PVsnnX8UsUaT0oZMh4lUqYMJ4uA-vO0NjlOK1pvYE6bW0XABI-unt7PBOAEA4gForiLm02SBQYIAxACGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9ya9YkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQmvhgGOz9wPwB0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliY992uqe6CA4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI9qberqnuggMVP8a7CB1VKgyNsBPgpLgVyBP3kfzjA9gTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi05ODQ4NzQ2ODY3Nzk4NDkzGNHVE-gXBQ&sigh=K7_CDN0NRaE&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNgPQbWN9QeyBFguPIFu3HwHmeND22AIx_3Ne9RlKyKAXmVPHtXVtvpuAWecf-385imrvpdM6BGAE&vt=10&sdkv=h.3.605.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NzkwODI5MDEyNTFA4AMKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzA4NjgxMDIyCTIwNDMwMDk0MkCKAVIzCMcPEA8lAAAQQigBOgs1Mjk1NDY5ODgtMUIER0RCTVAAWhAyYTZpenVRM0JaQW1RWUcyGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=1~lpmnfqec&c=3972155198386&slotId=1986077599193&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4003:c17::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-5goeenez.c.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r1---sn-5goeenez.c.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/acao,ctier,expire,id,ip,ipbits,itag...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5goeenez.c.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DEA7364496289A869B0591537B813CADD2FA0CA.326E359E0FFDEFF581DB2923B4F8102C6CFBEEFA/key/cms1/cms_redirect/yes/mh/WD/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5goeenez/ms/onc/mt/1701436356/mv/m/mvi/1/pl/57/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400f:1::6 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 13:17:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 31 Oct 2023 14:34:23 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-9848883/9848884
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
9848884
Expires
Fri, 01 Dec 2023 13:17:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:09 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-5goeenez.c.2mdn.net/videoplayback/id/aafca08553fffec3/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732972628/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DEA7364496289A869B0591537B813CADD2FA0CA.326E359E0FFDEFF581DB2923B4F8102C6CFBEEFA/key/cms1/cms_redirect/yes/mh/WD/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5goeenez/ms/onc/mt/1701436356/mv/m/mvi/1/pl/57/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
652
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:09 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DF6C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQh61NxpZdSGGL-M7_UP1dSw6Aip5uP3c8fPqfyHEsCNtwEQASC5jY4oYJXyi4KYB8gBBakCDqjL0mBHsj6oAwHIAxOYBACqBPsBT9AR3MiEnGWatPMxC0l6pw-i-cMoh4zsofkim1dlVjIhJz_HA7IAMtbfPzSa1TBuJKeeRrVoOb5ezYQm9YDqB4A55TlG7OqmxcdT8KWp8oKmupNODE4RoqL-2IWwQKBxOHpVS2ah5Nr1VQizR0SUIkkE_WgVn_kYfT9s6K49eIkzZLIgznDc6uWxtEg6GRCgdSmKTZAweMYDBLploGAK11i0u7VtAu4UAL2b2CzOqJTYcgTOUYZaDHETi-imLfY4EVz3aWHI0-CPINwTwnws1_e-mFsqV_9Fhpc_toL8ke83HAbagTle1i4t1N-si-voS5wkork4k5poEffABI-unt7PBOAEA4gForiLm02QBgGgBnaAB9ya9YkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmPfdrqnuggOACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI9qberqnuggMVP8a7CB1VKgyNsBPgpLgVyBP3kfzjA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=mdDBaWtLUrA&label=video_ad_loaded&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NzkwODI5MDEyNTFA4ANaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KiwEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcwODY4MTAyMgkyMDQzMDA5NDJAigFSMwjHDxAPJQAAEEIoAToLNTI5NTQ2OTg4LTFCBEdEQk1QAFoQMmE2aXp1UTNCWkFtUVlHMlobZG91YmxlY2xpY2tieWdvb2dsZS5jb20tZHNwGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame DF6C 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:23:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
3210
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15407
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 30 Nov 2024 12:23:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF6C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DF6C 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSXzkLZDlWXm25qSnlQq5_InxZgPnv7Ji-7EeI99tfOxe4aHaki8Yve6Ra1xAy4YXx1RmZ9sbVv8nODN4TN3ue_As-RmE7LO2P4DXQ5IdbtTGv9NDjbDP5_3oyrdngwd2hICJF3RHFE9OpN3pmalBe1KFpSjjGGRPPAIWvjezbxKsl3EpHed0CA8zd_1DHKNCvi7Dv-VMxw5_vPCvToOuZYUMpDlUxtWgvhunQE_0WN5M4mFQ_jvoMiI-qB7gBqdSAmfPyshJX5ZLZOafWvynF_1a3ebN2YmIQuwHaFgh2M7qt8Dv0G6koIj3_dXxYFsDlFLJaG4Z4ew5UY3hMzFjJNC4yQVyWBnXKNpuFyPSoi5gPJ2WvRhxSc_bab2Hq7oyX-FQDOrTUV27B3Ss-Q-fpTm8YvK_ZyWpeEVNGYE1LKXpEu5fIJvfQnRT08iB6MidBK5RI8SykTAu0slmfq2dqiRb1CzEO4RisL_gNU8mR932QBEr6t6j3R1w-pLF2AVQDvXE4D9Mh-y-6c33e8OxsFM6uszlJNzyL0MR7j3wp2-Z6Mye9rloOXVKfmtJNnmBh81bREnl--CXAQILBWjwbqZgpgu98pBFQlZ2KeVruDWS1o63rG0UPMtCkt0bOStdXFsZBBmEFAnBMIuh8w2FeflgxZxHdazUo8EghUjBjic4Iq5o71KNU7oBgt5vqSkEYuFkGBZCS3aP2gW3_zzuRjZt_NpTcM4iIbf83owpkJYE9lXg1xTfn-qrOPyvDGew43uXOpXdLPYC-GxXj6nT2QTBb4bu4TnhbN_N7_Ki-KYJZUdFectk7NXqLNF_3gEqp4K1YfwTnNzcp379emvt8oI9EUR96Z2VWSd982lJXPg9uDa4jYpUsiNHS1MARUDD7k4MvW23LgkYPounK4hSGSkIo3fJyjS4y2fDsXmnNMexLAWGE-iBf-qlvv_ldquBx21fkVQMSI7u8S6HJFi_0WBa8aiXNWMzPcK3AR1-Ws63JtEGfbo-W4GJE046qEuPOABGAbsChKz2A4tMkS652M5IF7VnkgaSZZ0IMYJ-h4EHV31_d5vEJYrw2-3oWeEePGPua7naXvsL0_EyX61FKbuoo3jy9zP6HiNNyfIKABtadOloytK43LaMsC1l9KS0ed8WY_ecgpgc0a_3xHkdtftkLjyYBSAX9t8T_S4bfIQn2AM7cFy5wTCZzAFsn9C_CYHOclo5IR6drD8L4B4nPCWfjKM80lRQ82dbEQg5nvaOXpHs57pjdV7UFP_HRR-Rp95vntdzSATalPKyn7iu49VlJNRteaqjHVD1ME_cUGwZqIdjALRvpKgfygVrDdCeg6xlUjglOGg&sai=AMfl-YT0OJpjt8s8xm5Jy7rKqM_t8PJeCLXM9p6v0TDAOTN6O-jKJVhRGz5YQUqDIwSkNyulUEBrUHB5QX4hYGet7zKwUgAOvE06j0TqyRp3ewGW4NAdq2IS29H86bapa2f2Kdr3OTJAfKrumm3O6UvEByss0SHr1LqMlTYtFkof_MNLVDopNeILaceelvIVY4QfskXcYFBGhi_n9yHf7vWx8TspWqop3m5J-EY9cInBWJBObT4rYLmQnm_XH6gGHksIyDICAbFzi-hGQaQueNA_auW1rEXFeg&sig=Cg0ArKJSzMVUbJLBmFGmEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&sdkv=h.3.605.0&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame DF6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNsCEP_8zAEY7P3A_AEgATAB&v=APEucNVVpdjIJPqlXOV_H1YVpAPysMWoB4SCi4LHfkQE7HBWVITi9Pm1PxbvajEgYB-JUBrJWPAR1UeQh53cdQ8OxzMd3V7w3A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DF6C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQh61NxpZdSGGL-M7_UP1dSw6Aip5uP3c8fPqfyHEsCNtwEQASC5jY4oYJXyi4KYB8gBBakCDqjL0mBHsj6oAwHIAxOYBACqBPsBT9AR3MiEnGWatPMxC0l6pw-i-cMoh4zsofkim1dlVjIhJz_HA7IAMtbfPzSa1TBuJKeeRrVoOb5ezYQm9YDqB4A55TlG7OqmxcdT8KWp8oKmupNODE4RoqL-2IWwQKBxOHpVS2ah5Nr1VQizR0SUIkkE_WgVn_kYfT9s6K49eIkzZLIgznDc6uWxtEg6GRCgdSmKTZAweMYDBLploGAK11i0u7VtAu4UAL2b2CzOqJTYcgTOUYZaDHETi-imLfY4EVz3aWHI0-CPINwTwnws1_e-mFsqV_9Fhpc_toL8ke83HAbagTle1i4t1N-si-voS5wkork4k5poEffABI-unt7PBOAEA4gForiLm02QBgGgBnaAB9ya9YkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmPfdrqnuggOACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI9qberqnuggMVP8a7CB1VKgyNsBPgpLgVyBP3kfzjA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=mdDBaWtLUrA&label=vast_creativeview&ad_mt=0&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NzkwODI5MDEyNTFA4ANaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjgEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcwODY4MTAyMgkyMDQzMDA5NDJAigFSNgjHDxAPJQAAEEIoAToLNTI5NTQ2OTg4LTFCBEdEQk1IxwhQAFoQMmE2aXp1UTNCWkFtUVlHMlobZG91YmxlY2xpY2tieWdvb2dsZS5jb20tZHNwGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIifb-rqnuggMVdkSkBB26GgZBEAAYACCOxbVhOhoIrsCSigEQj66e3s8EGPeR_OMDIMfPqfyHEkITCNTA366p7oIDFT_GuwgdVSoMjQ;dc_rmcid=CAQSOwDICaaNgPQbWN9QeyBFguPIFu3HwHmeND22AIx_3Ne9RlKyKAXmVPHtXVtvpuAWecf-385...
