rainostreams.com Open in urlscan Pro
2606:4700:3030::ac43:df24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Submission: On November 22 via manual (November 22nd 2022, 5:52:52 pm UTC) from IN — Scanned from DE

Summary HTTP 268 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 32 domains to perform 268 HTTP transactions. The main IP is 2606:4700:3030::ac43:df24, located in United States and belongs to CLOUDFLARENET, US. The main domain is rainostreams.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 24th 2022. Valid for: a year.

This is the only time rainostreams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	2606:4700:303... 2606:4700:3030::ac43:df24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::6815:307d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:595::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.45.229.205 52.45.229.205	14618 (AMAZON-AES) (AMAZON-AES)
20	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:cad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
2	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
1	3.209.15.252 3.209.15.252	14618 (AMAZON-AES) (AMAZON-AES)
6	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	164.92.99.145 164.92.99.145	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2	3.71.211.152 3.71.211.152	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	208.95.113.2 208.95.113.2	53334 (TUT-AS) (TUT-AS)
2 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:3800:1d:a62b:6a40:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
5 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	216.21.13.14 216.21.13.14	53334 (TUT-AS) (TUT-AS)
3	52.17.26.9 52.17.26.9	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
20	13.224.189.111 13.224.189.111	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1 2	52.17.139.148 52.17.139.148	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:1400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7782:a2ea:508a:9fe9:9064	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
268	53

55 2606:4700:3030::ac43:df24 (United States)

ASN13335 (CLOUDFLARENET, US)

rainostreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:307d (United States)

ASN13335 (CLOUDFLARENET, US)

bdnewszh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.antiadblocksystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.229.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-229-205.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cad1 (United States)

ASN13335 (CLOUDFLARENET, US)

streamsapi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.0.58 (Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

thaudray.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.15.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-15-252.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, RO)

xlnmx6h2mrf9.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, RO)
PTR: no-mans-land.m247.com

xlnmx6h2mrf9.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.92.99.145 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.raino.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.211.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-211-152.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.95.113.2 (United States)

ASN53334 (TUT-AS, US)

antiadblocksystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3800:1d:a62b:6a40:21 (United States)

ASN16509 (AMAZON-02, US)

d3cod80thn7qnd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.hdhtthluiemgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.14 (United States)

ASN53334 (TUT-AS, US)

hdhtthluiemgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.26.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-26-9.eu-west-1.compute.amazonaws.com

trc.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anz.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.224.189.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-111.fra2.r.cloudfront.net

cdn.audiencemanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.139.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:1400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:a2ea:508a:9fe9:9064 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	436 KB
55	rainostreams.com rainostreams.com	225 KB
34	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 ad.doubleclick.net — Cisco Umbrella Rank: 173	496 KB
23	audiencemanager.de trc.audiencemanager.de — Cisco Umbrella Rank: 59955 cdn.audiencemanager.de — Cisco Umbrella Rank: 87918 anz.audiencemanager.de — Cisco Umbrella Rank: 58918	246 KB
14	adsco.re c.adsco.re — Cisco Umbrella Rank: 26492 6.adsco.re — Cisco Umbrella Rank: 27838 4.adsco.re — Cisco Umbrella Rank: 30662 xlnmx6h2mrf9.l4.adsco.re Failed xlnmx6h2mrf9.n4.adsco.re xlnmx6h2mrf9.s4.adsco.re adsco.re — Cisco Umbrella Rank: 18179	81 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 605 static.adsafeprotected.com — Cisco Umbrella Rank: 546 dt.adsafeprotected.com — Cisco Umbrella Rank: 518	98 KB
8	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	110 KB
7	aniview.com tg1.aniview.com — Cisco Umbrella Rank: 8543 player.aniview.com — Cisco Umbrella Rank: 1843 track1.aniview.com — Cisco Umbrella Rank: 1829 go1.aniview.com — Cisco Umbrella Rank: 4904	131 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	236 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	3 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	histats.com s10.histats.com — Cisco Umbrella Rank: 20116 s4.histats.com — Cisco Umbrella Rank: 16730	9 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	178 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	119 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2536	409 B
3	antiadblocksystems.com www.antiadblocksystems.com — Cisco Umbrella Rank: 356844 antiadblocksystems.com — Cisco Umbrella Rank: 255364	9 KB
3	bdnewszh.com bdnewszh.com	27 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1226	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 407	418 B
2	hdhtthluiemgr.com www.hdhtthluiemgr.com hdhtthluiemgr.com	10 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 281	291 B
2	thaudray.com thaudray.com — Cisco Umbrella Rank: 77966	24 KB
1	cloudfront.net d3cod80thn7qnd.cloudfront.net	10 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 881	170 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1729	414 B
1	raino.xyz cdn.raino.xyz	79 B
1	streamsapi.xyz streamsapi.xyz	1 KB
1	hooliganmedia.com cdn.hooliganmedia.com — Cisco Umbrella Rank: 347399	191 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	75 KB
268	32

	Domain	Requested by
55	rainostreams.com	rainostreams.com
43	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com rainostreams.com 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com googleads.g.doubleclick.net
20	cdn.audiencemanager.de	trc.audiencemanager.de cdn.audiencemanager.de 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
19	securepubads.g.doubleclick.net	cdn.hooliganmedia.com securepubads.g.doubleclick.net rainostreams.com 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
19	pagead2.googlesyndication.com	rainostreams.com securepubads.g.doubleclick.net tpc.googlesyndication.com 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com www.googletagservices.com
7	dt.adsafeprotected.com
7	googleads.g.doubleclick.net	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com rainostreams.com
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	rainostreams.com 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	rainostreams.com 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
4	cdn.jsdelivr.net	bdnewszh.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com cdn.audiencemanager.de
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	s0.2mdn.net	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.audiencemanager.de
3	fonts.googleapis.com	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com rainostreams.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	adsco.re	c.adsco.re
3	4.adsco.re	c.adsco.re
3	6.adsco.re	c.adsco.re
3	c.adsco.re	www.antiadblocksystems.com c.adsco.re
3	track1.aniview.com	player.aniview.com
3	region1.google-analytics.com	www.googletagmanager.com
3	bdnewszh.com	rainostreams.com bdnewszh.com
2	pixel.adsafeprotected.com	1 redirects cdn.audiencemanager.de
2	ad.doubleclick.net	1 redirects 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
2	anz.audiencemanager.de	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com rainostreams.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	antiadblocksystems.com	www.antiadblocksystems.com d3cod80thn7qnd.cloudfront.net
2	x.bidswitch.net
2	thaudray.com	rainostreams.com
2	s4.histats.com	s10.histats.com
2	player.aniview.com	tg1.aniview.com player.aniview.com
2	s10.histats.com	rainostreams.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn3.gstatic.com	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
1	trc.audiencemanager.de	324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
1	hdhtthluiemgr.com	www.hdhtthluiemgr.com
1	www.hdhtthluiemgr.com	bdnewszh.com
1	d3cod80thn7qnd.cloudfront.net	bdnewszh.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	prebid.a-mo.net	cdn.hooliganmedia.com
1	t.adx.opera.com	player.aniview.com
1	cdn.raino.xyz	cdn.jsdelivr.net
1	xlnmx6h2mrf9.s4.adsco.re	c.adsco.re
1	xlnmx6h2mrf9.n4.adsco.re	c.adsco.re
1	go1.aniview.com	player.aniview.com
1	streamsapi.xyz	rainostreams.com
1	www.antiadblocksystems.com	bdnewszh.com
1	cdn.hooliganmedia.com	rainostreams.com
1	www.googletagmanager.com	rainostreams.com
1	tg1.aniview.com	rainostreams.com
0	xlnmx6h2mrf9.l4.adsco.re Failed	c.adsco.re
268	58

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-24` - `2023-04-23`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
hooliganmedia.com E1	`2022-10-30` - `2023-01-28`	3 months	crt.sh
1431218181.rsc.cdn77.org R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
histats.com R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.streamsapi.xyz E1	`2022-11-13` - `2023-02-11`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2022-09-16` - `2023-09-29`	a year	crt.sh
thaudray.com R3	`2022-10-13` - `2023-01-11`	3 months	crt.sh
*.n4.adsco.re R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
cdn.raino.xyz R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
antiadblocksystems.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-18` - `2023-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
1523317902.rsc.cdn77.org R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
hdhtthluiemgr.com R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
*.audiencemanager.de Go Daddy Secure Certificate Authority - G2	`2022-08-14` - `2023-09-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Frame ID: F211DDB3FE294BDFF7A23C89B267E2FB
Requests: 97 HTTP requests in this frame

Frame: https://bdnewszh.com/embed/mlb/tigers.php
Frame ID: A3F1115DFA2E5B26FF161D1328A5BDE8
Requests: 29 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ff437ef5d97dc2827287c21
Frame ID: 5CE73FBBF13B7296F8176BF965B93A5A
Requests: 2 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 30259F785FEEA89E1CBFA961A2065644
Requests: 6 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1669139563024-949002043196-006153-006-006473%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Frame ID: D2F5B1CAD446E818991F09C1DA02FECE
Requests: 1 HTTP requests in this frame

Frame: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3914A31D1F81D03BCEDF75FC0FEB92C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 547980EFB1B86BB4EF5FD435DD0C5527
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D183313929047D1AC25538D845E15D6A
Requests: 2 HTTP requests in this frame

Frame: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72A036621EE1F578A02F5B86FA21D49E
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 281617262E7B1FC02F5AA0F65F566023
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0D5CF759272242E0EF4C6911CEF0ED5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: B8DFCAEC0291EF6A55E1D004777F5C8B
Requests: 1 HTTP requests in this frame

Frame: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34C24F42FD31E9B92A7B8E6933D10F2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-rURCLgdsBGPzBw9cBMAE&v=APEucNWglRH77QzFoQDNvAaGvTcgHXZqBJ-W4D5rH4jkWmTiMc8yRCHmD4NVI0t3joNd0B9aYJIja9NHsjVhnbhmorw3cys3tfQpprNYJ6O4x0D_PW5SZ6IW8MWF0rKNS9ocas_NYCNeDClOdKkXuhPsDHTq9YkO7xfoMG0qOp_1YejK1jyBNiWBSq2pen222k12nE26EcPE
Frame ID: 7EEB579ED201051AB21806B53ACB56B0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Frame ID: A8D636A4D3B95F2E8182CC1EE46A2C40
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5DD3F93150E816449C78F85A017F7006
Requests: 3 HTTP requests in this frame

Frame: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 507E7E1DC981B794BCBE70F0784E98F3
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html
Frame ID: 06D23CB46BCCDD382E88A2B3B3E93FB8
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AC9C4ECD648A704E19DCBC2649A04C06
Requests: 2 HTTP requests in this frame

Frame: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 754714933B3719ED55C7C035774C5A14
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBjzjI_YATAB&v=APEucNVsiw7mX9BjJ_zbWFph3W_ozWIVeeQ4cgODbo3nr-xEL3ZDDJlDHE81kIGxH8XGsIFN652dhKPUSbEbn4XGJQekbZzkQ7zNXKzd0D4HHOjMs9oGYwLaVJWwdyyAhtag5BHfh4gi0pdXeXemoIUZk1TKK_sV0Wxm2HQ75bL7YOvy3jmAZGD-HTX8hbaqQcj-eqAy5wQ2
Frame ID: 03189221C36391DD3358BB6AF3795FDF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0F09B7E47203865179AD6ACD6530A62
Requests: 3 HTTP requests in this frame

Frame: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Frame ID: 096E36EA5ABCE7B7D7BE4FC4A31E29FB
Requests: 31 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5CACFEA92B190B9F2B7ED24FEDB0C14F
Requests: 1 HTTP requests in this frame

Frame: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED5F7C5953E1DF2E82319D5D8B643813
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: C145232CAFE0516206CB2EAD0D57DE30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

⚾️ tigers vs sox Live Stream Free

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

268
Requests

96 %
HTTPS

54 %
IPv6

32
Domains

58
Subdomains

53
IPs

9
Countries

2721 kB
Transfer

6448 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y30MbULh1TK0lV41KqhcaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECj6sCCEsMiucmNI_QQ7srQ&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNzU5MjgwOTM4NTMzMDc3NQ%3D%3D

Request Chain 197

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFapgRDG70wQy4Lt-cLbo&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFdGdoyuOtEdJC_bbUpCv7M&google_cver=1

Request Chain 217

https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CPPx1betwvsCFQzcEQgdIe8JWQ;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 242

https://pixel.adsafeprotected.com/rfw/st/1180045/66149901/skeleton.js?adsafe_url=https%3A%2F%2Frainostreams.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fcdn.audiencemanager.de%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcdn.audiencemanager.de%2FhtmlBanners%2F635a82f51297af31796878f8%2Findex.html%3FclickTag%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%253Fsa%253DL%2526ai%253DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%2526sig%253DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%2526client%253Dca-pub-8473763341054993%2526dbm_c%253DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%2526cry%253D1%2526dbm_d%253DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%2526adurl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D63468d106d216e35f43d8a6b%252526adId%25253De24dc6637d0c6ea9bdf8202323537158829457%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253De24dc6637d0c6ea9bdf8202323537158829457%252526curl%25253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%252526ntuId%25253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%252526cb%25253D1669146351%252526redirectUrl%25253D&adsafe_type=d&adsafe_jsinfo=,id:3ef1c233-5598-7d5a-a1eb-bdfc5859ba25,c:uIGTy6,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-kv8cf,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:96,mot:0,app:0,maw:0,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:115,oid:7927b968-6a8e-11ed-9149-8a78fb11d39c,v:19.8.366,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

268 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rainostreams.com/mlb/tigers/ 28 KB
6 KB 189ms
163ms Document
text/html 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef52ba13a0b2e17f650f3359a65248b3c07da984654eda0c649c1fd5cce42fa5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 76e385388c325c3e-FRA
content-encoding: br
content-type: text/html
date: Tue, 22 Nov 2022 17:52:42 GMT
last-modified: Wed, 09 Nov 2022 14:42:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrJIAc8w1%2FdgpMAI3zVSrXPoaW0HvHLU3iHSEH9ZIvbmTQ8xUFs1qPG2mFZNLy6WxV94uWLvYqxa5jgkjOwI3xsxdbsT1zN5jazBwOjJRER5q7Er8kM2C6dxVN6OcYTyQKyP5EDinrUwyPaZa070"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 407369f61147b82bc00c.css
rainostreams.com/_next/static/css/ 20 KB
5 KB 27ms
23ms Stylesheet
text/css 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/css/407369f61147b82bc00c.css
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5732b99e4d9737db919a918eea7a8b464e8e6bc84d3e420d0103ae57a8bbafc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6401
etag: W/"636bbc54-5137"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx%2FFScjR6%2F%2B1W5i18U4nJYEoN8g2JkU8TeAGSQ31vzltgar0xLWlX5uFScMzu1sd1L6EDoPa1E6fdDv%2Ff5FDvCKr69KjmDUPhZqstM6tMveWAozvo4qxBog3tjZEfe4BR06VPGNWjkH%2FQdvpKS%2BZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae515c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 webpack-50bee04d1dc61f8adf5b.js Show response
rainostreams.com/_next/static/chunks/ 2 KB
1 KB 30ms
27ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/webpack-50bee04d1dc61f8adf5b.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6385
etag: W/"636bbc56-603"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hd0L6jtY%2BJG5fEhBUdyFhkUhDAhpoL3sXGGiDHbw9MdNEGxRdb%2FE9vm471DPH2tk6nYy8wVbBb4yYPBwCek8fdxm%2FK9pIc6A9efeUKbz%2Bxwi1l7BqBfGiJbWDeHHACfA8u9lcb%2B8hcQRzUaiNdi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae535c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 framework.900ff9a55f86e5377e8c.js Show response
rainostreams.com/_next/static/chunks/ 128 KB
42 KB 32ms
29ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/framework.900ff9a55f86e5377e8c.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f4b493ab642902cb73337e0450fab94e7de01d8b69270f0526886a71260773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6264
etag: W/"636bbc54-20005"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Eg9dCJEhRfvowRbkTxJHYwyZYXLaBo2tnft2fr8hjWsNENaKCc20QAXm68sHhdX%2FPjYsihGb1n7xGYSKybIZEoJvCF3VsqtcgDfSXXu1n4CYNjQTXtQiuRruHweGwHilHKGpFWiPtCfNYOwrT5r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae565c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js Show response
rainostreams.com/_next/static/chunks/ 40 KB
14 KB 36ms
33ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da7053046954cb9056a737ae65c513c516d6947360c1181b82ce438a1b36090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3071
etag: W/"636bbc54-9fe8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG0DbVALC97NrkX8mzHdEgX1YOGS%2B%2B6lQKCIP5kZSvpbc%2FjFawvxgyd3QILNakA%2BSqMhUMvxFUESrQfnWWponJ%2B0OHQZt9iU2If2ZWyPE02fY70Y%2F0Wa2Qvt%2FohF2GWH4l39jwLAM1ByhW%2FhbEzG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae585c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main-b98990983f8c9e8ed959.js Show response
rainostreams.com/_next/static/chunks/ 19 KB
7 KB 127ms
124ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/main-b98990983f8c9e8ed959.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37dfe336865f73935d232c8272177a32176400143be24ee73e012eb51c5cdd4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5927
etag: W/"636bbc54-4c98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1iEt8TxmiKtue9%2FWIeX0CMDBrw9RchfmPw1eGaJd5c0%2BsnyuWrMVqoMAvbtXUOi6mDWLy2X4J0sLcaNsoB4xgK5rMNNYq%2FFMvOE7eaTdFK2%2Ba5HbJt1mFW%2F%2Bc23d1cAVLIgKRFq%2BXOyTgv1xAb7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae5c5c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 _app-db3e0e4e430e01c5f390.js Show response
rainostreams.com/_next/static/chunks/pages/ 2 KB
1 KB 35ms
33ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/_app-db3e0e4e430e01c5f390.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce5c4516b82051d10996eaf5671d3aa8ccd9271c87e072c42768abd0a339602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4020
etag: W/"636bbc54-804"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4dq7auzQSULtXqqUzfnji05VlpL80KjbHFdrxL0B0OXbf%2BYAF%2FjqKPCjN10a5Slb03mIKqtd6BLPJlPC8toaFroo4tYC5wifSHFzftGKoGruUclRS4QMN18ua759RgUfC2zpNLCAuaAxanqB5NA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae5e5c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cb1608f2.1f2877367b226ce0f935.js Show response
rainostreams.com/_next/static/chunks/ 6 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/cb1608f2.1f2877367b226ce0f935.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75aff0bc58d648c24c3816edce9d779ed6028e91d35fa2daa529308c310fa518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2822
etag: W/"636bbc54-183e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FLyk0gdFiel6hPARcd%2BJ1qVJNy5qMrY%2FJaPK3g2Y6aaLkAEwsrJqQDDP8TkAgYj8U75XFasslZNXspMN7HGCz4kpv1kFtqJsegvQxpMA1tGr78e1mS90QrtIBPlaA4sySlRRqqG2PjmuH2Xiaui"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae5f5c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 777414f77fe87cf54741c341ffe9859508132a94.1363e735017567e6840f.js Show response
rainostreams.com/_next/static/chunks/ 41 KB
13 KB 26ms
25ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/777414f77fe87cf54741c341ffe9859508132a94.1363e735017567e6840f.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 195e5ade6c4acc4f914b090e71262abb4e13047a1edfc157450c9f50fa3a467a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5953
etag: W/"636bbc56-a489"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oO8bI3aDOTpzX8%2Fl1cvZpOUmVefW7VX0NM66DstbvP9N11ICjWyiP8U8IWCdOKd3%2B9To46Hulu%2FILS%2BG%2Bs%2BbN9QEZMQr50LGqVONfrmzO76Wg5AXupinSK%2FWldya7q3LUlM2CXShWaEeKRr7h9uD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae615c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 0b7ab689222455aa898694fa033059e32dac2874.6c19f992c5d50d998878.js Show response
rainostreams.com/_next/static/chunks/ 13 KB
5 KB 28ms
26ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/0b7ab689222455aa898694fa033059e32dac2874.6c19f992c5d50d998878.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1dd5d6515b2dcf760bfa31c84e519c0fd8875b7e2c2cd476dcfe00055c2a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2123
etag: W/"636bbc54-322c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9VFaG76lNvmGugcDpT7UQ3DT9ceZ48GAUFY%2Fy78YjCV8S196vyLxXerO1rutQyjfKu1wEIwtYqBz1jdpj%2FYGF3YU2%2F4HCOgY4eGWbBKQUJcDk2rIFYRq9AXIPs2n5tphM%2F6PokKq4oVOF9j9vC5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae625c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 %5Bteam%5D-2330b94476e3cbab9878.js Show response
rainostreams.com/_next/static/chunks/pages/mlb/ 5 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/mlb/%5Bteam%5D-2330b94476e3cbab9878.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eafcdcbf3556ea41a777041a615e1cd74163ede500baac21429cbb22a560abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 112
etag: W/"636bbc56-15d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=908VqdNUVZTm4lOb%2F34SUQj6ExVi3ZM51T6MnJrXeyZ7xFCsmuF0UOs5mA5VIA1XDCTU9HkxzjWWDUkl2VphW3GieLORBC7SLiuKFygjRZttyDtyUiPfRsjVgy4BcpugdBJcnxT%2FdkzZjJl4yhga"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ae6b5c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Nov 2022 12:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b68ca-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1No2TTj38Uptn6LnB3WNOhIISdz17p%2BuRVH5OUwLBTF%2B4DyCiI4w%2BVClMlKfWqshN9%2FOuCQp%2B0vfboxTz%2BFcDYEOpXekDwmsuvKDh3wCfffVs7Bb%2BDAP%2BARVF8mUSFqai9lETRXWEnXZ10WNvaM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 76e38539be7b5c3e-FRA
expires: Thu, 24 Nov 2022 17:52:42 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 261454a5fa73bfeae325e7aa56d217f0f7e0a073d9033818c39e594e6deeac3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tigers.php Show response
bdnewszh.com/embed/mlb/ Frame A3F1 64 KB
22 KB 156ms
135ms Document
text/html 2606:4700:3033::6815:307d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bdnewszh.com/embed/mlb/tigers.php
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:307d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4000a78b079142c2f901d85c5e6792cb9cd61d6407c9da5391bc0794a4f94d