ade.googlesyndication.com/ddm/activity/ Frame DF6C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIifb-rqnuggMVdkSkBB26GgZBEAAYACCOxbVhOhoIrsCSigEQj66e3s8EGPeR_OMDIMfPqfyHEkITCNTA366p7oIDFT_GuwgdVSoMjQ;dc_rmcid=CAQSOwDICaaNgPQbWN9QeyBFguPIFu3HwHmeND22AIx_3Ne9RlKyKAXmVPHtXVtvpuAWecf-385imrvpdM6BGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOliY992uqe6CAw;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DF6C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQh61NxpZdSGGL-M7_UP1dSw6Aip5uP3c8fPqfyHEsCNtwEQASC5jY4oYJXyi4KYB8gBBakCDqjL0mBHsj6oAwHIAxOYBACqBPsBT9AR3MiEnGWatPMxC0l6pw-i-cMoh4zsofkim1dlVjIhJz_HA7IAMtbfPzSa1TBuJKeeRrVoOb5ezYQm9YDqB4A55TlG7OqmxcdT8KWp8oKmupNODE4RoqL-2IWwQKBxOHpVS2ah5Nr1VQizR0SUIkkE_WgVn_kYfT9s6K49eIkzZLIgznDc6uWxtEg6GRCgdSmKTZAweMYDBLploGAK11i0u7VtAu4UAL2b2CzOqJTYcgTOUYZaDHETi-imLfY4EVz3aWHI0-CPINwTwnws1_e-mFsqV_9Fhpc_toL8ke83HAbagTle1i4t1N-si-voS5wkork4k5poEffABI-unt7PBOAEA4gForiLm02QBgGgBnaAB9ya9YkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmPfdrqnuggOACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI9qberqnuggMVP8a7CB1VKgyNsBPgpLgVyBP3kfzjA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=mdDBaWtLUrA&label=part2viewed&ad_mt=0&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NzkwODI5MDEyNTFA4ANaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjgEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcwODY4MTAyMgkyMDQzMDA5NDJAigFSNgjHDxAPJQAAEEIoAToLNTI5NTQ2OTg4LTFCBEdEQk1IxwhQAFoQMmE2aXp1UTNCWkFtUVlHMlobZG91YmxlY2xpY2tieWdvb2dsZS5jb20tZHNwGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIifb-rqnuggMVdkSkBB26GgZBEAAYACCOxbVhOhoIrsCSigEQj66e3s8EGPeR_OMDIMfPqfyHEkITCNTA366p7oIDFT_GuwgdVSoMjQ;dc_rmcid=CAQSOwDICaaNgPQbWN9QeyBFguPIFu3HwHmeND22AIx_3Ne9RlKyKAXmVPHtXVtvpuAWecf-385...
ade.googlesyndication.com/ddm/activity/ Frame DF6C 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIifb-rqnuggMVdkSkBB26GgZBEAAYACCOxbVhOhoIrsCSigEQj66e3s8EGPeR_OMDIMfPqfyHEkITCNTA366p7oIDFT_GuwgdVSoMjQ;dc_rmcid=CAQSOwDICaaNgPQbWN9QeyBFguPIFu3HwHmeND22AIx_3Ne9RlKyKAXmVPHtXVtvpuAWecf-385imrvpdM6BGAE;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOliY992uqe6CAw;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DF6C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQh61NxpZdSGGL-M7_UP1dSw6Aip5uP3c8fPqfyHEsCNtwEQASC5jY4oYJXyi4KYB8gBBakCDqjL0mBHsj6oAwHIAxOYBACqBPsBT9AR3MiEnGWatPMxC0l6pw-i-cMoh4zsofkim1dlVjIhJz_HA7IAMtbfPzSa1TBuJKeeRrVoOb5ezYQm9YDqB4A55TlG7OqmxcdT8KWp8oKmupNODE4RoqL-2IWwQKBxOHpVS2ah5Nr1VQizR0SUIkkE_WgVn_kYfT9s6K49eIkzZLIgznDc6uWxtEg6GRCgdSmKTZAweMYDBLploGAK11i0u7VtAu4UAL2b2CzOqJTYcgTOUYZaDHETi-imLfY4EVz3aWHI0-CPINwTwnws1_e-mFsqV_9Fhpc_toL8ke83HAbagTle1i4t1N-si-voS5wkork4k5poEffABI-unt7PBOAEA4gForiLm02QBgGgBnaAB9ya9YkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmPfdrqnuggOACgPICwHgCwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMI9qberqnuggMVP8a7CB1VKgyNsBPgpLgVyBP3kfzjA9gTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=mdDBaWtLUrA&label=admute&ad_mt=0&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2NzkwODI5MDEyNTFA4ANaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjgEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcwODY4MTAyMgkyMDQzMDA5NDJAigFSNgjHDxAPJQAAEEIoAToLNTI5NTQ2OTg4LTFCBEdEQk1IxwhQAFoQMmE2aXp1UTNCWkFtUVlHMlobZG91YmxlY2xpY2tieWdvb2dsZS5jb20tZHNwGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:10 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:10 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
areq
a.channelexco.com/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.channelexco.com/areq?sid=&domain=http%3A%2F%2Fvaughn.live&se=6e83e0bd-d89b-41ab-ad1d-13e944392e1a&pv=117.59&dd=vaughn.live&gpvck=v022835727__300x168______DEF__nil__356&sa=shd&dmid1=1065849310-1038774780-1270192948-1859975197&dmid2=1065849310-1123748722&dmid3=1065849310-1038774780-1270192948-208352548&cb=1701436630170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.147.67 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:10 GMT
cache-control
no-cache
server
openresty
expires
Fri, 01 Dec 2023 13:17:09 GMT
thumbnail-720.webp
cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/transformations/production/1e0e90f2-4db9-4a10-8f2d-5c17adfddd3b/thumbnail-720.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.101.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-101-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eae8becbf14b20a3f18f2851bc6da830f3b7f66f81c4ca2ca31e0a324db0515f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:17:10 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 23:01:03 GMT
server
AmazonS3
etag
"647ee987db6540fee9ac4a4560e275ef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
12201
multiple-events
s-113.channelexco.com/vpx/ 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-113.channelexco.com/vpx/multiple-events?events=loadedi%2Cstarti&data=p%3A1065849310%2Cv%3A208352548%2Cdmid%3A1065849310-1038774780-1270192948-208352548%2Ct%3A3.8%2Cy%3A4%2Cyy%3A4%7Cs%3A5.1%2Cp%3A1065849310%2Cv%3A208352548%2Cdmid%3A1065849310-1038774780-1270192948-208352548%2Ct%3A1.1%2Cgpvn%3A18%2Cy%3A4%2Cyy%3A4%2Crtg%3A1%2Cwd%3A300%2Chd%3A169&sid=&domain=http%3A%2F%2Fvaughn.live&se=6e83e0bd-d89b-41ab-ad1d-13e944392e1a&pv=117.59&dd=vaughn.live&gpvck=v022835727__300x168______DEF__nil__356&sa=shd&s=4.0&cb=1701436630176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.15.158 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vaughn.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7FE3 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
101041
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
8727
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 30 Nov 2023 09:13:09 GMT
Expires
Fri, 29 Nov 2024 09:13:09 GMT
Last-Modified
Sun, 25 Jun 2023 02:58:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7FE3 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 00:42:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
131691
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
17004
X-XSS-Protection
0
Last-Modified
Tue, 28 Nov 2023 18:18:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Fri, 29 Nov 2024 00:42:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FE3 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.605.0&bgai=B4QGi1NxpZYm8N_aIkdUPurWYiAQAAAAAOAHgBAI&bg=!JSalJmnNAAY3kmNgF5I7ADQBe5WfONA23PKRMXXyzbU-061RK0HX4Q5AbofYXYV5segnM08XSgnKmE-tJdPiS2MrSwimAgAAADVSAAAAAmgBBwoAAoTjmQLgM212j0GIr89Kz-xaqipnOWGdQm0OpoTvh3tHIzH9w1eahnpl-mh331ukGVijFvPXJ37JbbPFlrpUe4CsO3fisrhSEk12B7GzLwkAXOQ61jibmkGCtYKuhbeJmCKgjyP3YhYmJ5_SqpfrmGG0ZV48vNmJjBLfACZSnOvvHTNJ323mmsl5Xx2Q5JCERuPz-JNF7LmdrbqzgaLfE6YsDdrFUYVV-n5Qedoi57wibbiVqtk0fzBct0g6tItouVjSOvtGyQngLD5zG_r0NuB8ps0AMqA7YZNZn3kUDdfBcAH77sCcDzQVxhUxpiTINKVMAVtrnMS7Ve6628cqGH0X1-HrpQ1vy6Ajkcr7nwIdD2lceuonDNGjbdoo5yH-l3q6iYSdXyzo6KD2_N49lQaDg_1CaKFV3xqVK1ayphn_9KmNAGyFYFlORwH346d4rJgmo0s3ozoURfOxTRLopIS6mu8I5EP1TfoVr1PHKy84JOAgvY5DFWdYe3bP9QQ6aUKOqXsGnP3y_6xGEtmepBmDUh_F5jf5XZ-2iuxmpswC4xDMZ5hGrdMHzUqh4XC6h2goHIlab-C6RCP6YI4rwsgSR6zXkXUVR58ywV4hpJVHJjs4m0-zpkb34-Y4weUEL18h3Rr5G9LCwnIXNFxEaB0cRyahc3tohqzOnNkwxpjHFVTMS8aZ90vr9wFPQ7n_R5QP23MDcDaIO18EWbYQnq3A5y_0kKz4CLrk57XZpYHcMu7B3SSePCrOhjjCfa2GXFbWAGtTY0BFrTiY7FCu4UTU8dstHbbogFbvS4LCR4BgoQTade3HYABz3u4dS-MvXP87kOHvSSYS15HcXsy6rJPeJ4aDTDT82MkdfbrTC6V4krRlMpu-f79d87KCDPhIAud5mlX1LlLDEIR65UYJbzZzNypm_HtQ8-6nxsPx_971gNBpLUJY0nv-FKMzHtLX_oXYxAskB0gqtvVYdTJMbGBNPNVHzw
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 13:17:10 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: http://player.ex.co/player/8029a89b-2992-462d-85a0-d709d2ee200f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.105.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-105-111.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 13:17:10 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.69.0-718fc94/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vaughn.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 13:17:10 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEM7vTqVtpztEJ1MOFpqU82M&google_cver=1&google_push=AXcoOmSe1ASRpB1lqCv_zD62ScGyMp6UqjamjfGjW-QMLJJdY4E06Tl9SZmeuLmX0l0mqFIBx7wXxSi0T5Oh1QdkD_M0ysGiO8ieWw
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2086764725&r=http%3A%2F%2Fvaughn.live%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=26
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| didna object| DIDNA_CONFIG object| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| regeneratorRuntime function| a0_0x45cd function| a0_0x4009 object| googletag function| cls_Modal object| Modal function| clsChatV2emoticons object| ChatV2emoticons function| __slice function| __indexOf function| sApi function| abvs_Ads function| abvs_VideoPlayer function| cls_MvnPlayer object| MvnPlayer boolean| isFullscreen undefined| doMvnIM function| mIM function| splitTo function| ConnectFacebookWindow function| ConnectTwitterWindow function| ConnectTwitchWindow function| vs_connect_complete function| vs_connect_cancelled function| $ function| jQuery function| Hls boolean| vs_networkstatus boolean| vsm_device_ready function| SimpleBar object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| gaGlobal function| isMobilePlatform function| checkiOS function| checkXbox function| checkAndroid function| checkPlaystation function| vtrace object| vs_core number| vs_mouse_x number| vs_mouse_y object| vs_privacy number| documentWidth number| documentHeight number| documentMinimumWidth number| documentMinimumHeight boolean| vs_v9_firstload_trending object| vs_sb_content_menu function| vs_v9_resize function| resize_frontpage function| resize_frontpage_categories function| resize_vods function| device_loaded boolean| vs_v9_hamburger boolean| vs_v9_content_menu_open boolean| vs_v9_menu string| vs_username string| vs_token object| __cfBeacon object| nmmRefreshCounts object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| sas object| apntag object| _ADAGIO number| google_unique_id object| STREAM_CONFIGS string| STREAM_ID object| __EXCO string| __EXCO_INTEGRATION_TYPE object| wpJsonpExCoStreamSdk function| setImmediate function| clearImmediate string| pbPageIdentifier object| vs_sb_content object| wpJsonpExCoAdPlayer object| ID5 object| CEDATO_API object| CEDATO_TAG object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __id5_instances object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_957810 object| closure_lm_856493 object| GoogleGcLKhOms object| google_image_requests

138 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: Y7IFmn3eUUrnK1VKFHy7_8IRvjrQ0e_L
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2023-12-02 13:17:02"
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 3
i.liadm.com/s Name: _li_ss
Value: ChcKBQgKENAWCgYI0gEQ0BYKBgiiARDQFg
.vaughn.live/ Name: _pubcid
Value: 58370163-1c65-4087-85a8-70c831b3ea05
.vaughn.live/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.vaughn.live/ Name: _ga
Value: GA1.1.1641055854.1701436622
.rubiconproject.com/ Name: khaos
Value: LPMNFO7V-1J-CT51
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6AygTZJW79t/y+IXqvPVzt4X6LBWwGzep2k2NKlEueGiBoXL42hpMN0LWsGe6QwATRczh587PCDcibZEhCD8e94nfYtVv8JRWm+xUA9sgf/4bKpUjWTmmg0
.adnxs.com/ Name: uuid2
Value: 5657527055004491837
.casalemedia.com/ Name: CMPS
Value: 5295
.insightexpressai.com/ Name: DW
Value: 00000000-0000-005e-66a6-3f1701436623
.insightexpressai.com/ Name: IXAI71129
Value: FTF
.insightexpressai.com/ Name: DW_Time
Value: 1701436623
.insightexpressai.com/ Name: TID
Value: 00000000-0000-005e-66a6-3f1701436623
.doubleclick.net/ Name: APC
Value: AfxxVi7ADFjeTeOXXoD0qX3F2pwwmmD7iMnocvn3AGKMA4UVRfrKew
.casalemedia.com/ Name: CMID
Value: ZWncz8bzbm7zKfdQm559AwAA
.casalemedia.com/ Name: CMPRO
Value: 3236
.doubleclick.net/ Name: ar_debug
Value: 1
.ex.co/ Name: exco-uid
Value: 2e3532312e303338
.vaughn.live/ Name: __gads
Value: ID=0aafaef5899ebb5e:T=1701436623:RT=1701436623:S=ALNI_MZCx_ibCoSLKzIu4Zxk-k5zieEuOg
.vaughn.live/ Name: __gpi
Value: UID=00000cffbe6d0568:T=1701436623:RT=1701436623:S=ALNI_MZMekaODupxwrlOmrltkrcKY61_aA
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4e52ef438df81823
.ads.stickyadstv.com/ Name: UID
Value: 39f1249259da198312c99b8dc6669
.openx.net/ Name: i
Value: 1b003aca-7ef3-458f-9d96-0fe2226f1a70|1701436624
.creativecdn.com/ Name: u
Value: xUDQP9EOOYJpjguONxmX
.creativecdn.com/ Name: g
Value: xUDQP9EOOYJpjguONxmX_1701436624360
.creativecdn.com/ Name: ts
Value: 1701436624
.simpli.fi/ Name: suid
Value: D2B7D870E15F436E89C28AD85D830FA5
.csync.loopme.me/ Name: viewer_token
Value: 1ec105d6-6efc-49d5-8b92-474be54103e0
.uuidksinc.net/ Name: jcsuuid
Value: 7zlm8UcVPGBMLkONXkDB
.doubleclick.net/ Name: IDE
Value: AHWqTUlaAyJRIErhQymakn7ypdDmQM3sZJNmTd-NA5Qh3iNYm6R5ItEG5WoNZbFgiqs
.linkedin.com/ Name: bcookie
Value: "v=2&f063c856-8b6c-4ff7-81b8-8d411ee26d92"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDE0MzY2MjQ7MjswMjEEQ7Eoq3Wjtnu2ordYEcqERpsESIyXmIJHyROR+y03TA==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2695:u=1:x=1:i=1701436624:t=1701523024:v=2:sig=AQElb6zJyUVh332a_vXR2f5PTbzI5BLj"
.ctnsnet.com/ Name: gid_CAESEFRlt8DsyxD-MXnxOxE4Ums
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7307614656310540445
sync.gonet-ads.com/ Name: chk
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C')tA<]!!]taP8i_iqf!oN/@E'zz<*Z0Q`ssev'00t[ta?UnN:1U4bN1GWSD]u471!0dTD._*PlZ[C[-kX-D%+8n
.gonet-ads.com/ Name: pid
Value: MjIyMDU0MDViZjI3MGI5OA
.awin1.com/ Name: awpv11601
Value: 113440|1701436624|eba54d50-904b-11ee-ba35-226154e726d7
.mediago.io/ Name: __mguid_
Value: 9d9fcb00c3ff4f881gmz4l00lpmnfpmw