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 76e38539e84d9143-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Nov 2022 17:52:42 GMT
last-modified: Tue, 22 Nov 2022 17:52:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdfKGqbxjXHbFd3188%2Fdiph%2FB%2BVnoA5ELLeKphnF2YYz2XSapHsH5A6KuSf7SKrsaXFuGaVrylZ4IUcSMIEUj57rcKwoWf7HqpHhVPAYgDBd%2FhBT5mQpqhlmSqJtXez0xZD5JAELd4%2BOhl0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 _ssgManifest.js Show response
rainostreams.com/_next/static/0fjQcY6Zk4Jc9GMvM9mue/ 282 B
590 B 25ms
25ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/0fjQcY6Zk4Jc9GMvM9mue/_ssgManifest.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb549244cac4f8a1fc7689328d89b49dbdd025d978c87b8b620a415380989b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 235
etag: W/"636bbc66-11a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEtIsSK3LEXP39DmgZNQgXA8zyPloB8wIH%2Br0zJJGa9SpdjLAfD017WJhajFqfFWOg4TbVnIkrUdJe52jSKVupXLdB4kffeN2H2NzifqNtgRv7pkM4fJYULHwsE4koorXPq2rJbceUiJu6J2i6d9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ecb00109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _buildManifest.js Show response
rainostreams.com/_next/static/0fjQcY6Zk4Jc9GMvM9mue/ 4 KB
2 KB 23ms
23ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/0fjQcY6Zk4Jc9GMvM9mue/_buildManifest.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f91acb1d04a82e6ae2f101159da2e8d8f2bf28e858b8a27888eded1bdd5bf6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5749
etag: W/"636bbc56-1011"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Bu6MK1ImR3uER5KNVrdIPofHacWmoSdvB5Lg27TDQoTQU7gz0HVz1Qf%2F3bQm93%2BS1BCIM%2FrEBe2ZeNienGlGu7w0TF94aVwEg5aGC0jTmYxVznKNQ0oXDXYGDGWuZnX3lisx9j1MWEQ%2ByJVPhqy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e38539ecb10109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK spt Show response
tg1.aniview.com/api/adserver/ 16 KB
5 KB 41ms
24ms Script
text/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a0bbc5296c634ce32fb898&AV_PUBLISHERID=5ff437ef5d97dc2827287c21
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc6a9220391407699acfe5c37d59d7062d377f0a808c0a79ca0b6c5d0e1a8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 4850
Expires: Tue, 22 Nov 2022 17:57:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 94ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-408PMRYSHK

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2feb04419db4a554a9084fb048b6be04131fa633c91685b8ceb7e2a72b171386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 17:52:42 GMT

GET
H2 200 hmads0.js Show response
cdn.hooliganmedia.com/ 191 KB
191 KB 1044ms
836ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/hmads0.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2b6e18132b3e4c063dadb4994dc4bd9821d761b1123bf55bf1875b737f7787b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 04 Oct 2022 20:24:23 GMT
x-amz-request-id: tx0000000000001ab74e78b-00637cff1f-3f19a6f7-nyc3c
etag: "397ce81c9f3b983cff524d2c0a2366c6"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669139562.dop005.fr8.t,1669139562.cds103.fr8.hn,1669139562.cds148.fr8.c
content-type: text/javascript
cache-control: max-age=197
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 195378

GET
H3 200 rocket-loader.min.js Show response
bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame A3F1 12 KB
4 KB 56ms
19ms Script
application/javascript 2606:4700:3033::6815:307d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bdnewszh.com
URL: https://bdnewszh.com/embed/mlb/tigers.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:307d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/embed/mlb/tigers.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Nov 2022 12:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b68ca-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0IngLHFFGCvvNrS6cgIE9FGeovM%2B%2F1qpALEbxwf4qoJGvpskXruCXCwTrpYr2lKzDrT5yUzR1DobCpxzkbie1gK7qDJcOOW8Iz%2FMHI5Aj0Clf0r5dtWaOBU9eNOfdBuSxbgH3AQfAypEoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 76e3853b08629a24-FRA
expires: Thu, 24 Nov 2022 17:52:42 GMT

GET
H2 200 onsenui.min.js Show response
www.antiadblocksystems.com/ Frame A3F1 30 KB
9 KB 41ms
13ms Script
application/x-javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.antiadblocksystems.com/onsenui.min.js
Requested by: Host: bdnewszh.com
URL: https://bdnewszh.com/embed/mlb/tigers.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 05dfa4b617b6ac959e29e146c6789206c90e38bc368fea39a4d7b55bffb948ff

Request headers

Referer: https://bdnewszh.com/
Origin: https://bdnewszh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
x-cache: HIT
x-77-cache: HIT
x-age: 425182
alt-svc: quic="195.181.174.5:443"; ma=2592000; v="44,43,39"
x-77-nzt: AcO1rgUsM1v/3nwGAA
x-accel-expires: @1669319180
server: CDN77-Turbo
x-77-nzt-ray: 25b02131772b772f6a0c7d639123f52a
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://antiadblocksystems.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Thu, 24 Nov 2022 19:46:20 GMT

HEAD
H3 403 tigers.php Show response
bdnewszh.com/embed/mlb/ Frame A3F1 0
539 B 27ms
27ms XHR
text/html 2606:4700:3033::6815:307d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bdnewszh.com/embed/mlb/tigers.php

Requested by

Host: bdnewszh.com
URL: https://bdnewszh.com/embed/mlb/tigers.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:307d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/embed/mlb/tigers.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyIJiGcM6mqHafFbV8gUWnFA7IlMT1wOec581z7YxlV3%2BBHQdfkzsa7hazYQKGrT3a9mO2KWC615IolXysqhym17gP4VxisdvO2j5ePVnml4hmUl3fn1nJDPfQi%2FSy4pMfaH10cz5hMA7t8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 76e3853b18729a24-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 clappr-plugin.min.js Show response
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame A3F1 3 KB
2 KB 47ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js

Requested by

Host: bdnewszh.com
URL: https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37528
x-jsd-version: 1.20.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-iad-kiad7000106-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"bc2-Zh9Ejh+gezJ0K1G3K4HjkkcIvTg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn7DYXH%2BglsIr7uvKInfJJ%2BMngRXW0j71iiJqLvYuGvb6es2g%2F4NoXyRwXfLWFBttFfytjUbcJ2fLLvp8MkeY7hkHdHs3dBx%2FAHSXumhz8hKW684v79MKhrEqD1%2B89Mx4%2B4%2Fyeu8mNxZZpNzTiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76e3853b4b2d9293-FRA

GET
H2 200 hlsjs-p2p-engine.min.js Show response
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ Frame A3F1 176 KB
47 KB 52ms
34ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js

Requested by

Host: bdnewszh.com
URL: https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b6962d7e56092a0460ebe058e3484060286fe16d7f873e0817f511ae70a757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8525
x-jsd-version: 1.20.10
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-yyz4524-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2c0fb-ruOSsSubyzmt5zoQXaHqxXBy6Wo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aitmVGa1jie%2F9zLCGpLpkJbjNk%2FQD%2FFR0U0SKM%2FZNqIydfZboG74Ecn2GiRs7D2BSD6Mjgq%2FKEL%2BW3vlgyH7MsbU%2FaD7KOe3XtbDeLUtSxScHCcYlYBi8sWOFR%2BKltPUnqeNzHzloOYVSFasRW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76e3853b4b3e9293-FRA

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/clappr.level-selector/latest/ Frame A3F1 9 KB
3 KB 48ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

Requested by

Host: bdnewszh.com
URL: https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21285043
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19181-FRA
server: cloudflare
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQuwDkTF0Ne1MvfqOLcB8fayFzJqnqUV4rl%2FZfvrp9ONNx2u00VaVns6BQCO9k7cUjGDso%2B9WKBU4STId3994ynVfuKmepgZWhek09tqBUTeLNqmwn0MLxQ2LPtoiJS0AOhAOI%2BDbnSWAnluiGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76e3853b4b359293-FRA

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ Frame A3F1 517 KB
126 KB 57ms
40ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: bdnewszh.com
URL: https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13355753
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-iad-kiad7000140-IAD
server: cloudflare
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgMfm4hpOlNGXJb%2Fu5Q3GaUB8WUq8q62eTuLSe17yjbIFY71SYFKwROn6xFlZh9dgZ3pv%2FwL9SLfFsAM6S51LXBWBYnYagTnrkpIEDWqeFBnfoVz2Jal4PqcrfLafA3wwGfloVsJkRvtM0OPYD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76e3853b4b419293-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 50ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-408PMRYSHK&gtm=2oeb90&_p=1889171401&cid=1746738535.1669139563&ul=en-us&sr=1600x1200&_s=1&sid=1669139562&sct=1&seg=0&dl=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&dt=%E2%9A%BE%EF%B8%8F%20Detroit%20Tigers%20Live%20Stream%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_path=%2Fmlb%2Ftigers%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-408PMRYSHK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 58ms
17ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:45:57 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 349405530

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 35ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-408PMRYSHK&gtm=2oeb90&_p=1889171401&cid=1746738535.1669139563&ul=en-us&sr=1600x1200&_s=2&sid=1669139562&sct=1&seg=1&dl=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&dt=%E2%9A%BE%EF%B8%8F%20Detroit%20Tigers%20Live%20Stream%20Free&en=page_view&_ee=1&ep.page_path=%2Fmlb%2Ftigers%2F&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-408PMRYSHK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 28ms
8ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a0bbc5296c634ce32fb898&AV_PUBLISHERID=5ff437ef5d97dc2827287c21
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9773cc0ff4f8a98729d9a2292b70da60cf02ba794b2f11e347a11e3ea5ebf113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvOTUBf1qEiS-neeh3Br-IjH3VB3ECKBKJNm9ikhWT-X5c0Phtve_xARlWkN1zs6BkQ5bDi31fnDODWLZYaXf-xcw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9914
last-modified: Sun, 13 Nov 2022 08:40:26 GMT
server: UploadServer
etag: "a106fe1c9bc4bb6e8d544cd0347cea3e"
vary: Accept-Encoding
x-goog-generation: 1668328825884380
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=rD04bQ==, md5=oQb+HJvEu26NVEzQNHzqPg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 9914
accept-ranges: bytes
expires: Tue, 22 Nov 2022 18:02:42 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 304ms
97ms Image
text/plain 52.45.229.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5ff437ef5d97dc2827287c21&cid=62a0ba0864bb4a4b86251dd1&cb=1669139562805&r=rainostreams.com&stagid=62a0bbc5296c634ce32fb898&stplid=62a0bb6c8b86fe2812377b77&d35=&d65=IntentIQ&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.229.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-229-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 103ms
66ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/0b7ab689222455aa898694fa033059e32dac2874.6c19f992c5d50d998878.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49224
x-xss-protection: 0
server: cafe
etag: 7788482681363653094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Nov 2022 17:52:42 GMT

GET
H2 200 team.json Show response
streamsapi.xyz/ 3 KB
1 KB 199ms
152ms Fetch
application/json 2606:4700:3034::ac43:cad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamsapi.xyz/team.json
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/pages/mlb/%5Bteam%5D-2330b94476e3cbab9878.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4e2c186a3ead07c214315007229b256aeead14181ac6ea0bdc511bcd6eba3b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Oct 2022 13:04:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"ba0-1841eb1af00"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gdf2wBTIXrMosxJcBX9rRC9%2BkPf%2F8XSQy6%2FUqwdUlaf7nJVCShEX1CXoscF4aF5AwsAoMw5hXcph8kzgxFYCeo8sWoys26bL2lFyerKHxdNM1uFqYDa8uDgjFR88uz0k3xylTruLCGTjSznJJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: public, max-age=0
cf-ray: 76e3853c0942c214-VIE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
c.adsco.re/ Frame A3F1 71 KB
25 KB 77ms
53ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/onsenui.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f424d8596ea0d134a7cc165c534ef729ab5ade76b7d2d4b22a3f5095d9cc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server: cloudflare
age: 264813
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 76e3853bfeb25bf1-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Dec 2022 17:52:42 GMT

GET
H3 200 cb1608f2.1f2877367b226ce0f935.js
rainostreams.com/_next/static/chunks/ 0
3 KB 53ms
51ms Other
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/cb1608f2.1f2877367b226ce0f935.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5750
etag: W/"636bbc54-183e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFyIi%2Bc2sw0gT4mp4ilO2fxGSt3aRnJmUYkncvTXqIpHShR2v7zMCahC2cC3ni5hJdc%2B%2B4ICPvaYa7X9vcoJjg9dLllF%2BcKbOy8mn5jiOPOj7pAJscQm9pSJ8ulb%2BxtjQTLVbYxZYenrX9%2Bd9v3X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853bedc10109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 777414f77fe87cf54741c341ffe9859508132a94.1363e735017567e6840f.js
rainostreams.com/_next/static/chunks/ 0
14 KB 54ms
52ms Other
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/777414f77fe87cf54741c341ffe9859508132a94.1363e735017567e6840f.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5439
etag: W/"636bbc56-a489"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkKTW%2FFlzVz54ksTrP1dvl6YuJCtIe07jUWubGL4KVmjJaAdXdRpCK1occNkMmmH3CTIGndG5bxKV9U2s04PzLtL3rOI8YmO3MWjPvJOemwusxiUF5BUqJKGtSmRaZ%2F4SowsWxKTX1SkYegr5dU1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853bedc30109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dmca-e51abc0557825ea5fbf8.js
rainostreams.com/_next/static/chunks/pages/ 0
3 KB 28ms
27ms Other
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/dmca-e51abc0557825ea5fbf8.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5749
etag: W/"636bbc56-1c3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VirDqwwhwdZKmk1sGHd%2FmIJGZLtdC1yaZXQ5KAj6BG%2BBTL1TUhv4nkDZNBX%2BDnkfsnBMfSa9sVqDgFTgSz7sf%2FleUIAxTLTbnE4C3rnOhz4v5QzyXzS0jkycbZZQ6sHC4ewaSTASZ5YXuksLbVLD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853bedc50109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 privacy-policy-8482217eae348c5585c4.js
rainostreams.com/_next/static/chunks/pages/ 0
6 KB 26ms
25ms Other
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/privacy-policy-8482217eae348c5585c4.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6473
etag: W/"636bbc56-3c0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUE9CGNLwRQV%2Be92MnKH%2FnQDG8nsWIxdzuI29DSOFFacNOFdpAeFMt2s0jSKCLPe1Su%2FhGyjzyZz2QbhAa0Zrh0sepDw8lRRlxMWQAh1iUTQqPDJWbMVszG0%2BBGp7eIXYyv7qyJTF%2F7d42EWf%2FKa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853bedc60109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 terms-condition-17af894a2da0bf4e1e50.js
rainostreams.com/_next/static/chunks/pages/ 0
3 KB 54ms
53ms Other
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/terms-condition-17af894a2da0bf4e1e50.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6473
etag: W/"636bbc56-1b7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO5KFEIcRteuusQjRl4Ho2RaRdum1IFWwACSVON0Y2tuqaIhmbGtn7bCvWSPI3nkFA0VFtoOHjfCYxjDM255OauFTIlVBU0DMwTZh7Hi99r9Z2%2F42aHOVJPU0rPG5hZ9OUW%2B%2FBzZ2MoUOZBwdeZM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853bedc70109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 contact-c7311e811fd92f1f9ad4.js
rainostreams.com/_next/static/chunks/pages/ 0
2 KB 28ms
27ms Other
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/contact-c7311e811fd92f1f9ad4.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 274
etag: W/"636bbc54-11ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWtdFUhW9JhnV5q2Ud57yFiWmqS8hv82O8nUW4%2B7eYSllVE5Zs%2Bs2GWbV99NvYyaqq8VVWzV6NLtqLl2rR%2FgKPNMwo48x55WSbeABw1%2FEMJ205b0lWsW8W1TplyF9Tp7ds9%2B4tfMHK7ZPtfsW%2FdG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853bedc80109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 5CE7 396 KB
113 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ff437ef5d97dc2827287c21
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b5df54a65fdfe8ff900463bbf8891ab0cfe34e42cf17e5861c880862fe3e7554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtiUGxRqfbvzkwEeKecxwLChvKCC89aal0erOPg7_kzPkp8jloOCYxBaCm55ZftA0MuIZgRFIr8GLqyIXCyOMOpZw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 114664
last-modified: Sun, 13 Nov 2022 08:40:25 GMT
server: UploadServer
etag: "32434793d6da84e4666c6230c82b97a7"
vary: Accept-Encoding
x-goog-generation: 1668328825650866
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Ru+38Q==, md5=MkNHk9bahORmbGIwyCuXpw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 114664
accept-ranges: bytes
expires: Tue, 22 Nov 2022 18:02:42 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 291ms
96ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4655573&@f16&@g1&@h1&@i1&@j1669139562875&@k0&@l1&@m%E2%9A%BE%EF%B8%8F%20tigers%20vs%20sox%20Live%20Stream%20Free&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:67708357&@b3:1669139563&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: f9e6b59e725bdfdd425ab0a66c110b7c542aa3a275442d8cc4176af43c962d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 204 / Show response
thaudray.com/5/4854376/ Frame A3F1 0
434 B 54ms
25ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thaudray.com/5/4854376/?oo=1&aab=1
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 22 Nov 2022 17:52:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bdnewszh.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
thaudray.com/ Frame A3F1 72 KB
23 KB 52ms
24ms Script
text/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thaudray.com/tag.min.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

eaa9f8f1de394dc656370ec96056d1037aaf86658057e372744adfae3724eea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 23259
x-trace-id: 7d189bc9d2b345ca1a4e1069a037a483
pragma: no-cache
last-modified: Tue, 22 Nov 2022 13:23:42 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A3F1 11 KB
5 KB 16ms
16ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:45:57 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 349405530

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 6 KB
3 KB 383ms
184ms XHR
application/json 3.209.15.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62a0bbc5296c634ce32fb898&AV_PUBLISHERID=5ff437ef5d97dc2827287c21&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&AV_CHANNELID=62a0ba0864bb4a4b86251dd1&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=rainostreams.com&AV_DADPOS=1&AV_PLACEMENT=5&AV_TAG=62a0bbc5296c634ce32fb898&AV_TEMPLATE=62a0bb6c8b86fe2812377b77&d36=6.2.62&responsive=1&sver=3&avtoken=562983&omv=1.0.1&AV_D65=IntentIQ&clsid=728b4f68-0e31-4de4-bb71-a62daff793ef&rando=47&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1669139562987&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ff437ef5d97dc2827287c21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.15.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-15-252.compute-1.amazonaws.com
Software: /
Resource Hash: a53466b2d586363c578a7ee92b5b8dadf5f0a149ce0f5f9e3c134f98001fa6bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Fri, 11 Nov 2022 04:06:03 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
98ms Image
text/plain 52.45.229.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=rainostreams.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.62&apppkg=&fv=1&proto=https&d65=IntentIQ&clsid=728b4f68-0e31-4de4-bb71-a62daff793ef&rando=47&pid=5ff437ef5d97dc2827287c21&cid=62a0ba0864bb4a4b86251dd1&stagid=62a0bbc5296c634ce32fb898&stplid=62a0bb6c8b86fe2812377b77&e=inventory&vi=100&cb=1669139562986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.229.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-229-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 /
6.adsco.re/ Frame A3F1 0
341 B 55ms
28ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bdnewszh.com/
Origin: https://bdnewszh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://bdnewszh.com
content-type: text/plain;charset=UTF-8
cache-control: private, max-age=10
cf-ray: 76e3853cfd6cbb56-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame A3F1 0
457 B 76ms
20ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bdnewszh.com/
Origin: https://bdnewszh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://bdnewszh.com
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
4.adsco.re/ Frame A3F1 45 B
457 B 25ms
20ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: b9c1d83bc4993f351d6748e073a740cf652420399e4a1a837bdd8b46f0c4ae56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://bdnewszh.com
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 / Show response
6.adsco.re/ Frame A3F1 57 B
312 B 35ms
17ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fcc1da2b9cbe5a38a0e9f93a69689dc50a588de72df1652d988373cd65bf972

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://bdnewszh.com
content-type: text/plain;charset=UTF-8
cache-control: private, max-age=10
cf-ray: 76e3853d5ead9bee-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST /
xlnmx6h2mrf9.l4.adsco.re/ Frame A3F1 0
0

POST
H/1.1 200
OK /
xlnmx6h2mrf9.n4.adsco.re/ Frame A3F1 0
464 B 361ms
90ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://xlnmx6h2mrf9.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, RO),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bdnewszh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
xlnmx6h2mrf9.s4.adsco.re/ Frame A3F1 0
464 B 732ms
163ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://xlnmx6h2mrf9.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, RO),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bdnewszh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 3025 71 KB
25 KB 76ms
58ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f424d8596ea0d134a7cc165c534ef729ab5ade76b7d2d4b22a3f5095d9cc1f

Request headers

Referer: https://bdnewszh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 264814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 76e3853d6c2f9b3a-FRA
content-encoding: br
content-type: text/html
date: Tue, 22 Nov 2022 17:52:43 GMT
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
expires: Fri, 23 Dec 2022 17:52:43 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server: cloudflare
vary: Accept-Encoding

GET
H2 404 stream30.m3u8 Show response
cdn.raino.xyz/hls/ Frame A3F1 0
79 B 554ms
186ms XHR
text/plain 164.92.99.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.raino.xyz/hls/stream30.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.92.99.145 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Nov 2022 17:52:43 GMT
cache-control: no-store
age: 0
alt-svc: h3=":443"; ma=2592000
content-length: 0

GET
H2 400 sync Show response
t.adx.opera.com/pub/ Frame D2F5 0
414 B 63ms
13ms Document
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1669139563024-949002043196-006153-006-006473%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ff437ef5d97dc2827287c21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 22 Nov 2022 17:52:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Tengine

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 53ms
7ms Image
image/gif 3.71.211.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1669139563024-949002043196-006153-006-006473&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.211.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-211-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1669139563024-949002043196-006153-006-006473%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
146 B 52ms
7ms Image
image/gif 3.71.211.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1669139563024-949002043196-006153-006-006473%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.211.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-211-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 /
6.adsco.re/ Frame 3025 0
274 B 23ms
23ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: https://c.adsco.re
content-type: text/plain;charset=UTF-8
cache-control: private, max-age=10
cf-ray: 76e3853f9c019bee-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame 3025 0
455 B 20ms
19ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: https://c.adsco.re
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 whitesox.svg
rainostreams.com/img/mlb/logos/ 9 KB
5 KB 34ms
33ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/whitesox.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1ee0dc0e5a0f848703d0081ba60a12d44b0364da5c3b146985b6fe33f2e994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bee8-22a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNnt2D46%2BTllR7BnHiF733bq4J9hPgDu%2BDEoJnmpHYjLarMar30RBfoC3LAnnmIPEVZ%2FGCQOcxZ1GVfY%2BXavRZYUNTJqEsalBuWRZ6dFY1bcBhkl4l3H7Qc%2FspD%2FdneA0HbRzxLgDOh8djrdl6yA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa85e0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cubs.svg
rainostreams.com/img/mlb/logos/ 2 KB
2 KB 34ms
24ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/cubs.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe99678c053859b50adbbe769aade0011ed6b2349962a9963dcc0b6db162aef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:26:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145beda-911"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAP25Zszu9Ke5d1FFwpiqCY9cuxjGmx66QTHy0QMIpbJGIukqPBRx9hubjhk8BEthm%2FKC2mrDA60yGtLzQlbq0TgFI0eEH2C1yhBO0cNgEzuz8q14Ue6lR2wSEU%2FH%2Bb32YSzOwA%2BD%2BBRkjNrlHEM"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8630109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 indians.svg
rainostreams.com/img/mlb/logos/ 558 B
848 B 36ms
26ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/indians.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec61ebbfacad3db9eadb3406dd797c39a29a0d96a4375cb43f9c7c4ef46f78a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:27:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf1a-22e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDoA3E5DKLsxZe2od1CmOF2ePg%2Bv%2FxecVlOI8Jd%2BpV8P38rfI75rzA9fv%2FI9w0J9e3H4dVE3arzeMtupuK%2BccCF9bEpXVZHH6GnObgETDcJ%2FUpjKMpnjVXX0WpW8OQi4U9SbqXqiAUd2oot%2BbY5j"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8640109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tigers.svg
rainostreams.com/img/mlb/logos/ 2 KB
1 KB 52ms
42ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/tigers.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde14c5c64c14e53c45c5ec18388da3de5851c78fcdf2e5e20e91431be20159b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:28:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf38-78b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPGyO1%2BG9hdcyBSfBCI0BseN5utGuFHMXpPG73zsFBPgllq6FxFS5X%2FfIZmqRjgVXvqXQpQTk6jxJcfEYDCzljrB%2BU7W0w6JWF%2FFpo0hlOyTyzoHFWespIAvRy99z7JW2tWwyZwbGutOBv7RPi0y"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8650109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 royals.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 52ms
43ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/royals.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55678f28a752ec5ac86e290b2481b8a5e3d7de7460a3f469412147dc224eb32c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf62-4bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYZKeKd58VDg7SpjI5HM4goMHslBW3lkb8PmK1UZDgFNlohecR2rx7PVYv02D2xQIw0AsqnVbrcG%2BdEWii5IVDygs1y9Ags%2FtyY75Q8qxAs3TZTQ7KSq8pJNT%2BdjS0OebjkKyhJ3fvhdlq4CyxeZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8660109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 twins.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 53ms
44ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/twins.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1ac330d5dc44156e21d0e76ecd0b9887aebd3e22006a15620025ee91508e77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bfbc-5a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn%2BFMtQlrzl7VqrgdJQ2G%2BxyW%2Bo0YyNq%2BcpufArtOVAUij9UlBr8yFdiRO0bO0ZAvId0MV0aXGDFkhCoAkQLhSfvO9d5qPYaMrWUDNhu1UfW6nkgNZxpv0Q8WCxDhsou%2BZ23nEI6SmgNXGw0e20u"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8670109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 orioles.svg
rainostreams.com/img/mlb/logos/ 9 KB
5 KB 35ms
26ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/orioles.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6476d34cd2e98e792cb73ef06e99b2c243089b3a7e102465db427ec3d26535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145beba-22d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsghxNyv9oDXXd1%2BkmF8Z0Z6MmMwVxC5yohbg5%2Fkpq2JlhqkPUMXnOCnJiFa2SI95D7cNANd6YM0tLKY63XX4TyduyIuYzDzyjpEE6kvcMpC9RYOYAAOvtNnHpD0VZ8z1TFScr5F950VaSpXS897"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8680109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 redsox.svg
rainostreams.com/img/mlb/logos/ 5 KB
3 KB 56ms
47ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/redsox.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53eb07384a14fcc54efb807581672b793c75cc1bfdc0c6610345051820cd92af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:26:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145beca-14d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4X8j8XRr9mZaf%2Bezhe9OFvdQvf9uP12OgCwu%2FO1YM%2Bcnj%2BcGNMcbNhinFwq3uNy5kJgV6ATFDsGQGT80OSVoKvnoT%2BeXvWc5HCcNvbw3%2Bie%2Ff9SgTwtUJQLXLnRpZmdF%2FpdamQDAtJs2Q24oYP%2FW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8690109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 yankees.svg
rainostreams.com/img/mlb/logos/ 2 KB
1 KB 33ms
24ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/yankees.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f17f0b82cc1a92c5b28b895fb546d1021011cad51d77281b17f5e34dd74973a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:31:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c010-625"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8YboQCnGBWfPTW7e85FFLorwP%2BDLsWLIrJ8TmoLTY8DRWYqt6Yqqw3oDeV92K4LP4tcHRFsXENX8fZ3f7jcH7w6p%2BUAM%2FuksVrgD1AKMS4xqXu3H4xfthJ2V%2BRx6SU3BwE8Fa0kT6vZo2xgYRo0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa86a0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rays.svg
rainostreams.com/img/mlb/logos/ 3 KB
2 KB 45ms
36ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/rays.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50fd02140a8fe66e57eb5c421fc6847a52abfbc7469bc3099a49d1e09ff77fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:34:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c0a0-a4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dg3mLE6NURWNYD1ldTjIpHBDPue45DDo4fF7kzm9HLjuni2x9%2FyNgIGLfYD50QSonvPkZjI7BhQJlf5kiWAA9h5G0HI79ACVPU%2BRM2mg%2BNcln6544QK%2BINJuESvHYL209lGNMK1ABNLkRMDMB%2Bbo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa86b0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jays.svg
rainostreams.com/img/mlb/logos/ 6 KB
3 KB 38ms
29ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/jays.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1920a269c4dce0f8f38d338c4a47380144922a7d84f92ad4609188cac0f4d8e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:34:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c0c6-17ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC6etiTGPKg8PSWX%2BEmOuuHCc5Ea8hH2PDyMvC2SGUHPwzHUoebQPAfnjMFIBw2Id1zITQoPMl5jJ6tsT2a3honbv3VoU7iDMjVVC5VwslJ9jYWJChNWi0hBu890kum5culEm60Bc0nX86cY0b1K"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa86c0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 astros.svg
rainostreams.com/img/mlb/logos/ 3 KB
2 KB 46ms
37ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/astros.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd2e9fa1d895e8cb88fb9ee3562acb6a1b9852158aa4793aa3a742097cc5556e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:28:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf46-cbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmHG2wVudEbQxluCc57nsQ7N%2B6Zp%2BpvUW%2B8CSFUOdFJWcSPNdani%2FaC49jUwZyHDPDTMV%2F%2F8nh9VquT5ggq8HCdbEgY4XqO3yyl0FnvDDZbc1vokoOs6b1rL%2F15jqO475fNj%2BIoyVHT0UMdFW9jG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa86d0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 angels.svg
rainostreams.com/img/mlb/logos/ 4 KB
2 KB 38ms
29ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/angels.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b73a6c9523ac0a35a817516e13c4e96a7908dc0df389f01f8dba5d6c47d21e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:29:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf72-e40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrSK7F%2FyZnNCXf9JNSh58UVThZSYG6XKs9%2BeJwyskxV6PnaRFn%2FUIL2N16DnjIToq%2BLyQ7ZB848h01rdZuH7OqluRADjPbe1adxkHTskkmb4qkBtKkPC8iYcpBcB%2FnZ2KOlTw8XobnhDpe4VBI6M"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa86e0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 athletics.svg
rainostreams.com/img/mlb/logos/ 3 KB
2 KB 34ms
26ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/athletics.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 598538b486eef1fc4834f0a88093fc03b26c558e264afc21f5c3c4b2ba209f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:32:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c028-b25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0mGyHIYadIqWE2LyUIwIGh8dHhRpszYWFUNNRwQrtcDymWVJRKJxeoJYimFz183UhQoHXP7knQvpKOkUa6oWDoMan0EqtRSbhxxtV%2BCiVTfQ8DWHOeUKOcHfdL%2FL1VQi%2FJuWkmvm%2FQ93j7ypjx%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa86f0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mariners.svg
rainostreams.com/img/mlb/logos/ 28 KB
12 KB 47ms
39ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/mariners.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9508331d23c9a20493210e9cd23d29978fc5e599efeffe6e180118885ff4d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c078-6e1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JklJ5YIXX43e1nlEcBagnr8Jl1LAZSMKPNqpaEFswwB3Ic08oueu33M0Dyfap64WFiIVZLq8rCc0jbiC0XTgW3R85G15PSc31jpmykCmA0t6RFJKVhNe0%2B5Bb%2B0%2Fmn2eAnJ3PoaPl0ifYvcGTfG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8700109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rangers.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 58ms
51ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/rangers.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775ec1e70b6655e087249f7306c8ea033c2cc5c52bd1da71339df02160190a38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:34:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c0b0-591"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF44rvmRFkdsaRIonP9O8juhC1BBWkO9mdWtVxkMXEr7yVaZCklh45GKHGoKcbfoMjdITVhqT0FprjGIIrDXvUZ%2F%2FwPRa%2B9zpuFMNHxFh2wQaMi3l%2BmseHn5k4NJwnbwPd0us0F%2FrT33iqF%2F%2BqAR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8710109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 giants.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 36ms
29ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/giants.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d8deeb9e7dd172edae9c1a202bf91461d89a973dd243edddb99329cfe99f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c06c-5ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiOjeLSGnpm5J4pNxMSxHnFTCzGSWdfYAZNyo8kcbppf5M%2Bh3ESNg3sGTlWvdZfJQLrhuDPQm0JBw7DgEoqvSDffzqz95cSra4OTCzaakOun1%2BRGfF7UrSrXn6tvB6kXC8sqad9VsoPRPb1tUdoe"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8720109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 padres.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 38ms
30ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/padres.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a03287e62bc4a40a3a16db388875a0766fc21ed7cf791a98e197fd4ea4f44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c058-4e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bbf7ePec5XQGKpa1l%2BZpkL9dsrlXieqHSk7WSYqbOtpudtnla5Pg1odYORsKzc1s2HHc1sNGGfm1HPzzirNzzOsmnQmiOSEgz6ltJirogUNnOT9wtTgddedBS5xzWvH%2BgbFxg4Mzi89hWHw2d78D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8730109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dodgers.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 38ms
31ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/dodgers.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9840fd7c20fb4614a1797f1fcf9613586fb54dac49dbe4b894086aa07555280f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:29:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf84-4a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF3Y1Lqi0QPcq22sjeJDE6HLWa9AXxt6KXjKcCx4Wx3VMY57kr5P4O3B3LzEN7E5Uw3d5DTQgwPbT0W%2Bu8hg5QQFbYGFpMBOJ1bHMEh97q%2B60i7qc6QCrHZszgPPANrydASjoi5gvXt45%2FaPIsbG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8740109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rockies.svg
rainostreams.com/img/mlb/logos/ 3 KB
2 KB 59ms
52ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/rockies.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c12967c791468cf8839be96380600dc78edba01eaf11e220186b802c515294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:27:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf2a-a14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RbtJXHpKIqk0u7RtqRLSELBd8REQnGWGDIU6KHwOV16shpIs%2B6Fo54aPsyNsKUpiS78wAXYqE%2FuKpoDrj8BPRsajGg3IBO%2BzvEuT8x%2FIIOLto41%2B5cI7N2ioTWXRH6QRdevpFkcscJCTF1sIdGe"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8750109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 diamondbacks.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 62ms
55ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/diamondbacks.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5693d5263a34cbdb98d86327d637d2d9639365c8ccb602f4aba39127cdf3c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:25:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145be98-5fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n650LcLg85JfIGPLlJldpJqISx8H%2B15X7mb5QlvuA17hIKi6QB50QKBa1wF%2F%2FEwFNBQQI4SwbmiO0fSrKEAWwDVDeskHFgvUVptsu64UmQDtWOI2JhId4N1tpky3jt1FslTWGeG9Qf5wqgAE3C%2B8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8760109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nationals.svg
rainostreams.com/img/mlb/logos/ 2 KB
1 KB 63ms
56ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/nationals.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e019986481b7844b548fe2d1cdc88a58815d0b1b8cbf22bd65fcf17f3458d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:35:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c0d6-74b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiOBPqdwHDMs1xAp0QJyCakL5lTW9XMz24CMv%2BUN6mZWQ7u4yd5knvMl3aEpD6dabW1nM0c4ahOUPntknOxv4%2FD%2BQG%2BHbtlxfOpBviR86sYcFOIyhveHbiUiVsOAiT1el4kXUITSRsRGx7f61Wmt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8770109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 phillies.svg
rainostreams.com/img/mlb/logos/ 2 KB
2 KB 63ms
56ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/phillies.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 465da43739de56c09d5f8ec3328be11e9318f53959cc05979d3ab3d0a547a3bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:32:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c03a-9d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9YkAwvwxIsYItm1rmmFFv6QC4FOR9TlNyosQwKwLoTHEzLwn%2BvyZQmIfE4lpWAI6pGUtMqbxzObBF9o71ekO8HW3xE5AS6Cgu5%2F8Cy76%2FWb48KnuI%2FytZEIq1Ju3dENjHXlmGWYXptciv1xg77r"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8780109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mets.svg
rainostreams.com/img/mlb/logos/ 3 KB
2 KB 63ms
57ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/mets.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8214420e8588f91928f45829e9abd8c5ac30df6293a29597b1aa7cc9bc972e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:31:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bff6-b5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgHdVxiD09GEYRjMemnO8pbyXZca%2B%2FO%2B7%2BtBfN2SFX10j%2B%2BRNKe8ISl8O0FP9ygAhYJ6Hz0oLjisZq%2FeOjqi8PrLfhYAKhcgjaP0pBcDDI7JbFb2LUSLMQOE0x6gsjLnAjXlChQo6qtYNxr18o0s"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8790109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 marlins.svg
rainostreams.com/img/mlb/logos/ 11 KB
6 KB 64ms
57ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/marlins.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a6e50ca9bad01e65aaeb0557d9e7b4dc94647aea42fdd2549643aca35a767df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:29:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bf96-2ccc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWvzAZ9pvVE1y3FusUpqdc8cJwzFKO0n6qaOIE1J9H1AXTJnQ6%2FwqlsIIcR%2BAjjIb5cNbb05bheuIFE921ISg7SCv4UCj62XqHKUZGUxJej7IO19soinGA3lfSgQJKoa83tQhGHl6Lb5IBmV%2BeHP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa87a0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 braves.svg
rainostreams.com/img/mlb/logos/ 3 KB
2 KB 64ms
57ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/braves.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11162237c379e6e6e54916ee4eebe4407961b4d37293b71b21868077d1bead0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bea4-a5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4S0W8Yt95pjIiUTofzlJDXtN4l6bvE9fcTPmmyB8JVXes90ntEXwvkdO6QCKZjtiAVe%2BxzCEWpxxJDua4%2FK0MblrFhAxcd60A9jApSZyGqTyy0m%2FNw%2BI50ErinxlomVnxhsD%2FSVb0v%2F4s2UpWtd"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa87b0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cardinals.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 64ms
58ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/cardinals.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9552254eb1d1f63b07c0405e324ecc0e1f614e540d552cc5170c015ed885a459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:33:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c08e-4d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA%2FrquETw296hD2GKOM44SkM1F0AjwjJQV%2BQDZ3zB1zVgTZZ6NVbILYMDD3Ai6RtFgqeatOd4nsbCEE8iX2TO4afAKkFivIxyw%2BDDnAIIPzYe%2B8ssHouA0SQBKjrSfNGEZVS9ltzfPtjlViyidGX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa87c0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pirates.svg
rainostreams.com/img/mlb/logos/ 902 B
1 KB 64ms
58ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/pirates.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e723ca5fe9426c3bfe35841f39b71652f46eeeeeeb15022ab6bc23a964afb31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145c048-386"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lG5ESlWoI59m%2BTtbSK7IzyHB9gQ4mut2ksHpGzLRiWAhe9oq14twZQ%2BEsgxROgiBg1trQbuXT8YbZuRhe%2F5CWOmMCSn%2F6sgpMUE6tKNDgu2Vvwmj35N8akfByNZT8XbizSY%2BSaQCju0vv1PD3kBP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa87e0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 brewers.svg
rainostreams.com/img/mlb/logos/ 8 KB
4 KB 67ms
60ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/brewers.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f274ef119b058f6b82b0ca949068d0a7a0d5db915097ac10a31040c3620f8d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:30:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bfaa-205d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9hVL3czi6SkI%2FOOkQzNtCevhC6UwZ%2BW23tudjTArIoGX7I2AHg1T9FuVczTElMA0kjAGlGVAw8CJW95Iy2ZPNjX58hwcVOnCVCpkIgybLlmpK%2Bog7Qy6TBe6ty9PuBwN39xDr0O%2BvlBB8x7Krqt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa87f0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 reds.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 67ms
61ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/reds.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112b22efe0bb3f7352a0630068977526d2fbaf36c67a10683a8b2c9e966c1618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 10:27:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6145bef8-598"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjcMYtCwGGVvfsnzikGSzrOqrjmQzLEOUqsDRgt2L89gJk1CZCmSKaJ8XpRf1yuWfPibTKkxV19HjhExAaVSAehPwIsXcxVq%2FDCIiZGv96pOr9ynl3XwplBwTOz40VTB5Rg6Gi0uJuwNHhV7WEdk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8810109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 guardians.svg
rainostreams.com/img/mlb/logos/ 1 KB
1 KB 67ms
61ms Image
image/svg+xml 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rainostreams.com/img/mlb/logos/guardians.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fada1700c1622777d64d1971e028ea7aca7729a11537736d4e88c6acada763e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Apr 2022 21:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"6251f5da-567"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V504eUZtonLSGDvunEzhglpzvb7ZYRwzUWEFWnOQ8aBM611E1vuOW5bUpyRA%2BiMSzAE6eQ%2Bt6Dmcn%2F9nN7wG8O4kZhpBhqT0xOjbG5ziSq8AZmxdc%2BjF7ajQ8gBccoKdY27nAQc1cISFCnCrd6rO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3853fa8820109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame A3F1 50 B
184 B 292ms
95ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4637528&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMLB%20Streams&@n0&@ohttps%3A%2F%2Frainostreams.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-122227575&@b3:1669139563&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbdnewszh.com%2Fembed%2Fmlb%2Ftigers.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: c6ab7dd5559ef3d3c0ccf511c98cce21f26b8dbadc04c7804beb2a70bc447af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H3 200 / Show response
c.adsco.re/ Frame 3025 71 KB
25 KB 46ms
43ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f424d8596ea0d134a7cc165c534ef729ab5ade76b7d2d4b22a3f5095d9cc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server: cloudflare
age: 264814
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 76e3853fc9cf9b3a-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 23 Dec 2022 17:52:43 GMT