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e4cf43d9-97fb-5acf-6fe8-f790acff0fe9.lEydPJHsyMrVW6NwwC5LSgwDhDHWra6DCO2xFUW4OLU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e4cf43d9-97fb-5acf-6fe8-f790acff0fe9.lEydPJHsyMrVW6NwwC5LSgwDhDHWra6DCO2xFUW4OLU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A5M9D2Zf7Ws9v6PeQrP8P6bKi0Y4.k0i0gFkN0L0scJjQWnZ2kIERd8PyIeSlQBK3MAaMREo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A5M9D2Zf7Ws9v6PeQrP8P6bKi0Y4.k0i0gFkN0L0scJjQWnZ2kIERd8PyIeSlQBK3MAaMREo
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAtIHADDwwExAOv1tT1onbNG7bZ83Yr5x0xiZMuwTE_9EHwYBCDQuaerBjABOgSVjvJGQgRqP7Vp.vmZHBpuHZxzIbskV7Gc0Z2GF%2BSog2I4amdyVltD3qDI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAtIHADDwwExAOv1tT1onbNG7bZ83Yr5x0xiZMuwTE_9EHwYBCDQuaerBjABOgSVjvJGQgRqP7Vp.vmZHBpuHZxzIbskV7Gc0Z2GF%2BSog2I4amdyVltD3qDI
.blismedia.com/ Name: b
Value: 6569DCD01E91D578B9DFB33ABLIS
.adform.net/ Name: C
Value: 1
.adx.opera.com/ Name: UID
Value: OPUd32d2e90eb9449289d6f305fe7d35b89
.adform.net/ Name: uid
Value: 8106690664101716930
.ctnsnet.com/ Name: gid_CAESEKZEsNDG9E9lgTmauLGPZbk
Value: 1
.ctnsnet.com/ Name: cid
Value: 5482bb0473d44a9aa492cf6f5f888305
pb.media01.eu/ Name: ASP.NET_SessionId
Value: f1yuuvhtacn2ocuaslqupxem
pb.media01.eu/ Name: DTU
Value: 636CF90AFB83486734257D8FE2539DF7
.amazon-adsystem.com/ Name: ad-id
Value: Ay9T5TzgK0Hctn5WEy0xMjc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1701436624869,"clickCookie":false}}
.de17a.com/ Name: guid
Value: 1.6954790885361401780
.media.net/ Name: visitor-id
Value: 3444382241492699000V10
.liadm.com/ Name: lidid
Value: 0eadefce-1820-4165-86bf-a6d08204b375
.turn.com/ Name: uid
Value: 3116653336272240409
.quantserve.com/ Name: mc
Value: 6569dcd0-dd8e2-3bf21-4d72b
.adsby.bidtheatre.com/ Name: __kuid
Value: 20529359-00de-4501-afa9-361adf17c61a.470650624
.yandex.ru/ Name: yuidss
Value: 3279645771701436624
.yandex.ru/ Name: yandexuid
Value: 3279645771701436624
.yahoo.com/ Name: A3
Value: d=AQABBNDcaWUCEAXOF0UgefGIixm96h3knggFEgEBAQEua2VzZQAAAAAA_eMAAA&S=AQAAAgopd_SOKOonrKmc9joZB70
.vaughn.live/ Name: _ga_92S0CM3WMK
Value: GS1.1.1701436622.1.0.1701436624.58.0.0
.zemanta.com/ Name: zuid
Value: MpklkSCITB8IUsQ76ftr
.acuityplatform.com/ Name: auid
Value: 858858738488
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRgkwaQaqmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYJMGkGqo90aGlyZFBhcnR5VXNlcklkWkNBRVNFUEVNOGFTZjIyUlRVVmw1dTVlcUZHSfv7hnZlcnNpb27C+w=="
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003%22%7D
.retailads.net/ Name: ppb2172
Value: 3356614728
.awin1.com/ Name: awpv11671
Value: 296283|1701436625|ec0b8930-904b-11ee-baee-22345d278e84
.awin1.com/ Name: awpv11830
Value: 296283|1701436625|ec165ea1-904b-11ee-85f5-22347f548c7f
.ex.co/ Name: exco-uids
Value: {"openx":{"UID":"880adae2-b84e-43dc-b484-01e0ae796a1a","Expire":"2023-12-08T13:17:04.280079328Z"},"unruly":{"UID":"RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003","Expire":"2023-12-08T13:17:05.265229815Z"}}
.futalis.de/ Name: raSIDb
Value: 3356614728
.awin1.com/ Name: awpv20044
Value: 412871|1701436625|ec2b4631-904b-11ee-825d-22629e669530
.awin1.com/ Name: awpv14702
Value: 412871|1701436625|ec2af810-904b-11ee-85f5-22347f548c7f
.tribalfusion.com/ Name: ANON_ID
Value: aRnvnuPME7eQmKvCjSxrdFQEUZaBUnegRNKZapyJuObdmsn7LbRZdXpbO0lXhTT3F3yEf6eS46gnEMZcWZc7kVuJCvWpOZdAMswfeqPK8ThukTOZduE
.go.sonobi.com/ Name: HAPLB8G
Value: s86201|ZWnc1
vaughn.live/ Name: _lr_retry_request
Value: true
vaughn.live/ Name: _lr_env_src_ats
Value: false
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.smartadserver.com/ Name: pid
Value: 6487503489310055869
.awin1.com/ Name: awpv11354
Value: 412871|1701436625|ec7658f0-904b-11ee-85f5-22347f548c7f
.awin1.com/ Name: AWSESS
Value: 377129:2470185
.servenobid.com/ Name: pid_312
Value: 5657527055004491837
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZWncz8bzbm7zKfdQm559AwAADKQAAAIB
.servenobid.com/ Name: pid_317
Value: 6487503489310055869
.servenobid.com/ Name: pid_333
Value: ZWncz8bzbm7zKfdQm559AwAADKQAAAIB
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c440b4c-87b2-4a2d-8dc3-008fa08feaa1-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.lijit.com/ Name: ljt_reader
Value: Hv5dsRZHEuMUsCk_RyuTHmln
.criteo.com/ Name: uid
Value: 4245d9b8-491d-43fa-8949-df6b3e3ebe89
.simptrack.com/ Name: ntm_tps__4011
Value: .NNNOZvDy1e5OO8KF5n9ykFB-yIf6o2V9i4MaxVZ85CGKovxGriKUzWIBKmZECPayBAKzjD0CV9jTG6Tnrw-e_6uNKpJTrFI3L0h5bpj27naei7nNRJlg8rnSyfKG4CT75lGx4KDK3CqIgce1PEmixcarYM3nP2Cn-wkExHER5-Zpc7O_NURICqscOKKRdPWdok0LbpqK0AwuIpXVfFnYQED_fqpSkGxumAwm7_fwjSR6W29_Y2vScE8z3gEJoQk5xnsDOS1A2hWn5ejgNh8_TPOZRiHGB2TNNNNNNNNNVf4U
.simptrack.com/ Name: v0rur7gqspb3_uid
Value: ea7222c1f50c10cc
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
www.conrad.de/ Name: HTLP_timestamp
Value: 1701436626008
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: X8X1E4hK1rNKWVyP9nYJPTT7ZtdxI1xa9TMaB9ZQ05A-1701436626-0-AQszpENi/OC/1l9U2s3q3VZeTrAuhIc0cDC2zB8onsH/CMMz0HODgf2o22EXuJRWNc/tJ525kEo5AfgoRdbfCFg=
.gumgum.com/ Name: vst
Value: e_6f8cca68-2cf6-433a-9df2-ef16d259c46a
.smartadserver.com/ Name: csync
Value: 79:4245d9b8-491d-43fa-8949-df6b3e3ebe89|150:0
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjAzNrI0NDUyMRXiM9S1rMooDPDPS67yq8gBAJ1NrmslAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjAzNrI0NDUyMRXiM9S1rMooDPDPS67yq8gBAJ1NrmslAAAA
.rqtrk.eu/ Name: browser_id
Value: 1:a69e4679-3a5e-4696-a9af-8ef1cb2a59e6
.bidswitch.net/ Name: tuuid
Value: d75425bf-1a7d-4eae-8b7b-8b4a2cc5ad84
.bidswitch.net/ Name: c
Value: 1701436626
.bidswitch.net/ Name: tuuid_lu
Value: 1701436626
.servenobid.com/ Name: pid_310
Value: Hv5dsRZHEuMUsCk_RyuTHmln
.servenobid.com/ Name: pid_309
Value: e_6f8cca68-2cf6-433a-9df2-ef16d259c46a
.servenobid.com/ Name: pid_324
Value: 5140084928632915245
.quantserve.com/ Name: d
Value: EAIBEAHHKoEO3KwQ
.fwmrm.net/ Name: _uid
Value: uml1031_7309306953232341845
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMTQzNjYyNnZsZWExZGUyMDIzMTIwMTE0MTcwNjkwOTQ4OTYyODYzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZlh6WHM5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMjAyMTE
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023120114170690948962863X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMTQzNjYyNnZsZWExZGUyMDIzMTIwMTE0MTcwNjkwOTQ4OTYyODYzWDEyMDIxMVYxMjI2MTMyNzAyT
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml1031_7309306953232341845
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml1031_7309306953232341845
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_3fe2f0b7-2a94-4e7c-8ba2-7743fce2e8e2
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2ce7ddddf97ec866
.bidr.io/ Name: bito
Value: AAB3DU7K07oAABORdvDpVw
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAB3DU7K07oAABORdvDpVw
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-9e4a492a-341e-32f4-aef6-f6905a5d23ec
.servenobid.com/ Name: pid_346
Value: ua-9e4a492a-341e-32f4-aef6-f6905a5d23ec
.ipredictive.com/ Name: cu
Value: f6c820f3-c84b-4ef5-97ee-296c59f393a2|1701436626497