GET /
6.adsco.re/ Frame 3025 0
0

GET /
4.adsco.re/ Frame 3025 0
0

GET
H3 200 privacy-policy-8482217eae348c5585c4.js Show response
rainostreams.com/_next/static/chunks/pages/ 15 KB
6 KB 25ms
25ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/privacy-policy-8482217eae348c5585c4.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec64402b33d054d269a33294f8ab14da17380391f5162ea8dce8937b24247cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6474
etag: W/"636bbc56-3c0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGF5ZbKD15PqscPyZl1XN59hy%2FHXh5B9YbeD0VdbDjW85DJSK92Ua7BcPV432Vb8k9hSOJoseJ4VjzJ4csk8UxEg86sZmSOPlfi4c4ms%2Ft1g45ofOVkBniq76vSrLIQ3vDaFRWHMD8njMVS97Z2w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3854048c90109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dmca-e51abc0557825ea5fbf8.js Show response
rainostreams.com/_next/static/chunks/pages/ 7 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/dmca-e51abc0557825ea5fbf8.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222d1f5b49105c7151422d22892a2fdb896f41f7418e1f7f126f25b83cfa8815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5750
etag: W/"636bbc56-1c3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrjH3RXqXyqncADTYMLPS%2FNx6NeAxUz3lC2opyuSRzKdcFS4jaXPi4IMERIfrNFauy2mJtjSQxjfZkYnh9iZNYIeGL%2BDvKHQyq6JY6d438JqVzBAjxhGMhwhbgIKbVWANOWTujmF0HvVxB1dzCug"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3854048ca0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 terms-condition-17af894a2da0bf4e1e50.js Show response
rainostreams.com/_next/static/chunks/pages/ 7 KB
3 KB 22ms
22ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/terms-condition-17af894a2da0bf4e1e50.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f322a9a2b1e697954819e8529ae6edb45fff74b365b0d84f01d207561de6b8c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6474
etag: W/"636bbc56-1b7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXEzuxOpSnCpX2EDvEUZXea5ORJaMMpfICUb6Lmb%2FsKlKEW4AghyR4U2CpRV0GyimvmfEKZH6oNlTKnz%2FCzuaXJ9SztIoS3DTRK3sEguB02edQDyWSkiEMwYiPsqAIgqMs3Sx8gPlPUPCs05qawR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3854048cd0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 contact-c7311e811fd92f1f9ad4.js Show response
rainostreams.com/_next/static/chunks/pages/ 4 KB
2 KB 25ms
25ms Script
application/javascript 2606:4700:3030::ac43:df24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rainostreams.com/_next/static/chunks/pages/contact-c7311e811fd92f1f9ad4.js
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/_next/static/chunks/dc76d8d3f3c3869f9e42c70af4d7ee95982f48ed.488da28224a30cbd1d17.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:df24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf6ea894abd3aed740e5e2a7d347e70cf27b409c537b7c09df0a0bad36061a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 275
etag: W/"636bbc54-11ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoowek8fOVMDtWIBZ0Q90jpPULZZe%2BNmRNhMuWec1gc8HdbipOfNcryrNmfaMjb9GnE9JzQ5I6qg9EsDwyuq6wUHmiXbzWvHC4h35sousxPrVQbS5awPdkjWFFpOhTouTtSM%2FCzR0HRkT%2BrOHHFU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 76e3854048cf0109-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1399 / 252 of 1000 / last-modified: 1669118838"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Nov 2022 17:52:43 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 47ms
16ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rainostreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Tue, 22 Nov 2022 17:52:43 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://rainostreams.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Nov 2023 16:56:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 193 B
118 B 55ms
24ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rainostreams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7739dd5ddf15601cfb1a74b8667eb1a6882489a478103112255c9d720581c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Tue, 22 Nov 2022 17:52:43 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ Frame A3F1 363 B
698 B 125ms
72ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 213d848c0b06c23dd83edf2ebd4d09fe3e7fee9da691d7b129fae859d86e2fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:52:43 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
AS-P-1: OK lon124
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://bdnewszh.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-P-2: OK
AS-P-3: OK

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 65ms
25ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rainostreams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 61ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rainostreams.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
42 KB 564ms
561ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=1738611893234938&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Chm-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1874771964&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dinterstitial&sc=1&cookie_enabled=1&abxe=1&dt=1669139563887&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a84df94e4cff2159425b698a31d72ccf543b70c102db4a8d07280ec75e700c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42572
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
38 KB 1247ms
1242ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Chm-anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2830129390&sfv=1-0-40&ists=1&fas=2&prev_scp=pos%3Danchor-top&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563902&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ea801acced0113def58f07a4a23866bb5b84df1e265542abb1c810df36ffdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38859
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 980ms
975ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=3&adks=930618674&sfv=1-0-40&prev_scp=pos%3Dskyscraper-1&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563904&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f30c216b7b817f9068a6837542f1816d99395092ec8f5c86ffe99e5e552b084b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20466
x-xss-protection: 0
google-lineitem-id: 5992788937
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390010714
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 238ms
233ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=4&adks=1135442077&sfv=1-0-40&prev_scp=pos%3Dskyscraper-2&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563906&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b90e06bb2eaad87451218e93271106594a16172f90927df761b33dc3d0b3e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20436
x-xss-protection: 0
google-lineitem-id: 5996443147
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390012790
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 540ms
535ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=5&adks=2469478460&sfv=1-0-40&prev_scp=pos%3DMPU-1&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563908&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab0b1d6b2dd64469766bc667c34b507d01a0953ed09c81b4567eb5100c30db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20415
x-xss-protection: 0
google-lineitem-id: 5992788937
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390010723
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 1431ms
1427ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=6&adks=2809825188&sfv=1-0-40&prev_scp=pos%3DMPU-2&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563916&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e516f8df9a4dbcbac53af48b437d619ae24d64d643be17ebaad9d673388f516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20418
x-xss-protection: 0
google-lineitem-id: 5996443147
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390012793
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 1803ms
1799ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=7&adks=2542882550&sfv=1-0-40&prev_scp=pos%3DMPU-3&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563918&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5d90d147d1854e5e03ec7a657c114a3a65a44ab6eb07e730189418831db3b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20428
x-xss-protection: 0
google-lineitem-id: 5996443147
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390012796
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 1626ms
1621ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=8&adks=1584201766&sfv=1-0-40&prev_scp=pos%3DMPU-4&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563921&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf227338ebf7b493922dba673995e629ab0eac1edd6b019dd8dfdd26a04f408c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20436
x-xss-protection: 0
google-lineitem-id: 6122225467
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138406678672
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 861ms
857ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=9&adks=2271901398&sfv=1-0-40&prev_scp=pos%3Dleaderboard-1&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563928&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59dfb8e7251e63172a3db64421acc00233f5249b957ff2edd05f38cea51982a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20469
x-xss-protection: 0
google-lineitem-id: 6122225467
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138406043480
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 685ms
681ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=10&adks=3572833128&sfv=1-0-40&prev_scp=pos%3Dleaderboard-2&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563931&lmt=1668004960&dlt=1669139562496&idt=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1ba1e56408479adae7eef925a12a00d89aa601e815fc97c802e263b592f4510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9439
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 94ms
64ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba561acd6f8eefdc0dbd622d7a7816ff11e9de33009c18173612bb1601c4737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11098
x-xss-protection: 0

GET
H2 200 container.html Show response
324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C391 6 KB
3 KB 74ms
22ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Wed, 22 Nov 2023 17:52:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13838
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Nov 2023 17:50:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
42 KB 2243ms
2242ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=11&adks=4294587217&sfv=1-0-40&prev_scp=pos%3Dbillboard-1&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563951&lmt=1668004960&dlt=1669139562496&idt=1336&adxs=315&adys=75&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=1600x15&msz=1600x15&fws=0&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

015ba8a9dcb16dce35019a2e3e0804c265b297a3058caa384f6b82bede65b971

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL_1lLetwvsCFRWqdwodpgEDgw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12813831789494163656/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL_1lLetwvsCFRWqdwodpgEDgw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12813831789494163656/index.html
date: Tue, 22 Nov 2022 17:52:46 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42781
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
32 KB 3054ms
3054ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=12&adks=1639515143&sfv=1-0-40&prev_scp=pos%3Dbillboard-3&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563958&lmt=1668004960&dlt=1669139562496&idt=1336&adxs=315&adys=1096&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fa7239a966a13b9377f22eaa292a4026a4a2b87485d267bcf51cf88995b152c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33084
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 2547ms
2546ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1910483953390345&correlator=253742085378541&eid=31068367%2C31070233%2C31070949&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=13&adks=3034430240&sfv=1-0-40&prev_scp=pos%3Dbillboard-2&eri=1&cust_params=site%3Drainostreams.com&sc=1&cookie_enabled=1&abxe=1&dt=1669139563961&lmt=1668004960&dlt=1669139562496&idt=1336&adxs=315&adys=375&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&frm=20&vis=1&psz=970x15&msz=970x15&fws=0&ohw=0&ga_vid=1746738535.1669139563&ga_sid=1669139564&ga_hid=1889171401&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aa337f0d0c98544c496f6bc2686447e474746c93761e1ce8d3680a1ecb35bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 17:52:44 GMT

GET
H2 500 ntLZdr.htm
antiadblocksystems.com/ Frame A3F1 0
0 178ms
123ms Script
application/javascript 208.95.113.2
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://antiadblocksystems.com/ntLZdr.htm?_=BAoAY30MawFjfQxrgAGBAsAAIDhzZ8kdOuQmab-Nieno1ThDQUIRD6ZCBEOqDOKf8VjUwQBIMEYCIQCcegQ0y1b2PrP0QHgHZa-HQjb2__E6d0PidTo8t1t08gIhAJsFUF40z55GzyRonJlV1sOIh1xiS_QJ3LWnoZKXHJd-wgAgwSU9k7SVQr-wtp2bhuREUo34H1SsabusLYT90MHo0a_EABAqAAyYIDCgBAABAAAAAAAUxQAQq6hphjJUSMJx-MPZqu3mnMMARjBEAiBsumnwPhYBr1eTaSK1w2M9SIugKWxxs44sVT9laYSAigIgZ7LihWzDUrdEy_7KS2b9FzKja3VrBLLhiiqf5sxBAjU&v=4&NryztAbL=4568855&minBid=&OSVimcHf=0:1,0&nhISYPBy=&ivfOMuzN=https%3A%2F%2Frainostreams.com%2F&s=1600,1200,1.65,2640,1980,1
Requested by: Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/onsenui.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.95.113.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Nov 2022 17:52:44 GMT
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 17:52:44 GMT
content-length: 0
content-type: application/javascript

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5479 13 KB
5 KB 68ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:27:47 GMT
expires: Wed, 22 Nov 2023 17:27:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D183 783 B
1 KB 68ms
27ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

59b099d2eecdcdf290b9259beef07988e5dcf8ee5122c8f904a1ce49f346419b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t9sBqfYPpBjoortwFYObxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-t9sBqfYPpBjoortwFYObxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Tue, 22 Nov 2022 17:52:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jquery.PrintArea.min.js Show response
d3cod80thn7qnd.cloudfront.net/ Frame A3F1 30 KB
10 KB 57ms
33ms Script
application/x-javascript 2600:9000:20eb:3800:1d:a62b:6a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3cod80thn7qnd.cloudfront.net/jquery.PrintArea.min.js
Requested by: Host: bdnewszh.com
URL: https://bdnewszh.com/embed/mlb/tigers.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3800:1d:a62b:6a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 369e8aaf9517c75a49447dd39db3918b4d424a198ffe79562c466ff03ea243e9

Request headers

Referer: https://bdnewszh.com/
Origin: https://bdnewszh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 01:07:17 GMT
content-encoding: gzip
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 578727
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://antiadblocksystems.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
content-length: 9702
x-amz-cf-id: UipFqYc0q0aLg2_Jre9OhSygHEHzK2VkRHRvAIIHK2oTCE4tyXFQ8g==
expires: Wed, 23 Nov 2022 01:07:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D183 0
0 79ms
50ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1910483953390345&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5479 36 KB
16 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:51:22 GMT

POST
H/1.1 200
OK t Show response
adsco.re/ Frame A3F1 366 B
673 B 25ms
25ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/t
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e8b5fada28fa86c6a3ca724d621b4fd77e537e4d0da477e971399e449f8ea94f

Request headers

Referer: https://bdnewszh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Nov 2022 17:52:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Max-Age: 2592000
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://bdnewszh.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Token-Level: 3
Connection: keep-alive

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5479 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eH50Ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72A0 6 KB
3 KB 58ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Wed, 22 Nov 2023 17:52:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 500 gva.htm
antiadblocksystems.com/ Frame A3F1 0
0 1213ms
1212ms Script
application/javascript 208.95.113.2
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://antiadblocksystems.com/gva.htm?_=BAoAY30MawFjfQxsgAGBAsAAILHfM9WorxmXaKaxIB-PQsNLoEQBipF0ONGs_7G8OCKJwQBIMEYCIQDhHzD0IrUfwELdZ_klYIFm9yCRN73b1vDW8_VgbAznHgIhAMOYeWAa6eEX8j_W_6NHIqYVzL4GuoZY3AZY3TX1CjytwgAgOG-UxSLN8VDqYo26Rz2DKGjVPAO5-kL5ho25FmhxbiXEABAqAAyYIDCgBAABAAAAAAAUxQAQp3piViIStY1EizJI2AEOKMMASDBGAiEAl5kWdRgZZfWKMfcl-L6pgr9r2TPvT7yK7zvlXPNp40kCIQCLWzIfpqDTzMus4E-3fQGgDaJ4k9qGIIVGG8j3fhbK7w&v=4&vusnXQSq=4568855&minBid=&aAkPLZjD=0:1,0&oAWYzxTX=&nlqJRxcC=https%3A%2F%2Frainostreams.com%2F&s=1600,1200,1.65,2640,1980,1
Requested by: Host: d3cod80thn7qnd.cloudfront.net
URL: https://d3cod80thn7qnd.cloudfront.net/jquery.PrintArea.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.95.113.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Nov 2022 17:52:44 GMT
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 17:52:44 GMT
content-length: 0
content-type: application/javascript

GET
H2 200 css2
fonts.googleapis.com/ Frame 72A0 4 KB
709 B 67ms
22ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:55:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Nov 2022 17:52:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2816 8 KB
1 KB 52ms
21ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:18:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Nov 2022 17:52:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2816 2 KB
765 B 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2816 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2816 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 16:56:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2816 18 KB
7 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2816 154 KB
48 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 17:52:44 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 2816 34 KB
14 KB 55ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 11:55:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 72A0 19 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 72A0 205 B
294 B 54ms
18ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:24:42 GMT
x-content-type-options: nosniff
age: 1682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Nov 2023 17:24:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 72A0 604 B
918 B 53ms
17ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:44:19 GMT
x-content-type-options: nosniff
age: 505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Nov 2023 17:44:19 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0D5 143 B
476 B 60ms
15ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
22ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Tue, 22 Nov 2022 17:52:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame B8DF 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:51:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1910483953390345&bg=!n5ylnNjNAAbvMpMzzzI7ACkAdvg8WsCKdwKdHmXjtTxyS5UqaHoGxuhgEf_ui5SOg2ln3cKOVN57EAIAAABsUgAAAANoAQeZAqgocnQWInf6vMZ7ZjuOEE1lhpYMiRJVpe2unbu6AeZgbBoeUdMd6rIOnzrOG1nwqDfwqpDE5JcHKrUAK4WJ4cZgiQO9lqlM3gOc2ve0OQytjV-1GlZBeLXEA0EjzyGanu2KqAb7N3-NWR0TvxKV9GWKDTEK3RNwQRItPtPeRaE_vtpjTrL5Wbn-vZ0g6ppnHgEO1hI0M9Ii3ELix1kT82Kb-giGvl-0t_f6laYvpk_a6Bm9UeKWPi3gU3PC23ndjDmkgJSIk6BiXEnhWbHdF44TIWBjBuJl0ROv53Y8Ks-0HqtZIZKvr-hSVdHhx31HwXqw5UtJFbJGLyeOPkjnDyoezAwR8V-QO7e7Vt_UTeugP9MNUJRLyguVUk9cf5_YBmVVuaI-w-q1q_hFH6Diob1augBk3XAJgDgbzXNNXrAgWRD17PAQzy_xbfX2p_6vHbkWGLRSBQbF7-ClB9-OJeFUXUn0olRgdAYQbe76pcvs9NqOuLY2hMXiJQj2AqhH2XrKa8QhprhlFKLr2XkLMzea63rzziI64WsinoVdtQuBzE7HpKUjNGBLGiKCBy4BSL8rqyUPD_UYe93fPf5VmKrzz4G5mF7n3_XokkNIkFqzMwojK_FcxuLApCv6N68V6CI4DZ2K9qCdQusYWGVbRQtSyyGECcNAqOM45LLw-tPc1xxcurBQBKZVDVT_XKsRSqQi0reIm1W_sO_Mp84g4e01AvvzVZxG6HNk6zP7kh6HF5EYsezrhVRMU2C3TsMLaMM-1g7IY6QmIb0fzYJ6IQrddbFSK1PiBU1tC_-mvVjXjRy0dQWlwzZq7jZpfzbUVxs8tjj87CWRxlokPgDk4CEXnQCryaAifwWDZgGmtPkYp8SmBzpGmPBMLkGzUbAvgqAS5wDR9e8VPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainostreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 container.html Show response
324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34C2 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Wed, 22 Nov 2023 17:52:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7EEB 624 B
246 B 54ms
51ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-rURCLgdsBGPzBw9cBMAE&v=APEucNWglRH77QzFoQDNvAaGvTcgHXZqBJ-W4D5rH4jkWmTiMc8yRCHmD4NVI0t3joNd0B9aYJIja9NHsjVhnbhmorw3cys3tfQpprNYJ6O4x0D_PW5SZ6IW8MWF0rKNS9ocas_NYCNeDClOdKkXuhPsDHTq9YkO7xfoMG0qOp_1YejK1jyBNiWBSq2pen222k12nE26EcPE

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:45 GMT
expires: Tue, 22 Nov 2022 17:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A8D6 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 18:12:37 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame A8D6 6 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 12:06:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 12:06:40 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A8D6 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 11:55:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A8D6 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 16:56:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A8D6 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8D6 154 KB
47 KB 76ms
46ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 17:52:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8D6 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DR0zW1Kvk782BW3C2nt49rGxxnX-VO3El5hjloW81kR4Rd98R6fZ5yoWcLVLKo-obIs1TeaCpgl4erj59SpO4pxIOvjLUJcsvefWsfh8wOyiuldZs

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5308978790870267
s0.2mdn.net/simgad/ Frame A8D6 56 KB
57 KB 51ms
15ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5308978790870267

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a41ee25bf0c9981aa0ac6d615fdef67bd27378bf3834eccf6351794d4ecae47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:21:31 GMT
x-content-type-options: nosniff
age: 379874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57833
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 17:07:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 08:21:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5DD3 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:55:20 GMT
expires: Wed, 22 Nov 2023 11:55:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7EEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-rURCLgdsBGPzBw9cBMAE&v=APEucNWglRH77QzFoQDNvAaGvTcgHXZqBJ-W4D5rH4jkWmTiMc8yRCHmD4NVI0t3joNd0B9aYJIja9NHsjVhnbhmorw3cys3tfQpprNYJ6O4x0D_PW5SZ6IW8MWF0rKNS9ocas_NYCNeDClOdKkXuhPsDHTq9YkO7xfoMG0qOp_1YejK1jyBNiWBSq2pen222k12nE26EcPE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 17:52:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7EEB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y30MbULh1TK0lV41KqhcaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1

43 B
766 B

10ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-rURCLgdsBGPzBw9cBMAE&v=APEucNWglRH77QzFoQDNvAaGvTcgHXZqBJ-W4D5rH4jkWmTiMc8yRCHmD4NVI0t3joNd0B9aYJIja9NHsjVhnbhmorw3cys3tfQpprNYJ6O4x0D_PW5SZ6IW8MWF0rKNS9ocas_NYCNeDClOdKkXuhPsDHTq9YkO7xfoMG0qOp_1YejK1jyBNiWBSq2pen222k12nE26EcPE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 17:52:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcIAhksxla2PGceaF4WWbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7EEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECj6sCCEsMiucmNI_QQ7srQ&google_cver=1

43 B
1014 B

27ms
25ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECj6sCCEsMiucmNI_QQ7srQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-rURCLgdsBGPzBw9cBMAE&v=APEucNWglRH77QzFoQDNvAaGvTcgHXZqBJ-W4D5rH4jkWmTiMc8yRCHmD4NVI0t3joNd0B9aYJIja9NHsjVhnbhmorw3cys3tfQpprNYJ6O4x0D_PW5SZ6IW8MWF0rKNS9ocas_NYCNeDClOdKkXuhPsDHTq9YkO7xfoMG0qOp_1YejK1jyBNiWBSq2pen222k12nE26EcPE

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 17:52:45 GMT
AN-X-Request-Uuid: 778d070b-b809-4d1e-a827-6f03b85a8917
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.249; 37.58.58.249; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECj6sCCEsMiucmNI_QQ7srQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EEB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNzU5MjgwOTM4NTMzMDc3NQ%3D%3D

170 B
188 B

76ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNzU5MjgwOTM4NTMzMDc3NQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 17:52:45 GMT
AN-X-Request-Uuid: f3ee5899-21d6-43b3-9e2c-80e8e2419af6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQzNzU5MjgwOTM4NTMzMDc3NQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 37.58.58.249; 37.58.58.249; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DD3 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:51:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DD3 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbwlPbAx9Y-qxNpry3gO75YHoBgAAAAA4AeAEAg&bg=!8_Cl8LTNAAbvMpMzzzI7ACkAdvg8WganX8KA8hZZUZZdI3DbkHrUgOs1-ZfjQ4JQNOhEiavAMzzvEAIAAABLUgAAAANoAQeZAzaeWou4wzjXOLOuT5LCDXaxLAGjpisbjkhcQmwTVbosapVi9LqQLxsIWZFutVOe9UV8anidU-COCleItW8SQRzJ7Zj8i_2h61Ea2XZgNYoeXYv1RLdtA3nXIjoVXvTTcmfePRsfs1E1iIhHz8kVTehqSLphH8HQNi6rF75Uv0mdPakmdsp3iI_oPc9UBGh0Mgi-l7QaGZLeex0zMYi7_sVmMnSKB_w3ekkprVuhDAwGMCcQqesYsKlCjc95HLcAfyGSQREG6a-cyezAlPep0x8WQZVugHKgJPDj7J1TMo_RHAXsX93isN6bddqRiVJRzFoc7do71DkUy_EHCUylE9Paex0Pa6JODiVNlMpGN9J_IbwZzy4jRGW58K2KxzhP9Lb80_MQVN04gDUtd9Wm1BnkFlF7ZEAt24XVH7BsVPWaSCzBGvXOvNXg-UDc0gwWsAY5LWPsmo7QRZQtdbkEafIiBp2ceUqu4xjLwLylKin_po7ZxoRTs7FL-_BnDVA8SURhk6m18hYSHNUZBSyQt_Ocb9k2CT5m9ZMIXzEGl1KVrvj0YAVkblC8AIczDYMmMYN8zLrkNzeQd5m_ckjXcD_s7b3V5Sa5Jj88iGnCHdjxDK7WL7kPl4rcCth4SF8KtAuEYj-owXY2FeOGN64__xUEllzDQ86dp1zIssDqM8g92z6RiW97s_F31L-X0abEtUusgG3yO3IPOFdmoxP4IgR6OmgstLVjeiVE5Gb9q-kwxDsz8I7JLO2WqryU0SRfLph3hN-fQUjO93dMVdof1Ad4IRAnAn5_raeerbPJkmQ5hpZiHOEqamggpqoGCVBNDorAmcy2NXGPFPlDSwhEViKUn1HwhoDQN7bMPOEOtyjkFQAlnRVIUxtuMm62ZLtxpBXIN5JLriGLgwV5bRIX3WqWBRk-mezSaW137HcEZPAWIyGAs61uqf_SDR759MjyE-dPcuNYuhSKETWk4RW1Ki9aaGLlTCmVYyU9T9Q8llqYbRURableVKA97rmu_cnzQdrEsGnUZmLZWDwvoQN9XPGb1jI-yFg5V_qzJAKaxql3Rj-8DwDecF4ONPu28DhbaE5xWoaaU7E

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gun.js Show response
www.hdhtthluiemgr.com/ Frame A3F1 30 KB
9 KB 42ms
12ms Script
application/x-javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hdhtthluiemgr.com/gun.js
Requested by: Host: bdnewszh.com
URL: https://bdnewszh.com/embed/mlb/tigers.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 403829d3d39edc75678f545f2cba0fc8aed36da0ac923e40e8d2aad6326f8e9f

Request headers

Referer: https://bdnewszh.com/
Origin: https://bdnewszh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 22 Nov 2022 17:52:45 GMT
content-encoding: br
x-cache: HIT
x-77-cache: HIT
x-age: 34192
alt-svc: quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
x-77-nzt: Abk73BB9cP//kIUAAA
x-accel-expires: @1669710173
server: CDN77-Turbo
x-77-nzt-ray: 9083393080e94f786d0c7d6305b5aa2f
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://hdhtthluiemgr.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Tue, 29 Nov 2022 08:22:53 GMT

POST
H/1.1 200
OK t Show response
adsco.re/ Frame A3F1 364 B
671 B 26ms
25ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/t
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: f9536f9df6c04aa2ea6f5acadcdaaec8c548c025ffe424cdbcb766cdcdb1c774

Request headers

Referer: https://bdnewszh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Nov 2022 17:52:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Max-Age: 2592000
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://bdnewszh.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Token-Level: 3
Connection: keep-alive

GET
H/1.1 200
OK AjW.html Show response
hdhtthluiemgr.com/ Frame A3F1 44 B
277 B 182ms
113ms Script
text/javascript 216.21.13.14
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdhtthluiemgr.com/AjW.html?_=BAoAY30MawFjfQxtgAGBAsAAIMqbFYnV1VAaDWCyFrj-7pQH7if8RSn7wnsOoi65NrONwQBHMEUCIG8Qe-CZgHVuLJKlLlYCTXS57cbxHvgRhXSNne3T4JMLAiEAnMFiLKG5A3PtWs_H_I7V-ZDP4UwGLdEuH_rtei2lwGDCACDbJ1PU33kkGBc66MbGTZ8h0XCubkI2I9smncT8O8G3HcQAECoADJggMKAEAAEAAAAAABTFABBhKrwOsN3e8tgKgdR6XbJlwwBIMEYCIQCT8rA0e_xaT15fZQyP7FGqhP1hiBTuEVn3MOBHxqOIEgIhANOmqbcG2MOqed-2Y0eqaTzwyBbi7E055Z3o3XDaDxsw&v=4&ZGbWmPln=4568855&minBid=&ZgFDLnkK=0:1,0&AVHmEBOn=&aDAGlJYN=https%3A%2F%2Frainostreams.com%2F&s=1600,1200,1.65,2640,1980,1
Requested by: Host: www.hdhtthluiemgr.com
URL: https://www.hdhtthluiemgr.com/gun.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 216.21.13.14 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdnewszh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
asf: 9
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
popads-ec: ASB
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 44