.rezync.com/ Name: zync-uuid
Value: b45f2dd8-9734-4e6b-b334-61e7609692f2:1701436626.6676922
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3IyQ3AIAwEwE_acYSP7GLKsYBCqDz8RnMeVnzb5uyS9JBYKCm_gi6iJdK2DWXTcMDwArxnP8zgiS86AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_5skbJ5kYppmlJJioWtpbmyia5JqlqSbZAxkmRmmmpsZWJpZGqUZWRmaGxiaGJuZGZnpmZmZA8WMZgnzIgTNTY0WofKNT4kj8Q2MDAAQrciNagAAAA
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"loopme":1}
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaV25jejhiemJtN3pLZmRRbTU1OUF3QUEiLCJleHBpcmVzIjoiMjAyMy0xMi0xNVQxMzoxNzowNi4zOTQzNDYxMzdaIn0sImxvb3BtZSI6eyJ1aWQiOiIxZWMxMDVkNi02ZWZjLTQ5ZDUtOGI5Mi00NzRiZTU0MTAzZTAiLCJleHBpcmVzIjoiMjAyMy0xMi0xNVQxMzoxNzowNi44MzAzNDc4NDVaIn19fQ==
live.rezync.com/ Name: sd-session-id
Value: .eJwNissOgyAQAP9lz9LAsiyPnzGlrAlRaSP2UuO_l9vMZC6YP3LszybthHQeX5ngtdVhHdIFvf52WSGBM6R1oIiBLUbjkBzcE3Tpvb7bXMt4MrkFSwkqekuKhLPKdhAb8awjR1wwGa8NWWbkB7MfDeH-A6NUJR0.ZWnc0g.KD0u1GPXACdTGGlLlnxURfLfzf4
.servenobid.com/ Name: pid_353
Value: 0000EEA
vaughn.live/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgInIc_EAoYBiAGKAYw1LmnqwY4BkAGSAYQ1LmnqwYYBQ..
.kueezrtb.com/ Name: vdzh5_11f967df
Value: q3s15OVedee2ty6GBRzINHQQFwAXexBbDGUkNx5xeGZVV0gDCkYbG3Jwa0hkKzUHU0hVARdAAHZ3YU0qKjBHGQ%3D%3D

16 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEM7vTqVtpztEJ1MOFpqU82M&google_cver=1&google_push=AXcoOmSe1ASRpB1lqCv_zD62ScGyMp6UqjamjfGjW-QMLJJdY4E06Tl9SZmeuLmX0l0mqFIBx7wXxSi0T5Oh1QdkD_M0ysGiO8ieWw
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.605.0_en.html#goog_563039782
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript error URL: http://vaughn.live/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'http://vaughn.live' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=26
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://vaughn.live/
Message:
Access to fetch at 'https://fid.agkn.com/f?apiKey=2086764725&r=http%3A%2F%2Fvaughn.live%2F' from origin 'http://vaughn.live' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network error URL: https://fid.agkn.com/f?apiKey=2086764725&r=http%3A%2F%2Fvaughn.live%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b45f2dd8-9734-4e6b-b334-61e7609692f2%3A1701436626.6676922&_=1701436626.670165
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: http://vaughn.live/
Message:
Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json' from origin 'http://vaughn.live' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Message:
Failed to load resource: net::ERR_FAILED
other error URL: http://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
28c71251f22fd344f9e4da72a524a00a.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a.channelexco.com
a.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adv.office-partner.de
an.yandex.ru
analytics.pangle-ads.com
analytics.webgains.io
ap.lijit.com
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
btlr.sharethrough.com
c1.adform.net
cdn.ampproject.org
cdn.ex.co
cdn.retailads.net
cdn.track.production.webgains.team
cdn.vaughnsoft.net
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
collector.ex.co
colossusssp.com
cookies.nextmillmedia.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.chocolateplatform.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.turn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e.channelexco.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.kueezrtb.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
g2.gumgum.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gpv.ex.co
gum.criteo.com
hal9000.redintelligence.net
hal900026.redintelligence.net
hal900029.redintelligence.net
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
hbx.media.net
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
medialead.de
onetag-sys.com
p.channelexco.com
p.rfihub.com
pagead2.googlesyndication.com
partner.o2online.de
pb.media01.eu
pbs.nextmillmedia.com
pixel.rubiconproject.com
player.ex.co
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
public.servenobid.com
pv.medialead.de
px.ads.linkedin.com
r.turn.com
r1---sn-5goeenez.c.2mdn.net
region1.analytics.google.com
report2.hb.brainlyads.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s-113.channelexco.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.insightexpressai.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-de.ad4mat.net
static.cloudflareinsights.com
stats.g.doubleclick.net
storage.googleapis.com
sync-dmp.aura-dsp.com
sync.1rx.io
sync.adkernel.com
sync.ex.co
sync.go.sonobi.com
sync.gonet-ads.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
tg.socdm.com
thumbnails.vaughnsoft.net
tm.simptrack.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
track.webgains.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vaughn.live
vop.sundaysky.com
wt.rqtrk.eu
www.awin1.com
www.conrad.de
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
api.rlcdn.com
fid.agkn.com
match.adsrvr.org
sync-dmp.aura-dsp.com
tg.socdm.com
134.122.57.34
138.201.135.164
138.201.84.244
141.95.32.71
142.250.110.157
142.250.185.194
142.250.185.226
145.239.193.130
147.75.84.158
151.101.2.132
154.59.122.79
159.203.145.121
162.19.138.117
162.19.138.82
167.233.13.224
167.233.14.134
172.217.16.134
172.217.16.194
172.217.18.102
172.64.151.101
173.237.69.60
174.137.133.49
178.250.1.9
18.134.84.26
18.202.86.19
18.239.50.21
18.239.83.21
18.65.39.15
184.30.24.22
185.184.8.90
185.64.189.112
185.64.190.79
185.86.139.93
185.98.54.153
188.42.105.236
193.0.160.130
198.47.127.19
2.16.101.123
2.16.97.41
2.19.100.239
2.19.126.74
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
209.54.182.161
209.58.147.67
213.155.156.165
216.52.2.48
216.52.2.86
23.19.226.132
23.197.120.249
23.218.208.187
23.218.208.200
23.32.185.233
23.82.15.158
2600:1901:0:76b9::
2600:9000:2449:ec00:1f:4c18:bd40:93a1
2600:9000:25e8:9a00:1b:5138:8a40:93a1
2602:803:c003:200::21
2606:4700:20::681a:71b
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:48b0
2606:4700:3030::ac43:93fe
2606:4700:3032::6815:3776
2606:4700::6810:3965
2606:4700::6810:c0cb
2606:4700::6812:19ad
2607:ae80:4::25
2607:f8b0:4003:c17::5e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:806::201b
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9b
2a00:1450:400f:1::6
2a01:4f8:d0a:2321::2
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:58c::1ec4
2a02:6b8::90
2a02:fa8:8806:13::1400
2a05:d018:cc3:fe04:9c2e:6bf6:2687:8d4a
2a05:d018:d29:3601:b946:ae1e:458e:a1ae
2a0b:4d07:101::1
3.122.124.148
3.214.189.170
3.33.220.150
3.71.149.231
34.149.20.76
34.194.44.187
34.200.129.91
34.234.182.209
34.242.46.191
34.95.81.168
34.96.105.8
34.98.64.218
35.153.26.180
35.157.123.207
35.177.10.97
35.178.224.52
35.186.193.173
35.204.158.49
35.208.249.213
35.214.248.253
35.227.252.103
35.244.174.68
35.244.193.51
37.157.4.29
37.252.171.53
46.228.174.117
46.4.108.81
50.31.142.31
51.75.86.98
52.16.22.123