GET
H3 200 container.html Show response
324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 507E 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Wed, 22 Nov 2023 17:52:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/ Frame 06D2 10 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0cf074dbb5cf2d6a603f520c9d5cf02c89ff1f8d13014f7f17064ebca8076bd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 104655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2729
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 12:48:31 GMT
expires: Tue, 21 Nov 2023 12:48:31 GMT
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 507E 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C50P7bQx9Y_-KLJXU3gOmg4yYCPScxr5txfyvsMgQvbGJw8AuEAEgk9ycc2CVAqABzsOy_gPIAQmpAncDIdbhO7E-4AIAqAMByANIqgSYAk_Qnq8fKOeutr7ln9ODAVC9WB8T8XSMTUueUMH04Pegyb-LAIGndgSnW4WdOsTEoLNmdC86URiUCvIApECgVQrD8l4hioDPp_VJ5gEmAp-RRC0_GczLM6hnl5_yhx6-l80_AfD1TSNfCtDzOgD8l4ebYHMwzQDHksh8Mn1i-iEUfb71xb3MPZ-qVuK2v2SXTB40opzK3ZDqVGlExZLV38Fh-z7e2rDSYFM24KEUEs_y26_USIvmNhX8-T4rD0K8r_SCy09WbJYZIXPzW8xBkWDqwjulOwGoBuS-1MZVIOAG_D2RrMeZlG9ib1fOXsjWSO_8ykoHTmvBEtoUlE4ih4P3yZAoeoTSUAT0Yuu6ryWSQjioZpTCSVfABOGe2viDBOAEAaAGLoAHmrzNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKv4DNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTg0NzM3NjMzNDEwNTQ5OTMYquca&sigh=zL3WO7ZqX4g&uach_m=[UACH]&cid=CAQSSwDq26N9Jj1jLVlh_Jqop_Kor3VpKdhow_EQJapCAXsWankObHqqc5xuJpfYP2OkdlRsEne-WcW5bfSY_oAVb_mJ4Un2kLEfNDEzEBgBIBM&template_id=419
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 507E 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 06D2 6 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 23 Nov 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 06D2 34 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 22 Nov 2022 19:53:06 GMT

GET
H3 200 img-bg-0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 67 KB
67 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-bg-0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5edbdb5beaddd6d7d8be756648c57735dd191c3872f87650edb5109070d680fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-bg-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 22 KB
22 KB 27ms
24ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-bg-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f4549659ce8142bc63343124c67ade745eee92fabd44584863532115a68591

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22305
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 tf-0-box-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 453 B
484 B 38ms
35ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/tf-0-box-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce160efe6033940e7b04516413b0851b9340fcde7238609eb923c609721540df

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 tf-0-box-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 452 B
483 B 37ms
34ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/tf-0-box-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da3272249cab937abb9a9b789cb049e8b10e32b8730451e8eaad3f52bbbad119

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 452
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 tf-0-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 6 KB
6 KB 31ms
28ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/tf-0-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28ab54221ab1e2503a9371226479fa3d28e5a5853fb98336c81852b9880c87bd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6094
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 tf-0-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 4 KB
4 KB 26ms
23ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/tf-0-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c77e19bd7a4d2a7224f0b857dcbcea10d8a257a78d956681d463ad5c7c8bad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3937
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 tf-1-box.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 421 B
452 B 25ms
23ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/tf-1-box.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48e6ed9e4498bd6524f0961f74c0c102d0a50d677d298c62fc85a2d1828a4a8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 421
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 tf-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 8 KB
8 KB 40ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/tf-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cc93c261cc5e51dcebf11ecc8f13a4371ed1adc3b157b838cee8e33dad9f7c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8047
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-stoerer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 14 KB
14 KB 42ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-stoerer.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f50abf073b0c34d853c53da7bfab48463a11ffd11e11799cfb28317836da16

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-logo-shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 4 KB
4 KB 44ms
41ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-logo-shadow.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beb77f0e62e98b0dc2caf54069a175df49d64b34b35fe460e01bc5db0f330aa1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3855
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 5 KB
5 KB 41ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccd5c1bf0581d325b503e678770ed9f7e1d6e59c10b4e1687b484fa2e4ff25ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4713
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-overlay-white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 2 KB
2 KB 39ms
36ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-overlay-white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2baea378d5072cb19ce610515bd50e43a8cfb324570100a2f1866eaff0da68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-logo-end.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 7 KB
7 KB 37ms
34ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-logo-end.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdee7d0037e6e89eea01178f9a7a03f3a14ee397d31d6d6a5d2feea211d76632

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6893
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 img-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 4 KB
4 KB 38ms
36ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/img-cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2982400ad4ca3e3f282417123152779524e622827bbab4e4b329b281dd42b91d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3611
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 100 B
132 B 37ms
35ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/gfx_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a0b9016effeba63e20f7af81c01408884f1bea6b55406a9efa662a60af372e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 21 Nov 2022 12:48:31 GMT
x-content-type-options: nosniff
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 06D2 57 KB
23 KB 53ms
20ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 17:52:46 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/ Frame 06D2 2 KB
1 KB 22ms
17ms Script
application/x-javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/assets/TKUT_v1.1.1.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12813831789494163656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Nov 2022 12:48:31 GMT
age: 104655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:29:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 12:48:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AC9C 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 507E 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 16:56:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 507E 18 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 507E 154 KB
47 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 17:52:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AC9C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
34ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:46 GMT
expires: Tue, 22 Nov 2022 17:52:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 507E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 327b7b8a588cf7715a236a4a6899d9b48dfdb614a0a57fadca80b561b923354c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 06D2 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:51:22 GMT

GET
H3 200 container.html Show response
324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7547 6 KB
3 KB 17ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Wed, 22 Nov 2023 17:52:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0318 640 B
265 B 53ms
49ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBjzjI_YATAB&v=APEucNVsiw7mX9BjJ_zbWFph3W_ozWIVeeQ4cgODbo3nr-xEL3ZDDJlDHE81kIGxH8XGsIFN652dhKPUSbEbn4XGJQekbZzkQ7zNXKzd0D4HHOjMs9oGYwLaVJWwdyyAhtag5BHfh4gi0pdXeXemoIUZk1TKK_sV0Wxm2HQ75bL7YOvy3jmAZGD-HTX8hbaqQcj-eqAy5wQ2

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:46 GMT
expires: Tue, 22 Nov 2022 17:52:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7547 15 KB
11 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLY5nFNyvnNr_CRM6vHvEZuc8cgEaK4BSaVwsFIM1CUnW1nD-XoJ7FH48dM_FN__Ue9Sl1NqiVJ7Bfhl46Ys68pz3uEsUM70BHGZvL2C0WAcLvN8FSc8s4eT2r_6RRdfnvgoBVmcgmRwFe_HfKCf-DjGZ_rm-6AkAZWM33nOK1PS-rdVw&cry=1&dbm_d=AKAmf-CT0-kzrSeTk6I3bulgB1wb2egkPDLM-MJ2--CZznQGu-VpIN6S-UiZHUDILGYsMwMZW7NOMA37gKSDpQboXxLjDO0M8UVZVF-4sAWuiOFpRTqtNvOMhd1qRvVR_EPCMid8yCH6ubIzbibm8--RghKxWHRpV5HG_V6XiaE0_Jp8voUkIbzrw7whbfloeTYbhxws39QxsuwDESphTDrO3fXQSil8Y7VuXA91nKPYWMZz-JBaPqJxHerQ3Y2PN-ocZUh9ecJmvf3f1sYY-o-FJCcTb5_F0omwBd-P4r_cNPoXSyKb04gSB0c5waXyEEdWmYANmCIa9803qV90Z70Syja_gl423RKKvSJxl76q9fSsCUlI1D1R_qGBAYH1XCXEAT7zSy1rfSV5FtFaAcu5lnNN4ODCEvu1TOIE6zxGto1Ymsa0qCG1rFX3Pwy9J3WaFlGIz0Dp3rG5Tbung_w0qsRYYL_jjlaUOOnZh47VkuLKHqho8EZH_c5dxr3ljmysXAIPjkFmp9L5YKy8qlWiGnFw7-hwbE-va5Zs0D376OEy0j458QPU6ElJxtI9NDTOLeZd3MZoBBlGIbeS0fHNWALb3noPdN6OKHE7EkP0y-pcrJGCLv2U7W8AABPz7aJF-FT7HbZ0XRD7M_p0lD99xYh00rlrGCGucLiUo5I7HH6uBmClcxzpXrDdvzRMtm8RbSfvk_mry9hqsf406OkllGbK7Orx4wHYk0DjL3Hiagjr2IqVzCsmuKXzLoOdjMbv44EVXacLdkuNFyOg8pbTfuameDQmQe4G1cH_7LOe4a2qbkQmgeQPHYii09VEw0vOrNG68Q0cSC0HgZMsS2WWtQhF3mzuvyNvil7Rl9OUfyByqylYy3S1C0AMhczXz8NwMphke3CDm7EXSJUpxhQzbeSB9hEE724TqeVZla_7GcEai77hfK6KewlM4EMLVJMv6jISmJr0MprEqnnwi1n7ZpGC5qxgayClEsXO7XVTxaIzfUljfVJUvz80EO5pUXYiB-k0b8vl61PYj77FJ2HXZmmcQIwyM2uMmxghQElvp5E7Jz326-1m_DxGooKIFVWExyhK39HowBGICG8gtWlATLHJibIgdTNLb6tXwKcxhMN1iFVV0j4UEnU8-Dla3NqNotF1W-A_jiSg1yNGtdY7NuZhMWMjRri0wp_lgrXKCt1mYrEthKctgsfDIwqpDOpUaCOQBjqZHPBCdi_Zy95kWrf_DkKqYxQ19R_kVz8CXgLTHBsP_GmIJZ8ZiNEW9GKnJ5r9rmYZ-OkVZFqsvy4-s69B7dOXR7DnMLSR6Rxr1rmfY9IvwTuq5_DKfF5nGjQ5f1t1HKhdeKPvG-LrsQxxSMxe-BGpTi3NvplwxzTqfMSq-0SzsWdc9huApmBQ9qZE98uupHo4D-v0Rno1Jvk515idtyQYVcemFRJDJIptyW2kfNx1gEjpq4QWb8d5j076UfvzaRcXWdM3fltuIe1j8FyGGv2uO9_clefi8OImM9wgTNXmFtGCZHnsYInFyZo5OLdb3wwiZPDkvwUdcVrQ8j_uDmLjp2UdDTLOSEgh7DEs8yixBpEUIVezBB7DpH30nonmwplXs9QTI0PVUrwXlAzmkK-QNtY_BopjaS-0EvdpnhkWRX8n8t6zuPdcZYDuZwhec5vNtUR0WaKRGEcm4Ox0sFtfsIb09R4ZqQCv9wj6zOEJudyIgVQoxKazRO3Z4LSHYTW6kaSvdcGtHHwlXaIEiLRLUK4PpQdH0jL9ZnQt4EHYSXsPQFLw5RRW7awfsRi8CvyDiEkNZQGbjGBeWmBvBSISeVy6WJT8y7cT34WbEKoDod31ZMh3-BQYn1RFc-9qFNNOIWfWGRKYEx1NNLY7C_vEwyDs8QVyLRJWj5skQsxQT26GEcl0BZyVsLAuwwkIWNOaQ2SVK0QBOL5E8hhpa7feDlohsBdDbS6IsAKACOP_E7En_lHKzj9kN7FiT_jRWpUw_UHCd1MX5IKM3fpUd3Uh6E0sL7nMFNFJAK7PmFcAQmQpe4deUI0cBlaFX9TxOYrZkT_H6gFlG4langmeWfg9b-UZaCK-XWg6hLc7E7N1KjPtnDDW-fGaIlrQyV0WUn3pI-yZPTeYkn99L24bt2l4sOQMNMUbHRgOwhR___D3-dR2ha3yllac695We6GG6f-h4FRBmkd6TjEtC5mjyrfZ98A7eXXg1YNvlVjtX9Y42jQCawvC5EpZro6w2YZD3PuYEdscTfyxkT3wwNmxMR9eXvWN3khHPgd_WAdmvKBs6atJWEJSmS5Ce1mcJQcsExQ5a0WJ7pXk-KPGZGWHJmzD_99HkNfZ5AzITQDOFml0bz7GuZkZyscxjCreUuUgTXIgNDzwqrpa-OOdRTVgTIKHQ0dLltXNHtp4Wfe8CwMpyQlnUcY5qccVuatzL09qu3NGxF_mROH0934364lovcPNH1sf7xeX7-uITG6BK64pAsyphm2pEsJlB3d4qudrFXIX1HE8atkLqZiNaOvr9cPk_U_gBDfMRwAzhxKjMm-oCzbdSsfojp8bUXjf_eynHb0wDxTPX9ro3JeT4C4_FeOIVIhYNFTz4HKdqntFSMNPhDdYGEtXcLcS4Gv32Rm4w86FXnh2Wwb5mqfFFrFHaIlArYvK0MBKmrCbQyNNClo5P_2ULDQd8MuoLTD817w3-7japJXQpSChrwdJIYo-HbLZO3CxEFQc1pYZP84hXQvBIFhBhbVGupFaBxwwEhRSv9uwkFk1QjSKmitaNA_kGL_claY_Ta2zWsIgyVR2Au3nGalTxZQIRkXqRpWl8g4B6cEa-rqUsulCXHHfa9ihgeX-S14F_L1IDlMHtRHPi5mPHgi5KtqfwPiWRV23vFvPligXT-1ak_36FupcEIWDoGTw1cMz3Xbi0T1P0h-Y6aztFxJ4lLxHCI4PxfA91o4hx2AmjkqeN60GcN7soO0G5hCuHLHPReuwtKIqU-CAhjA0HDkCgKQPJ3BpCtJX8uBkLLxcaNViKQKP5q-WM4M4wOstxZsdrn7mMsNefZN6Eys3eEY-vwfJWa6zqnIUBjNyO91OL0o5EpxUPzqafJ2mIeR6avwHp9RTHkJHa-K_l9ZBiDeL-SaTcRiq2tpvbhamYbryyfhG21s2uh0y1cKqtRyVAWtCHP6E6yNWydxjsCDaaa74npc55PUxwlXxegPuwIaIdKM866ZcGJb9nwhSqTcONnE-OoD-qFSyCxAdriNsq6nPTo4F8Yqb_CiaCXvOx6n4KzKvw-EdXGJ4RfT2atDcVXkpn1xt0InR-C9fzP29K5uNCxTz-M8Lu6R1tNHGa-vCnj-FSDyzv7GtS1VUYoS52jxxbXKhp8nVMoGoJ6_SJdm55KjfOeuJ3vGtfKEGpC8RkzCN9LZmfEXqg8iDWhGOBhipq_-2UR9AYKIDTriWC1g&cid=CAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT&rfl=1%2Chttps%253A%252F%252Frainostreams.com%252F%240

Requested by

Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e41425e25ee55e97bd7931aff278e153147b08f12bd06e76e8da0e7134eb8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7547 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APJhoOiKblL6GgSVQ5kLjPYlinfYwJLIRs3dbNewZxj4Z7FfUq7jDZUXKssdgi-1aeNy7vE8e3uPCuzW_G80QiMO3oY2L2EFt94r0PuGhYgFIcigo

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
trc.audiencemanager.de/ad/ Frame 7547 6 KB
3 KB 144ms
44ms Script
application/x-javascript 52.17.26.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.audiencemanager.de/ad/?pl=63468d106d216e35f43d8a54&cb=1669139566159959&tc=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3D
Requested by: Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.26.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-26-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: e6b4f06ac9d1e699882b645148e9aabce392fa1251c43b385f944be00ba03484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: e24dc6637d0c6ea9bdf8202323537158829457
vary: Accept-Encoding
content-type: application/x-javascript
status: 200 OK
hostname: 10-0-13-131
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 9
content-length: 3155

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7547 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 16:56:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7547 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7547 154 KB
47 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 17:52:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7547 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLY5nFNyvnNr_CRM6vHvEZuc8cgEaK4BSaVwsFIM1CUnW1nD-XoJ7FH48dM_FN__Ue9Sl1NqiVJ7Bfhl46Ys68pz3uEsUM70BHGZvL2C0WAcLvN8FSc8s4eT2r_6RRdfnvgoBVmcgmRwFe_HfKCf-DjGZ_rm-6AkAZWM33nOK1PS-rdVw&cry=1&dbm_d=AKAmf-CT0-kzrSeTk6I3bulgB1wb2egkPDLM-MJ2--CZznQGu-VpIN6S-UiZHUDILGYsMwMZW7NOMA37gKSDpQboXxLjDO0M8UVZVF-4sAWuiOFpRTqtNvOMhd1qRvVR_EPCMid8yCH6ubIzbibm8--RghKxWHRpV5HG_V6XiaE0_Jp8voUkIbzrw7whbfloeTYbhxws39QxsuwDESphTDrO3fXQSil8Y7VuXA91nKPYWMZz-JBaPqJxHerQ3Y2PN-ocZUh9ecJmvf3f1sYY-o-FJCcTb5_F0omwBd-P4r_cNPoXSyKb04gSB0c5waXyEEdWmYANmCIa9803qV90Z70Syja_gl423RKKvSJxl76q9fSsCUlI1D1R_qGBAYH1XCXEAT7zSy1rfSV5FtFaAcu5lnNN4ODCEvu1TOIE6zxGto1Ymsa0qCG1rFX3Pwy9J3WaFlGIz0Dp3rG5Tbung_w0qsRYYL_jjlaUOOnZh47VkuLKHqho8EZH_c5dxr3ljmysXAIPjkFmp9L5YKy8qlWiGnFw7-hwbE-va5Zs0D376OEy0j458QPU6ElJxtI9NDTOLeZd3MZoBBlGIbeS0fHNWALb3noPdN6OKHE7EkP0y-pcrJGCLv2U7W8AABPz7aJF-FT7HbZ0XRD7M_p0lD99xYh00rlrGCGucLiUo5I7HH6uBmClcxzpXrDdvzRMtm8RbSfvk_mry9hqsf406OkllGbK7Orx4wHYk0DjL3Hiagjr2IqVzCsmuKXzLoOdjMbv44EVXacLdkuNFyOg8pbTfuameDQmQe4G1cH_7LOe4a2qbkQmgeQPHYii09VEw0vOrNG68Q0cSC0HgZMsS2WWtQhF3mzuvyNvil7Rl9OUfyByqylYy3S1C0AMhczXz8NwMphke3CDm7EXSJUpxhQzbeSB9hEE724TqeVZla_7GcEai77hfK6KewlM4EMLVJMv6jISmJr0MprEqnnwi1n7ZpGC5qxgayClEsXO7XVTxaIzfUljfVJUvz80EO5pUXYiB-k0b8vl61PYj77FJ2HXZmmcQIwyM2uMmxghQElvp5E7Jz326-1m_DxGooKIFVWExyhK39HowBGICG8gtWlATLHJibIgdTNLb6tXwKcxhMN1iFVV0j4UEnU8-Dla3NqNotF1W-A_jiSg1yNGtdY7NuZhMWMjRri0wp_lgrXKCt1mYrEthKctgsfDIwqpDOpUaCOQBjqZHPBCdi_Zy95kWrf_DkKqYxQ19R_kVz8CXgLTHBsP_GmIJZ8ZiNEW9GKnJ5r9rmYZ-OkVZFqsvy4-s69B7dOXR7DnMLSR6Rxr1rmfY9IvwTuq5_DKfF5nGjQ5f1t1HKhdeKPvG-LrsQxxSMxe-BGpTi3NvplwxzTqfMSq-0SzsWdc9huApmBQ9qZE98uupHo4D-v0Rno1Jvk515idtyQYVcemFRJDJIptyW2kfNx1gEjpq4QWb8d5j076UfvzaRcXWdM3fltuIe1j8FyGGv2uO9_clefi8OImM9wgTNXmFtGCZHnsYInFyZo5OLdb3wwiZPDkvwUdcVrQ8j_uDmLjp2UdDTLOSEgh7DEs8yixBpEUIVezBB7DpH30nonmwplXs9QTI0PVUrwXlAzmkK-QNtY_BopjaS-0EvdpnhkWRX8n8t6zuPdcZYDuZwhec5vNtUR0WaKRGEcm4Ox0sFtfsIb09R4ZqQCv9wj6zOEJudyIgVQoxKazRO3Z4LSHYTW6kaSvdcGtHHwlXaIEiLRLUK4PpQdH0jL9ZnQt4EHYSXsPQFLw5RRW7awfsRi8CvyDiEkNZQGbjGBeWmBvBSISeVy6WJT8y7cT34WbEKoDod31ZMh3-BQYn1RFc-9qFNNOIWfWGRKYEx1NNLY7C_vEwyDs8QVyLRJWj5skQsxQT26GEcl0BZyVsLAuwwkIWNOaQ2SVK0QBOL5E8hhpa7feDlohsBdDbS6IsAKACOP_E7En_lHKzj9kN7FiT_jRWpUw_UHCd1MX5IKM3fpUd3Uh6E0sL7nMFNFJAK7PmFcAQmQpe4deUI0cBlaFX9TxOYrZkT_H6gFlG4langmeWfg9b-UZaCK-XWg6hLc7E7N1KjPtnDDW-fGaIlrQyV0WUn3pI-yZPTeYkn99L24bt2l4sOQMNMUbHRgOwhR___D3-dR2ha3yllac695We6GG6f-h4FRBmkd6TjEtC5mjyrfZ98A7eXXg1YNvlVjtX9Y42jQCawvC5EpZro6w2YZD3PuYEdscTfyxkT3wwNmxMR9eXvWN3khHPgd_WAdmvKBs6atJWEJSmS5Ce1mcJQcsExQ5a0WJ7pXk-KPGZGWHJmzD_99HkNfZ5AzITQDOFml0bz7GuZkZyscxjCreUuUgTXIgNDzwqrpa-OOdRTVgTIKHQ0dLltXNHtp4Wfe8CwMpyQlnUcY5qccVuatzL09qu3NGxF_mROH0934364lovcPNH1sf7xeX7-uITG6BK64pAsyphm2pEsJlB3d4qudrFXIX1HE8atkLqZiNaOvr9cPk_U_gBDfMRwAzhxKjMm-oCzbdSsfojp8bUXjf_eynHb0wDxTPX9ro3JeT4C4_FeOIVIhYNFTz4HKdqntFSMNPhDdYGEtXcLcS4Gv32Rm4w86FXnh2Wwb5mqfFFrFHaIlArYvK0MBKmrCbQyNNClo5P_2ULDQd8MuoLTD817w3-7japJXQpSChrwdJIYo-HbLZO3CxEFQc1pYZP84hXQvBIFhBhbVGupFaBxwwEhRSv9uwkFk1QjSKmitaNA_kGL_claY_Ta2zWsIgyVR2Au3nGalTxZQIRkXqRpWl8g4B6cEa-rqUsulCXHHfa9ihgeX-S14F_L1IDlMHtRHPi5mPHgi5KtqfwPiWRV23vFvPligXT-1ak_36FupcEIWDoGTw1cMz3Xbi0T1P0h-Y6aztFxJ4lLxHCI4PxfA91o4hx2AmjkqeN60GcN7soO0G5hCuHLHPReuwtKIqU-CAhjA0HDkCgKQPJ3BpCtJX8uBkLLxcaNViKQKP5q-WM4M4wOstxZsdrn7mMsNefZN6Eys3eEY-vwfJWa6zqnIUBjNyO91OL0o5EpxUPzqafJ2mIeR6avwHp9RTHkJHa-K_l9ZBiDeL-SaTcRiq2tpvbhamYbryyfhG21s2uh0y1cKqtRyVAWtCHP6E6yNWydxjsCDaaa74npc55PUxwlXxegPuwIaIdKM866ZcGJb9nwhSqTcONnE-OoD-qFSyCxAdriNsq6nPTo4F8Yqb_CiaCXvOx6n4KzKvw-EdXGJ4RfT2atDcVXkpn1xt0InR-C9fzP29K5uNCxTz-M8Lu6R1tNHGa-vCnj-FSDyzv7GtS1VUYoS52jxxbXKhp8nVMoGoJ6_SJdm55KjfOeuJ3vGtfKEGpC8RkzCN9LZmfEXqg8iDWhGOBhipq_-2UR9AYKIDTriWC1g&cid=CAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT&rfl=1%2Chttps%253A%252F%252Frainostreams.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 11:55:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0318
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFapgRDG70wQy4Lt-cLbo&google_cver=1

43 B
114 B

32ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFapgRDG70wQy4Lt-cLbo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBjzjI_YATAB&v=APEucNVsiw7mX9BjJ_zbWFph3W_ozWIVeeQ4cgODbo3nr-xEL3ZDDJlDHE81kIGxH8XGsIFN652dhKPUSbEbn4XGJQekbZzkQ7zNXKzd0D4HHOjMs9oGYwLaVJWwdyyAhtag5BHfh4gi0pdXeXemoIUZk1TKK_sV0Wxm2HQ75bL7YOvy3jmAZGD-HTX8hbaqQcj-eqAy5wQ2
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHAFapgRDG70wQy4Lt-cLbo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 0318 43 B
304 B 60ms
27ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBjzjI_YATAB&v=APEucNVsiw7mX9BjJ_zbWFph3W_ozWIVeeQ4cgODbo3nr-xEL3ZDDJlDHE81kIGxH8XGsIFN652dhKPUSbEbn4XGJQekbZzkQ7zNXKzd0D4HHOjMs9oGYwLaVJWwdyyAhtag5BHfh4gi0pdXeXemoIUZk1TKK_sV0Wxm2HQ75bL7YOvy3jmAZGD-HTX8hbaqQcj-eqAy5wQ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 0318
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFdGdoyuOtEdJC_bbUpCv7M&google_cver=1

23 B
172 B

83ms
68ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFdGdoyuOtEdJC_bbUpCv7M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBjzjI_YATAB&v=APEucNVsiw7mX9BjJ_zbWFph3W_ozWIVeeQ4cgODbo3nr-xEL3ZDDJlDHE81kIGxH8XGsIFN652dhKPUSbEbn4XGJQekbZzkQ7zNXKzd0D4HHOjMs9oGYwLaVJWwdyyAhtag5BHfh4gi0pdXeXemoIUZk1TKK_sV0Wxm2HQ75bL7YOvy3jmAZGD-HTX8hbaqQcj-eqAy5wQ2
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Tue, 22 Nov 2022 17:52:46 GMT
pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFdGdoyuOtEdJC_bbUpCv7M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 0318 23 B
172 B 81ms
38ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_3HRCSsouMBBjzjI_YATAB&v=APEucNVsiw7mX9BjJ_zbWFph3W_ozWIVeeQ4cgODbo3nr-xEL3ZDDJlDHE81kIGxH8XGsIFN652dhKPUSbEbn4XGJQekbZzkQ7zNXKzd0D4HHOjMs9oGYwLaVJWwdyyAhtag5BHfh4gi0pdXeXemoIUZk1TKK_sV0Wxm2HQ75bL7YOvy3jmAZGD-HTX8hbaqQcj-eqAy5wQ2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Tue, 22 Nov 2022 17:52:46 GMT
pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B0F0 22 KB
8 KB 16ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:55:20 GMT
expires: Wed, 22 Nov 2023 11:55:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame B0F0 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:51:22 GMT

GET
H/1.1 200
OK index.html Show response
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/ Frame 096E 22 KB
23 KB 58ms
11ms Document
text/html 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Requested by: Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=63468d106d216e35f43d8a54&cb=1669139566159959&tc=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8aaade6f8a0c3a48538d7f9c00b649f9b074a4f125fe6f8a97cd40e90d4f04ae

Request headers

Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 74803
Connection: keep-alive
Content-Length: 22567
Content-Type: text/html
Date: Mon, 21 Nov 2022 21:06:04 GMT
ETag: "2617686edea07fbca44b8040add0bfed"
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: d1eKhEJqQoJ09_IwQRwJY45WWgrKjYOFeVyxEl1UtA9S-m55sjhvzw==
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
x-amz-version-id: fEaRGSUsK5VtQ5NGXVowM1T_bUVHHi9m

GET
H2 200 impression
anz.audiencemanager.de/log/ad/ Frame 7547 43 B
296 B 64ms
49ms Image
image/gif 52.17.26.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anz.audiencemanager.de/log/ad/impression?id=63468d106d216e35f43d8a6b&adId=e24dc6637d0c6ea9bdf8202323537158829457&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&curl=aHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw&ntuId=88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed&cb=1669149382
Requested by: Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.26.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-26-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: 37c0ef637d0c6ebe3b92204928501108746615
content-type: image/gif
status: 200 OK
hostname: 10-0-13-140
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 12
content-length: 43

GET
H3

200

B28678037.347519798;dc_pre=CPPx1betwvsCFQzcEQgdIe8JWQ;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/ Frame 7547
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CPPx1betwvsCFQzcEQgdIe8JWQ;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rd...

42 B
63 B

72ms
41ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CPPx1betwvsCFQzcEQgdIe8JWQ;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5511.3889767NANOINTERACTIVE_OMD/B28678037.347519798;dc_pre=CPPx1betwvsCFQzcEQgdIe8JWQ;dc_trk_aid=539019242;dc_trk_cid=122269567;ord=1669149329;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7547 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cc78b751d025f51e7a2df07318492269ece579cd943f024e0e80a4fa6c4f6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1180045/66149901/ Frame 096E 46 KB
12 KB 102ms
32ms Script
application/javascript 52.17.139.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1180045/66149901/skeleton.js
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.139.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 018bcd6a7561e3168a2cdb461edba9ef4d64aeebb496116d539246180d1d9cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK gfx_white.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 81 B
592 B 10ms
9ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/gfx_white.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f2d571dc958545acd535c55ab8b0480c4f4d5ff9f0222adc1189fa389a571be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 2iYdQ.QiIXZkmmaXxfPsnDGB3HZbzOCs
Date: Tue, 22 Nov 2022 15:43:06 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 7789
ETag: "05b85bf02d70a2ef82efce3adc970877"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81
X-Amz-Cf-Id: I3J-TlFRbG9JrfDZV_rnZppt2R6IuvcVnzo6jovJ86pcLmgJ8SvTng==

GET
H/1.1 200
OK img-bg-overlay-0-0.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 4 KB
5 KB 9ms
8ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-overlay-0-0.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15203ffcf95082485fa4a70cb2df5a5cb451cd4e1e47a2e012d01ed43b69eb1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: qAWt9atgy.xqQtqm24pmBZ3dN5It0U_S
Date: Tue, 22 Nov 2022 06:59:09 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 39218
ETag: "e29ca4fda5b39b794578e740d2f0b02b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4209
X-Amz-Cf-Id: m7FXmDk61htBmXbissiIm3_VBvBSqgCH5PnFYZJK_25LVJhR9CG07A==

GET
H/1.1 200
OK img-bg-overlay-0.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 4 KB
4 KB 10ms
10ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-overlay-0.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8508408273717ae33118b2534e05ee065e92d87d023a169cc00254614593f4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: S74WS0X_VShI581CMKwKENjIKVMoWOhW
Date: Tue, 22 Nov 2022 06:13:43 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 41944
ETag: "29cc7a7bc99fdeba25ecfd854fd198f8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3828
X-Amz-Cf-Id: UslfqVEKMQYbAXfgWwWz-0J2Uv_17ionvLSQpJrz3gczHL2gRCV3nQ==

GET
H/1.1 200
OK img-bg-overlay-1.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 5 KB
6 KB 12ms
12ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-overlay-1.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8472f8e9376927bc57574db586960515033609db7823d5e6610f0c9993d8ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: i3EBkaEUXI_DidMghWiLCuFQejisEZyy
Date: Tue, 22 Nov 2022 07:23:34 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 37753
ETag: "c856a248e3b6dc3ee7120028eed7cff3"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5122
X-Amz-Cf-Id: D7_2jEQEPrriscCJgSa0c3G8tePfGlxRwZYrombb5F5skh10ZGZQgQ==

GET
H/1.1 200
OK img-bg-overlay-2.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 4 KB
5 KB 11ms
11ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-overlay-2.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 541be6e17b933f0ca125df086e4d534c432ef226508f1fdae32c583fff79d9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: _9_lykGjj9BEiobxW_K8J9MIL2eLuX4U
Date: Mon, 21 Nov 2022 21:06:05 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 74802
ETag: "f2bc35895a7aed0d2d458a605a842c7c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4202
X-Amz-Cf-Id: cmWvMHRcVc0hCoxBy5YjwCpoSRQNp7SiyyokrnxnFci_Zk64OM4-kw==

GET
H/1.1 200
OK img-logo-0.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 4 KB
5 KB 11ms
10ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-logo-0.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36dcf000478cf87979f6fc8702dd2f68a11295c3bfdbc3c88d586b08e0ebbbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ytRD4I_wm20fCS5iOvbshdPwvDsNi8wY
Date: Tue, 22 Nov 2022 09:27:11 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 30335
ETag: "02f067f9b647dff6cba9eff23d17b4ef"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4138
X-Amz-Cf-Id: pILTF7S12DSTZHVa-iYjqm-Dmp8gUL4bcKfUmBA95SAosZBRNydpwg==

GET
H/1.1 200
OK img-bg-overlay-3.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 5 KB
5 KB 9ms
9ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-overlay-3.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7090d99febdb36e0059c263b0d9fe1ec0388a0609ab7add9a62c280f1e4db3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: fDmXEOpjpeP.LtXvQsHWl4xYCM1SYohS
Date: Tue, 22 Nov 2022 06:59:09 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 39218
ETag: "b002ef76c3e9aee84a1f5e14bd404f2e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4991
X-Amz-Cf-Id: nNpvcZmiK9iIDnSoAo9hg5wTbxbmc6QGM28hJJNuEDyUodUhr_LOUQ==

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 096E 113 KB
39 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 17:52:46 GMT