52.17.117.51
52.210.15.1
52.222.139.14
52.51.172.254
52.54.55.244
52.57.96.192
54.147.45.225
54.164.192.255
54.171.91.135
54.205.105.111
54.221.54.135
54.235.147.92
54.84.92.154
63.251.232.170
64.176.200.183
67.202.105.22
69.166.1.35
69.173.144.137
69.173.144.138
69.173.144.139
76.223.111.18
77.245.57.72
8.18.47.7
82.145.213.8
84.200.5.215
85.114.159.118
88.198.250.30
88.99.219.174
92.123.148.9
94.23.99.218
00d40e6faa2cf9942af347c7e75fc8a210fb6b8ad58eea8331ddc9725bac8089
01bf2c70ce18e07a5e39be6cf7e3a42fe9e900e3b0be03bbb73bdaa52493f1e8
02a5cc3a6868bc434cbd795c40a62390170e2d90de0192d0500955248367512c
02c26ff321c94828180182782292a54d4a759e8d80d2cbfc26c848e457f9f8c0
037b4008bb5a63686a2e4b6f6c189eca2ae44bf5b0e2ab6a655d3f8e6d2a3f91
03c6afebf3990e09354b0c4da52ce1caf384cf9e71fef2dce2e8d4844c5c1f63
044c5de4225c0f5ba98e5f8807647433288741d51536bb8912f4efcd93581943
060fbf526e3ec076b173aad94d094b9aea624451db627707feaee92e8957e164
065764f29009a91c6f4f51bb16a03e3c60cd4e8ff3fd590758eefc9168dce459
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
08706c74de90df1ce5bc708310efc9f5326696f682ed3ade855a31c4cc740f0b
0900c662ad33498c556430f40a6fc6f8caa777aaf4b4595d50b43628a32e7a3d
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d4009bf860d48e03809cc4222ab13b8f26e085af42bcfb52f5c6048f018e9a0
0d8ee14cc36ccbf37184694e79690ec305a61efd0a3f1eea24a435249e5cf337
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dcef9c467b71658562934ddfb715ac04ceef9828b08557fbe27587fdabae82d
0e5966611a421d4d1a87ceefd5d5fa5ef1c09f2066e874c80966e9b1bf78ad85
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1042d1b60174a99afa3cbafdeec59701e6930ee129d5a837b7001538df09414d
10925cb81778999fd98ce70b35e3cc6737fc3aacdc4a2ef116b5d88094f9a91e
10a6620d72396cfc54a1fd985d1df59c9cfb81810fa29dfc133b1101e486cb0d
10ac09112012e045381757372ef1d4cb5496b2803df257f39a8356d597640185
10cbd972e721a009ded131c4fbd3810f96cac0ed69087e2c76e92dfb9b63137b
114382aadd4823ecdd9d5222666e01f30db0cfddbce92e79ba96085c5b80a6de
117c4a273c77027ecbee0889209f397df4906040156bf9e70dd18dc1f4e05c2d
11d9a735f024d54929c0e099af843e0990b36cfa925af316ca859e4904ffec54
11ef28ae2c4333ff566ee981ee4f56dffc89713a172401a7607d026098a460a4
129ff67f9a62a38c937c9d2193e82a64a37ce14b899a06041347a0c5afb77231
1306072c5be3ec24abe51ba81a6f817fb5d4dec53abc260b12be6687a7b9e2eb
13f078f2ac48452abbabfa5d92b4e795299047f08835ded453f9a3879804c79e
159576ef17c7b7419b2122f600ff450719d87640a9da1788c840ec9677b9b0d3
15f92a60ad265b03b074b3706b3fd70c2d22f61bf7014ac07217012987d80bf2
16b3f93c63e2c8821a9d09b157ec64ab286ccda5caebf76e425cee5302359420
1707861d2389186fa9eca6cba37e141ba51c462bc54b7aa56c740613dd670f39
1829ea59f9bfd959b687837863531f29f6b365ad2bf2b91d637e96af62e32a08
18dc3b8e3ab8d67ef2747ec80b86ab91825ffe4065c5e07c0e375c223a1a7672
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1995440b1a4a3a21bcff790321c341eb4baf51996e46fe2ef7770560c331f7b8
19ba43d2cab1457de7ee79245e116fd981719a8982bba209882b6d9b4297022f
19d62482763f933bd99789dfe6d5a3113bc58f1b86a6cf37b90759108e57bba6
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b579aaab35b78bb15a1265ca516443765ed2ea702660e029d664f58f747865b
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c99297ead50c1eefdc985eecffac20b6e36decf9ec41c95f22658960054ac15
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eab1e9dc54c9f5a117797d135197e3feda52aef3e8bf640d51da444f70a3611
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f990996678595bed949fdd4ed3d6d057871fb29a29b2bb012c9611ac6f46f0c
224eeaaad2ad5b35da30ecc19e9ae3beb1680e2421d5b1ca3aa07c0349c50580
2275f2d790ab43c7b5a2b3bb7354ea3824d28659a356a45218fce5c943d14994
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25d4908b6bd72e0d38f577ae482679f55a1044c0581de02a3ecd46c261ce8f25
25db3e6f4e3772b34480f4b512f426ee4e546465082096e5dbdccb28e1c3760d
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
286136383c86c2359ffd88cc99a219fe9904bae6c264cd9dd1db51332affb37c
2992433fee88fbb8599a2d255c54a25725a072e9ad9f1a97bb9e94e63111e78f
2bbc5bb2bdb47d048c3746e0e0e8633556b0e7c1f0702155f94ec13c8e007540
2dc56c92d4d62dcffbd2f5917ea91761f4621eefff0b592d3a5e7eae85462492
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e834d3e51e3a908c620e926703104f6abc317de1223330cc0f4640d8f41b973
2eb8051b5ff31e11944a5a3a7ef3cf40cb6e4af1660ba6109f2b9172b72ca546
30c5d1ffb7ea0e52523ea083054433d52b64bb5bc4ff91d0534a86e0fc21879d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f0c0fd6be20b69ec515407c001e98e017f1ce6dbac02c95969bf4896611488
3412a2565807edb825ea87dd8f5762e9f9058c9427749450bca6d1d167969be6
341ca27d168d2a7a86f0a120fbd1c401cdbc8af818f3d9326c54802d677540d5
34314f37d5552fd8af78d87100a3c05206ce31bfaa148263f58685b4cd963478
3581602f31606f43681762569c02996407d2d3b0407b54df838dcb37d18360ec
35b39726f7587564af59316bd8c4f1608155986708331b954face3c02cc4cd4c
35b3a364e4aed4da9fe3341818f62776837cb4ea7925bcb0faa174e5286d049a
36073e90289d2338b15fef8a8d16fc53f18f4b0601101314fb4aed80bdee6a3a
361a6ded9de36fc3544b65cf167bb7b1ec97287ac52a1e77410751b1940d72cd
36a763d7a3c715a28ca9299ba2ae4fb72b784be1cee5921d1736244e5c6a9ffc
378e6e02d1982fb9f0c18d4f707ea0fc6ec5de5c60681ec51a9f3f045b3327aa
37ecd79df4a5942831c0f0f3a019121c0272b8e828a79c53571db4074eca5a89
3839c9af234c82824b16c4e9e9349edb815a632bc24565bfb062bcd325e06a8a
383d05d0e04c268cbcebceec515358eee573a355b23054130878882c11a53ee9
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38e1082563ce01e43f5cdf5322aad3632a3c996f1be43ac14aee62dfcaf1d06c
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
390273f55a22c69e159c9295ab18803a2881c054b8cf136c3e8491236d6ce267
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c59ea6f17ddc286d0012122ef73e15fc4a0dc0f1f95e80848aabc70dbc1d962
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1
3db5644e2e36feace62de3ce7cb19b77dee4c84f77b1e55dd8b1b6304e141e7f
3e273b18d28e6f3cce0b8a7c47d4f2e5921416070205b5072a6a2a9746285562
3ef3af5395e01dcfc0ca6cc70f5c05c5be813e265280932b68532b38bb472a06
3efc3794018834e00311554c46ee0abe573bc94f56a8e727579eebeccf53274a
3f4628a448738c0d00c46c7aa18abcb42ded8fee014f500ab0bbd85d305b8409
3f6d4695680ae5087fb173bd76515520a99419fe00d2a0eeedb9a95d476679e5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cd24c50755e183f5ba41bebd68d1d610f59ca0911b9b226a8e925ff2537da4
40da3a40d250048c54cc046ab746867acaee3361ef7715297ca7d9f53e95c5c7
410ca934646966e1ba2a979f30398ff28330d7af5b31558e34f60230fd4984a0
4235f2b2616305f8205d70ce1df72c296941f70c0cbf950eced8ca39aad19ea3
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
4290bc6033d90f564d225d6cd3cbac79eeecefc981a85f542d4de22291412e5f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4459ff47c8f6edb3074f4d9def9632d14e53703a4d4e87c10297239db248dfb9
4486b2f96f28a91cf43922ae255e63e15ab0627d19c88e4dda60eefc309e54ff
44d593c062b69209eee9d245ef75a66079d2ce02ded4c7696dbe4100274915d7
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
465ab3353105cbbe7e7be43fd8b711dc7e140560d1b9752d03b5c2a8bf3f36f2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b4759408f47129cb0807e1ce7ae1508db6b4345c392228e8884a4d5d4e6d41
49399aee73ef45aa70590e5c8a0baea72474178e9960f5b713a2ae59dae3bae0
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6e7123c326a238f790aeb54a66d993b9ccc0636f980774e445cef5041f23ff
4b9a747aca274ce41e525c01ec7ada9d7ddadf32893c1fae85f87c5f1b64d241
4cd0f28dcdd3523887cacb5b04d889c6fed2c83afd72a1257be46e22b00974ec
4df5a35f682f9004ab2d9beff4ca6776660e83a3849b18d9d2690f736662d10d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f83688990a4fddb8ed6a45fd3292a82c4d63292933f0a97a910d205acd54d2e
4fea57052bc2887cd1b4afb58008d49c16ee05e99a89884e52d256480a8f74ba
502e4d213006f59b58ca876cf4fb6dfde75dce067779bcdcfc70152755316b15
5134352004b22224e842727050e5d496190383c64f261d0545e0bd614363ef2f
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
52c9b8e49066fdb909f3fb88e434c3b2af83ce296c1d386e1c88bebe8fed45b4
5351db0c71d4b459b2b3c0901e03b93e46a9ae8d1c1d93b6ed654b2a77f1ea8f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56068fc790f2362c82d9ef959a95f2dfa599ffb2a574a4db6906e0f6e16779c8
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58d26476aec0ccace1aa0e1495e51e86f3941480c791c1b8f812643400fb5797
58d78c5287e68d767ca2e2b85d695f706d132ea54d6082dd3155bf22001546d9
58ddcec9c22f8a479e205fabec0f1ceb30b7f83d1808da86b3df3e6ac36626e1
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5d1ac3346d389b6bda1b1a697527504a657829108dff22d5bdd45f3c49b2c86e
5d9e7bed557c9d31dc3003aa8588bcd00644d699713dab19721492cf79f61ded
5edb3c9a7dc0aae9b11856540f49376873d287e575119f94b79cabbcd4961bb4
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6181de2b8022002ffc27530fa936535d38d76538f96896aebce771f472419eae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6237da4207bd47c28982a90ba0d2cf1f73114cac6f04c7381bcbc482f0d1208e
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
66f1018a7105303fde2c29f27bf6ceccc6dd374a9b5ed67fd471140edf9f257f
68478016ead78848ff67baf34c06b51dc5a2e92bcedbbe1a5e28919a31c81c43
6893b6b06ec654eb5e16a5ad35c5122daad11c79d676abe642821f25c6de6217
69398434b52ee0a2a6df0d6e2e2ccb06aaeb994a77fe469614a6a560a10c9f4b
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6aa5e9c33e0af53e222a9508ba5a4673c16c5f7bf816448ac412a465a67fbc43
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be34532fabadfecc4bb68618c6b2a13221cedbba7cd7b56081e95bb5b99e932
6c813495c0b87e75e3775b59b1cc18553a686e478d9b07fccd876bfc0cbfcc82
6d1899e77771b42540e72ad632f30aa82770375240cd2394119b561b77a8a159
6e7579f68cef7ec5de407af0f69b3851d143c51db7a880b4797635789c1f4326
6e884c749f5e0c38499841d17b03c2098b64a960c786865033bbf44341ec403a
7010462b293ff3fb17b87cedfa800ee30d48616e9a6156d64acb9d406fae9477
733dd84a8b0dd02231807ac34d81392dae16116cdf0d6b8c9f5d576be32d65b5
74e40720ff16348074fee3b4aa944d2c6b9b1e6004887a5b3f94879a0d1d76d1
75e66458c2583e4fad39b4a058f6fe737714226ecc32ca522369e8e422783a7e
7629aa7b393210a518637f428ea3ff2aaefe25b5e51672e7087851ccdbff540e
76888dfb602f4431804f3c1ef42e7be737cc3139e6bb20a669b7f5b6987566ef
7717af407f8f8c1ff345dc4da70f0cb30559c5cca06c613bb012cbe2b4391745
777d0c7116ed8a00c3df311e419f62aa6d660e38ffcc575ea8611267ecc3582b
77a3358840fca77cfde10ebec4f635950ffe8cde786f08323654713af95967ca
77b2c55917f8171ddca83883c02abac21a44ec10c02a82dae05dd78a597b6a95
7828f08d633db531c49d43321fbb21485b3236f1271a1a753835599173ce8baa
782ae3c45aa5ebd473c579847871a349ffa32e30b6715a9c2e55a3409be1be12
7a53052cce00657c7ed8df28609c714076979bc4f3e05f01c602c2fbdc3494c6
7ae3e9d41fa0bf376770fc406a5f615320db3d36aa6bddbd57089f7766e0e848
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b7ee4b2a42e9b29aa88e3b16f6355a29cca9881a9e13b6a7da6a7b8ce0d2723
7cf940afbc739187db3bff801c1900bf3b89ca0c62c5c4fb27ac46a30839e33a
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
7e768bfc20221ad3f62b792e1f8ce03de71b077f90af479339bbc447c8292050
7e92feaab9ffb7b8fb8a50fd6a6e9fc38ab2264cc43a221ba6f228755e2b6780
7f808d0b5fbe31581c062f43ef03dbe93be86485253e5e6dec76bb2d26d20fcd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8025eb05db107166999cb2700637739ccd64a60cba54c455472cefdc9792b0f5
80cbdeda5fcc2d942c379724738f5db68cda40a4d0e7f8d037d23b93812e6aff
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
842ba25ae727ac08d632520bcab53319fe85d1b7d9bd08cd334fdec6f667c1ff
86e8b4db6ab5a08f086e7fd1e03c83a14ac4f75102fb1e680ff07b246d5417a2
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
885442d0769125b5f69806f7bc6f4576ee0baf20a4b47babe928d47ded2ea288
892e54b1b4120c7da83c702e2ed1663ae5f118c3062124edb155d4c3bda6e7fb
89dc1521fc57f1e58bc6f8adb107d42617b91d40b0131766a19323e1828aed80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8adcbc5768f396b58e0bef09417b88234f2f4421293fc16afe9d5ac5e5937d1e
8be76b28e2ac2553c07293f828a1d161f6f0a9441c5ad9ccc29879146563a49a
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8d28fbfa2cf05f31c4b6d087abb9f972cad20a54d4de425ff66745dc1c06a21c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e8f40fba90294f35a9ebd2a48287f2f39ee3114ad5230c2a510e6149bc093ff
9051b1b7822941564fed39f4a22c4b7f30bf50a893648863b77a25799b7e69fa
91d2a65d814d433d28ed773e3b6736cf062cf451bfc081275bc0c572ba1f5b58
9212d61bb00f01d460f73d3e9e1a2e1ea67f1baf8cca04eb0a6fe6a17be8bb3d
92585388247155e52dcd17c67560b69bae96afd11368b81597505add624a12bf
927d1ec16bbf300dec6c4e99c27497fe14bc1f8d9b270080e3df2d378703841c
9302d32f45cddde9ba74e49c49c27dd23297756ba4461caa737e299caf916b7b
93b26829df278e1cf5bf2329c36b799ab8123bcfacb4ff29cb5f7054071b12be
94776cf8ada4fa2b1ebb7ccd87b79364132fbfc07985d49ed6f32b99402c54be
947d0e45c7617df08c6fbaaa17e212521ccf61daca36882aaf0db0d6c1643c3e
94b9d697c749a8f9c2f3f5796ecef3518c86f01e78b0df461ae3fe7ccd00f769
955dab2cb207ac603c4cebf89bac482a703363938fb2a9b0771560f3a69f419f
96136c3248499a4c9b6b110aebfff3a85df00eaa09def5344ebc02c4147a946e
9613d13c8f837d194f87fa944f27b571cfeb899062ef8ca8ce0a341e5f5623a3
9665ce09123562483c9b7835e2dfc2022a8df2291351d3b9fddacdad50b00f8e
972f1081f1e1f79c72d077b85c5dc03c433452932ecbd02cf58ba3b9e5679777
97fb107f26dfa81080591d1afd85f1f5a9b681a91b98f22e65ad6b2111766fbe
98a19c6b89c231e6c2daa807f4e04b4101a6d5e43a29987995081fa7ba1dcaa7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9cd2a003e15ba9418fff5cea8670b9cde97284e405b253acf898b451070f2dca
9dc1fdf44d1c37bb37d5d89c6723654d53120e12e33d1ec8394710c5d9f71f19
9dca7502752e7c51927294f2c54ce7c5f1960cea02234501b0991810998619f2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1635a0d56fe15822fe03b93f45911993b03a058bacedf2bb6623d805ead0dfe
a2d042df368c8a6d0186948c8472eca3956fc2fd5702bf2dafd70f59fc6afcbb
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a4188684a07253ebb3c51be57be17d3f038ae83e60fb52554a617104e3fa2bc1
a7a61a7f661497d51a6189744389086d50274206a8c5ef6bad0347d885f5e6d0
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9d5cd7d213bae1c3abc537b94a8b86553d0e9b1ea43bc7239caf6e2fe65b1f6
a9dab75c3f483ccf49539a8153583a8600f35647814d61a44abafbb553277fd3
aa69e70b1259d8a63ed3f7d5f8cc67888fbe5653a606f66bb0a09e474dd5986f
aba69239d03d61a71bdf2e3adc50dfa26eff20db7f30c7d28985a122738d711b
ac076f7b2fab89da4739ffd489b371e41e320bb6056fe434eb0bfd3a9ae774b7
ae79475bd86d476111c3fec24b8614e1170bcc9ae8b54619397431189d0537f0
ae937f47356fba95064254ae48ecb89e3092228ba9c22fb20c4a143b2662d97a
af57e781b0b7e8ad700109f53f9888f2bbb42ab71471ca81ed2c37214dd46573
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b170f93a0f60699bb90efeeb218ef113e88a1025522c3a3d2e297f3540d895f1
b173f9a2c3edc6b91c982290cb74bbb983639565e3190ea30196e7b9af1f5062
b192ef9f1e7c42c68bcd0d0f93a2b381d4e42aa4b99f3afb8c3685a2addae13d
b21e1e2e96c871c92bdabb5020c620a1e2c0a48fe83fa8a3f78a1182008c738f
b3705dd6bfe251dcfcc6d5da2ef190f43115714216d8aa309d82747bb89c91e3
b38f84773591a756800a22a2053a8a0783312ddb6a374836a9cb627632e09dc8
b4a0bcd38b12dcd6243e1f4cebe666c1231448a99fcc5711d37368e0e1048f79
b533e55c1df8a26cf6508af7ba5e3517aaffbf3fe5c835ac71a94c0cb0f57db9
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b69b9c600973695ac5b6002a4880adfdac5c7c0a91b0ee35bfd8f56e6d217621
b7d822a35edd20eb93a085df69fec5741bc7675b181ce5092338b8a5ab77759b
b8fc8d53b041321fb8113450851e9404c715dd85c4a62bb43a82615f29cc7f04
b97c9886e48a43681eac73ef7dfb3f229dd764b66ede77c9b6b22ad77d09f023
ba97737c97baccd6d0e614fe93d9b895c3459ff09198dd756d9adee6d11251f0
bb3d769ccb3c88e3eba055d24cda03417de730a356f42abaa2d6012ba243c958
bde876fba9c9e880cd9238ce74a0049273fcba6859f31fd3bf9eaf379e5dc74d
be4e0938b5db4912fb5cad602ab950c4796be10c84c2c2b354c2f29cee3af245
be62c72f68cd3dfe90729c7da3ed0197cf18902cd8823949078d933cf0a0f5f0
bf451bca9f8d272d8a4a0a7bdabfe80a2b1b233a47f4ad8d8442f179d42ea667
bfb57accc979a5269134e59b4b2834d5104413d163d34cc62056e9a4f9c7d0b2
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
bff93a1b1d67f0f2f124a2287d6b5659c3eff1bded6ad667b521a3bf29ea1035
c048b30a853532e5832a291b139cb5f1450d7dc871492bf65f1effc3a16095f7
c06bd606297783eb77bb3d478c5181e55467d6496909397b3e997d224a1eb70e
c0edde6c94532251be267f77ae2ba56728d64393db1cb76f516f416866594574
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29157d46d14b0d6992d881b79541643a70ffd9a17ffb11beaf6b3c8c63dd467
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2f863fe1dfec2cb9320927458d4dcfc712fd2696cf223c2fab703f7803c777d
c30fcd154c07f44986b9e38794d7cb0aafc06d4f521e2eb29caf0fe5437752e9
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4e2225061ee113dedc17c2ffdcf5e703ccd51e685e9a245fa534e3d7e6dfd2d
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c663e6e1f6910c42a5b65b5ce5e0ce93c02e0eb7179ded8bfa91909a74b819ca
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f
c76424e4ddaa70b951475c72a21dea37eaca9a79cffd1dc7835a1b92707c5a7f
c81198aacea8024ddf3470180ec7666da5bc9dc0acd42d191187dec64f192464
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c87ec2f6623598f660e9a9050d6163eecdfcba392b3a8a5465792b0193e03156
c9373caaee3527dce23f40d59b6265d1a089c5fcff50b3937e99793df2493e63
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b146801b53debe2034b72afe1c9e399d065e8883003398f80357e1e471a6d3
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb5fbaaa8d84b52213e59dc0462870d01ce27a2a0f97232c385a1cd428342274
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f
cbd9d0b7c518865eef1fe625f015ef13c099ba3f0d39d380161b65bc9a9b3508
cc2ee4b95ff33cf425cd212695372db2792c77b21bcab38c6654d15d11477cfe
cc313b5efa1345772ed5374058a36525862c8657b926ab014f5a727eea3dd2f9
cd933a8639dbcf7b0b0b74c122713ac0e2122ef6dc94a2b9d52de39d24aa3d66
cdaf0f0a462ce8bd314cb87f35f4b8ffe9c407585855d2de86aec1e0f09f55cd
cdc88cf798b26fa0469b4e5a81f9078a2521b3545ae9dd35f5b3d3c6b08cbd3e
ce5b66598ec6944f4c2cd1be59786f1a8d40f16637caf6d5d26132c69d838216
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d072b667943b9c54be6e11105b09e7d31eeaa33dcd062e0de0b40fca4078eb7d
d0abe79546c356716a9716bf179b933c35e4dd4546703f5b9f76688dcf09226f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d18240e501d25b8b28ef89888026b95c3e17550fde4ffa8e04b41d60b1f0d55e
d2f9f1a7dcf1bfbaa1392e4062c771d10d8600d53a012d440c4e84665562a06c
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d819bbd2b1ba397240a7b2494be6a04280041871c384eb3d658f8ff76547fa0c
d95dd198c004fb63f532c90ea07c95c653f815fc23b568c6615d1d8742a0929f
d9b67ad9e1dd1bf6efe08ffb9f2696d679ddf316d6d6ff92b4a88716990b81c1
db1c21669f776d93a53e115618e13a3cf8284fea1611b0135c179adcaf2884fa
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df455ece5e4b902ed2ed68c72b81d6f1dea6e73fe3405077467ba2ad76d0f49d
e06ad7c734846b19c3abdf88407cc45defe96c471989155955f2b786a27dab0d
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1cff8c955310d168be94ef5a6d30914944cc12b7ca1a7a75b5420c01d7db7f0
e1e4e94f58cdee318c4ae78f4c3a257d77c2ae348e55eb3ec19503024b0ecd9c
e2debeaa65241546a47461f81845ccf9c9a4ad9c183f1fcba3dfdd6cf854fe84
e32a1b4082baf7a318078fcd9d30919dcc35bab1788bee14b9e02568ebbf108f
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a941ec5ffcce80f53cde03c772adb69681da813097f51490fa3ee2f3017852
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e3273fb1bb9e4f2dc1dd97a83476862b0b17b2d2dc319f1c741770029cb914
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e768aa75bd27d127c84b47f8df3f29dc75ca9322d84938690691ca04f7b07781
e77f1d4b33991300381ead8aab71bfd25cd14e46e418f221f672a9429b54dfb2
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e859bfaf4f7e3520e30e5665baa1f909e1a4e782aaba862fbf337bcd1c0883f8
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e883e20b63b7a8ec0708dee462e99e7380153f8bad2e52cd89ff42f3dd6d4cfc
e8d857a15cfce9ec117b65c540415b4d269a622bd3c6d3808e4464d77add78d1
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eae8becbf14b20a3f18f2851bc6da830f3b7f66f81c4ca2ca31e0a324db0515f
eb0c77a8b0488db4dcef92f68c561ce9484dd719273ab81f808bfe13e7da5593
eb260eed999dddaa089d2f974af1f96904aa0dac2be9cfd7b796d326a7e1e2ab
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed3005961bc732cc1c7a80f6841b00bd4c1a490859b082a535131545d6dec0dd
eefdd84514b034af275b32954bfad128174ee1ea1a5f773fd7868689782aeebe
ef0cc3219fd17498b4a8960f4f0a39063ba032bd80702f141e22121c97414b69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30d8d0faccdf22a943490b2905f228acb1dd835ac794aef00477298e0106483
f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f702a4eaf2402bc457468a8bf38b59db6523a163bc51a4e3dd9d67c5a38b99
f7159fe05362e4beea4b66b00a94a4c44cb5591de54606fc4d2b0821d494237c
f731df98edc9bd560477f16cf6a9a14207dbe8f835df58558e96b2ace938093f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7ec495a4de075056e338c3a75eadd063ee4a4e00225a9a3cfa655c3782d85a8
f9b24ed5e5fe821b5c78f3061ad73d4bcf182bc13559708f48f9c80c25935115
fb04cf9516c210f12b558b7d0320926d28cbe0bcaad97592496bb2ecd0864081
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fe8f8f8c37e0b0c7d8c228f2baf075bae1878355b19e27f2a17b0693f742ca0c
ff37c18dadaa98d22a3316f424752f3947bcd4c4b122a4cf7baee7a78bf389e7