GET
H/1.1 200
OK TKUT_v1.1.1.min.js Show response
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 2 KB
3 KB 8ms
8ms Script
text/javascript 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/TKUT_v1.1.1.min.js
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: jasHqzXEfQnhOPX0Wu60qzLpnXAUqtd4
Date: Tue, 22 Nov 2022 06:59:09 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 39218
ETag: "33966fde6a113107dafb766b36529442"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2324
X-Amz-Cf-Id: hCKklj7GJVedUsuLRLAX-crmMxJvYQpg-rHuyf0Mqtu82Dv_OjkYXg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0F0 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1RUgbgx9Y8-9JITYx_APqtufqAgAAAAAOAHgBAI&bg=!AgGlAUXNAAbvMpMzzzI7ACkAdvg8WrdOFVKfFcvEgrCEjzV425cEbzGjTZ0BHMruxK8KxrHfDa-GNgIAAACDUgAAAARoAQeZAviApSD0ckwnL7bCgrygoVMrfD1Fs92y6aBMRqksfH1Gir9xS8r8Lbm7Bx3d0HsY8rDYEeHHrpY0GNQgFapXssxfmXjQeK6yPi3EFCTD8bB38ALukGFHmKdnS-1DG-A6Pmy5nQcyF1myNa6g8YNNPsAFvsftSmQ17XX6JqTS3WtAU9svkVMNI40Y4LteM-_k-ECUYEnE6TpTMbxp-Sf03RReUojuX-dyCNuQZ45_IJBHZ55dfuS531zPOwLa4QK24VqsvMO9RNlPxrAOEiNeGwHhM0UWkmAzzvhFRv-EjXAyAHKGFEV084IyPUhag9gshOUlaUeNqcERxHsqg8yq9RNA5QHti8EPBr0OLgofP99-7n3Xx4HQA5hGm5--QydHu6Xt5RGCh40stf9pLF-ifqkt8vHIvEx3Wj2-VzQ5Hv5DyrEX490Mrs2ajY1HvtoTLiSUbD-JJXY1_Mey_Vdg4hi13HIMjpe-SuMFFhQnlTu0xeOuNoyhW6_gFmrK2bCJX7JkPEVlcwO95TawVeUxIf3qx4R6SOfOXwylmPqGQrLjJJXtMbQ1Zyu6h5tax0wXUUHXKE0jgLMmzivhpzFKAjKtjNVoR_LgGUR70KSea5cnFIBy9fHHMJvs6Y-DEUa1aMaFpv9SlSt_fRauhcXeo89F_tvWMvNeu22JqPnQ5XA8UijogMc8mnqwuqnZjiGZBXGtp7tMtFT7162jPTPV_rBvcjxHi_lHf2JdzpnY8F_f5MaIeDTOssW9ao_yJSRbTLpBi3AK3eCXKaR0Dw2Ia2h_Wh-aUroh4IEp0VzsXG0eIB0TjKdESXF9IpPT927vksTcCmUddJHutobvKprBOJLjdtZTb1IE7ctMAjlfGq8XHsyN9sOFbofhzsMPe_YAH6KbmRmxUvtbS0ZEIvJ6KEv6Q1K18Tsp-7_ek_wsK3MUt9UlFa4rywX6aV-VTWdH7t2mroWE3_bgl-Kr4hdPl1b5jjmBlXyS2dSdWl0EU4aR9cYCOTkiMOL5

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.366.js Show response
static.adsafeprotected.com/ Frame 096E 196 KB
61 KB 53ms
9ms Script
application/javascript 2600:9000:21f3:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.366.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1180045/66149901/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id: DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding: gzip
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 72894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 19:50:49 GMT
server: AmazonS3
etag: W/"ca4194ffbaa3712186a83d16b497895d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: F_8HEuZtC9xit3lU_SC1ezG6xhrDmLgzl6pVj_Jllu8zdpTtAGGK3w==

GET
H/1.1 200
OK img-mask-tf1.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 5 KB
5 KB 22ms
10ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-mask-tf1.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df844419cc9ac6897808536c03132a6b090bc56c3ed70aec76e0488d533d2e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: XUjcOznXyd1lzl34dCjyrnk30sX6Sd3Z
Date: Tue, 22 Nov 2022 06:13:43 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 41944
ETag: "a9feb803b3e460f14cceff8adff584ee"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4992
X-Amz-Cf-Id: E-G7o9zdcKyR9eOcFgjNeGSug3HjZegOY7tzy07POrFFzHxw1NZjUg==

GET
H/1.1 200
OK tf-0.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 7 KB
7 KB 28ms
9ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/tf-0.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e56f80022afef3697144dd657195687bb4dd230bda9efddcf6eaa0d5532e88f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: GqxSdra5_rb1reSV3SflJbDhLX.PzY5c
Date: Tue, 22 Nov 2022 05:01:02 GMT
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 46305
ETag: "adf844bb15de484bd8424ed13db564ab"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6763
X-Amz-Cf-Id: bTSb-G8qiAR6FgHetsDubkNg3y4UCLasjBiDIrYmoQoJuv4TYbWFFw==

GET
H/1.1 200
OK tf-1.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 6 KB
6 KB 34ms
12ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/tf-1.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a997b809ee2484cce2385fd46baadbda01ede309e317ac345f324e199e627b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: tEq8k.JNx_oPPc0DTd9mMrzEu5ikeqOS
Date: Mon, 21 Nov 2022 21:06:05 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 74802
ETag: "854038d84bcca72ed1253b69de264858"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5740
X-Amz-Cf-Id: cIHQcVB87MMGAt78zic6pCHLgEAcI0hLwlTMb9gD50aI4dTZPavfEg==

GET
H/1.1 200
OK img-logo-1.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 4 KB
5 KB 32ms
9ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-logo-1.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a589874dee9ab8294d0b94d5aae579561214766c58625559d0fc45ff330b1e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: AoFNVhN7r.Uw2yHGeK0wNo9GKZOgrskO
Date: Mon, 21 Nov 2022 21:06:05 GMT
Via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 74802
ETag: "21b8ce57c833e32a0a0f9b533bf8bcf3"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4246
X-Amz-Cf-Id: 8yaUc0knVMGhbb8c2OZFumz3e-S0hEFrbtdmteBTe-xij8BSqYb-oQ==

GET
H/1.1 200
OK tf-2.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 6 KB
6 KB 33ms
11ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/tf-2.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db35fc68ab45959f59ba48ef6c750ec421e95121266fe9008fa768597235c69b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: JZER6hf0E8eXGUXknbkQje9RHKsxDiE4
Date: Mon, 21 Nov 2022 21:06:05 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 74802
ETag: "b963c90c3d555ab111be07c35b39b07d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6083
X-Amz-Cf-Id: R2CWbrJigx3S0-HRKych_DhWInbWi-dvsLuIsu3yI5vnaxlKKvkpog==

GET
H/1.1 200
OK img-cta.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 4 KB
5 KB 22ms
10ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-cta.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c931c8c22dbd9dde61efa7638b9f2de7717bf4aeba8b0b17b81ef3df7f03aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: DYCtWcc2.yRaEx7BkGGGCOLG6ec1DoJr
Date: Mon, 21 Nov 2022 21:06:05 GMT
Via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 74802
ETag: "8f352e7bbf1b374facca0f4328dd45e1"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4284
X-Amz-Cf-Id: Mh0adj4YDjE_w6ViAOrVxX4w4ibK6-XVtnbxD82-ZlI7pFU15-q_tw==

GET
H/1.1 200
OK img-cta-arrow.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 2 KB
2 KB 12ms
9ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-cta-arrow.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce348db57e5e30cac363bb455991108d61928ce07e4789d6c11c390d0bf366b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: spzN_aE.vHw7_lQcjh52PWTAsIoF1XPe
Date: Tue, 22 Nov 2022 06:13:43 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 41944
ETag: "1be93022faa5bea5ffe715d202d3a47f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1780
X-Amz-Cf-Id: grhOWlJ5aEi9Fqp_EuwhXomrWIYf-4bB5SNyzd3pLMKYLEv8oUWgOg==

GET
H/1.1 200
OK img-logo-end.png
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 7 KB
7 KB 9ms
9ms Image
image/png 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-logo-end.png
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80251d59b2c8ec3665ab396d1cc906b8e115999a9c00dd2a96d49070a043db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: bP4wcuiE.BF80caMzyRxAyLIjS2Ybgat
Date: Tue, 22 Nov 2022 09:38:55 GMT
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 29631
ETag: "41e3c0b78e96d4979e986b91ab92cb37"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6929
X-Amz-Cf-Id: OBDEJ-8XBm40Pe2rCOfKarYaqkSFxipJ2V9CcQovCjpRZU1mHc7OMg==

GET
H/1.1 200
OK img-bg-0.jpg
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 44 KB
45 KB 10ms
10ms Image
image/jpeg 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-0.jpg
Requested by: Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be88cfd6168fed19ccd176ea3c8ad0f43553c7d887c4abc06598395e1af74535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: FiVxxNGudaCu5ExNT9ZmM1aOpKDK.O5i
Date: Tue, 22 Nov 2022 06:13:46 GMT
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 41942
ETag: "947894fc5fa174766f5fcd0a499a6287"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45306
X-Amz-Cf-Id: KFbrOwzwgIdsPy2_oC6Ex5BdImhk8PjpqBsND2-TD69nSjxwcoS6NA==

GET
H/1.1 200
OK img-bg-1.jpg
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 48 KB
49 KB 12ms
12ms Image
image/jpeg 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-1.jpg
Requested by: Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d3f2c3b6928bbf846de838aa05e1e1cdcfe62af65d1ccdd10d1bd84f8f0aadd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 19:27:47 GMT
x-amz-version-id: uvHgi18yKULGHmBVXxmf.3IGgkqgQNu8
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 80701
ETag: "f04b82e1b5f86fe31bcaf0259593ccc8"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49177
X-Amz-Cf-Id: Q7OnDrl0TzBoYIhNr_2IVlq4qL09AtQ4w-3Yec1mRyqv48WSfLfuhw==

GET
H/1.1 200
OK img-bg-2.jpg
cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/ Frame 096E 50 KB
50 KB 10ms
10ms Image
image/jpeg 13.224.189.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/assets/img-bg-2.jpg
Requested by: Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19836fd3e62972d80d5bd9b13d25a3d357cfbafc0400d140db61910ddfba9e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: SAhsNJhMlSxFawdwrF.83dTDChYCswCY
Date: Tue, 22 Nov 2022 07:23:35 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Oct 2022 13:09:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 37753
ETag: "06e8b71192fcb3f0bb30d29c43d41b14"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50757
X-Amz-Cf-Id: qIQ4G8-kwhqIk8b407WeAtTc9lNJ5ErB_17raQS-wqdbHLYB0fprfQ==

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 096E
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1180045/66149901/skeleton.js?adsafe_url=https%3A%2F%2Frainostreams.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fcdn.audiencemanager.de%2F&adsafe_type=f&adsafe...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

8ms
8ms

Script
application/javascript

2600:9000:21f3:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:21f3:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 5493744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: fUwUVCnqK_K_9eKEyfZng42ZWmQkFnKTFBgu7_cRtxqI8Ch7i84vFQ==

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5CAC 91 KB
23 KB 9ms
8ms Script
application/javascript 2600:9000:21f3:1400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: cdn.audiencemanager.de
URL: https://cdn.audiencemanager.de/htmlBanners/635a82f51297af31796878f8/index.html?clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6IG4bgx9Y9fhCYPJ3gPpmKmYCI6H8qBtn8e3tMMQ8C4QASCT3JxzYJUCyAEJqQJ3AyHW4TuxPqgDAaoE5QFP0LSC1WRmNtbhQTQgemQpv2gVtzvE4gt3Lcb4OSTpXEPnBhb3ynN0iW5z8WEKUsYvdE3PQwx-KPXYhxY4qjriGLJIxcUG091LvHL3SMBZVdz75SDSqMsbOQkJpLPQh63mv-fX-dzfZQKXSQSFwMmdqTwO7W2tABxsLqTGyjB_HW1mjME2J4O3ruPwWuCnURFwPwi_-EnZ0H6IqToNKrj6N3LUxK6JT5qrxGfbqw6GmmVXwpcqeBDnWSF5TQDYvPZGJDRen_hpD3cXg-0wvoHl6tEQcU37L3TO1ccefiAltOChtEFMwATUj5D2tATgBAOQBgGgBk2AB5KGh-UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO42IsR0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT%26sig%3DAOD64_0-tzJDMNH6Pd5Zg79W3H4isvG0ww%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-Cfe0VWbfplP_EKTOUQREHDmxHL-Nnz0LKHUqERAflIv89Vcf-_faIO6TwIYi68oE6gWBeIey6XTXAuuQG5fj5e1JQC1q8He8R1PWWVnwgScF8Olo6gQwvV7znM7Cgr4UqMRDu0vGMSIpLk2Ews2LJiCxgP-12DUL781goLp_BvPamMqHs%26cry%3D1%26dbm_d%3DAKAmf-DHEbWIe7tCQaOJgTEbNfLYT5bWF2mFuwKxXVLYENoqoXs_lGe13qzAkGS87V001tjiIP0-kcygUWPiENXG-UKWgIgH535m7JxFBVCTDWw2lO8Yngf75OhsKL7S-X38ECdVhigzBOo9xrkCz49p4zkz26I4p9G7LpJhlww2Eq8XN53g_ysr_eerjLAY2yhrRmJIdvQ5F1RnSojScP5M2Gg50EwjJPVBN_OwcDR9IYPkC-zq4-Ny2hQjy7XhyKxShw049L4Jhoyz6tawe-PMXcvrASGWp5NF5WgYu0FgB9G_RHMYdA23bojABYvv4n1PcSSO6iqNAPtbTvZZUeOgbKE5Y9ZZaP8qcge-rtYbO3EMn12SLRwJtjBA-jblsD1dV8H6f2p0kHXXGJZDmThoFu7gQdCEDUMtY23sPs7dCq0NK0KwvUFauIz2Onpi1vHelnKN05qCqlCGLNdm17kxfUgp21CXpk8NbymgZjAUFx4pHSDXwOpEIWZTLqiwreyFJaLqonllzonUtLuMUoZmIccAE4gJgn4G7fbmzqGMHYnHxtC6TqkBL2LDftuIgRioMcJ12RAtVPrcFPXXUu0fhuxTDOVlSwE2H0lfstgo_TgJgWQAzUA%26adurl%3Dhttps%253A%252F%252Fklk.audiencemanager.de%252Flog%252Fad%252Fclick%253Fid%253D63468d106d216e35f43d8a6b%2526adId%253De24dc6637d0c6ea9bdf8202323537158829457%2526alg%253Dr%2526rp%253Dr%2526hb%253D0%2526pubid%253D%2526pid%253D%2526nid%253D%2526atId%253D%2526subId%253D%2526baseReqId%253De24dc6637d0c6ea9bdf8202323537158829457%2526curl%253DaHR0cHM6Ly8zMjRmZGE0NmMzNTg4ZmIwNjA1NzdkOTQ4NGZkMjMwZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tLw%2526ntuId%253D88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed%2526cb%253D1669146351%2526redirectUrl%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 665307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: _J6h2kF5wOhX0rGFsYixAIfxce2vZ1XympGwdamdN6fXYN9Pfnaq4A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
215 B 538ms
171ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTyw,pingTime:-3,time:141,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:114%7D,%7Bpiv:0,vs:o,r:l,t:140%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:142,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:114,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~970.250%5D%7D%7D,%7Bsl:o,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,rmeas:1,rend:1,renddet:IMG.qs,siq:116%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
215 B 538ms
171ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTyy,pingTime:-6,time:143,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:143,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:114,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~970.250%5D%7D%7D,%7Bsl:o,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,rmeas:1,rend:1,renddet:IMG.qs,siq:116%7D&tpiLookup=ao:rainostreams.com*%2C324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 container.html Show response
324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED5F 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rainostreams.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:52:44 GMT
expires: Wed, 22 Nov 2023 17:52:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
216 B 470ms
170ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTzH,pingTime:-2,time:214,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:71,bdZ:200,beA:201,beZ:203,mfA:298,cmA:299,inA:299,inZ:303,prA:303,prZ:310,si:317,poA:318,poZ:330,cmZ:330,mfZ:330,loA:344,loZ:347,ltA:415,ltZ:415,mdA:203,mdZ:265%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:114%7D,%7Bpiv:0,vs:o,r:l,t:140%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:214,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:114,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~970.250%5D%7D%7D,%7Bsl:o,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:116,sinceFw:96,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED5F 7 KB
3 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/error_handler.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 20:20:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ED5F 2 KB
535 B 84ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 17:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:24:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Nov 2022 17:52:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED5F 2 KB
777 B 19ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame ED5F 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED5F 3 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 16:56:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED5F 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 11:55:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED5F 154 KB
47 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 17:52:47 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame ED5F 34 KB
14 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 11:55:15 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ED5F 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-BGfbgx9Y4WnHtnj3wPo1JLgDPyNgr9s4_6opqwQw-bpoZ0yEAEgk9ycc2CVAqAB8L3G9gPIAQmpAkTiwOpLOrE-4AIAqAMByAPLBKoEnAJP0BVeI_bqoZkZ10Y9fs62Os4pl7JMTq1wURckmyWioswBhZ8laIUmE9KqD670FZ2DzcWbFzK9zWC5rFrsCXnpvyMnuY5lpQ56lZsIZOca1FfbVTXi2lylfbfsTdhdNGwhNUk9tJIPkk8YX49Lh9pFS4KwGXsIo2Vntsc88Rzo4N-8j2j1lA7lcybWlCNJl0RqB2uxCaq7zwx2GTModCXN4CI_MhQlZPNU75l78O020LkDVNtWZRLm1DmUL1tl1yGLRXhuhNTnr4OkXU2eAZlWPK00cDpQ1hiYVJcAcPLt2SOzwrtgItOhet5Qy7Y0vmoPGXoxZC-zdH104Z3GoLJruyGHwSxzhW67X_59MSVTD555cHuM-zWjpbLsg8AE_caSsYoE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jBuQmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ_tcL0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItODQ3Mzc2MzM0MTA1NDk5Mxiq5xo&sigh=ch9uhTlH-XA&uach_m=[UACH]&cid=CAQSSwDq26N9IA5YgJkNPMCfbIsoowjZ9wHMEkk5VaIRe8FxzTtuPLJLsgRV6fhLiuEoIurLuzuoutl3PanehTbaUUoQ6GGpVvoLdAK1-RgBIBM&template_id=494
Requested by: Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame ED5F 26 KB
27 KB 68ms
17ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQW86L5iZxkzeHwwmwTRh5UF8UX5CClakxmqmuBMuA5WspFTZ6bFvCzUNOS9WY&usqp=CAI

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed7df9fc46d775768aeca88244812d2c678f87ca7349119168531166539ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 06:22:28 GMT
x-content-type-options: nosniff
age: 300619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26759
x-xss-protection: 0
last-modified: Sun, 10 Jul 2022 01:41:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 06:22:28 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame ED5F 24 KB
24 KB 68ms
17ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQeitt7d1x-nbyXJNG-JOiB_1u0Q-2spz1qeMatee2C5YXcCsTw8YqXJodsqg&usqp=CAI

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0048518833a824e4dd18ccc4795446e31ebe17e8c700a1014f60f4d238ff81fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:50:01 GMT
x-content-type-options: nosniff
age: 334966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24281
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 01:08:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 20:50:01 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame ED5F 8 KB
9 KB 66ms
15ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTPz8vhUgVWs0PKqhxKeDqCxc8JlYQOtxdaH-CVfl0Al4LkpdA&usqp=CAI

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721f4c021d879982d666e9b40589730f3174cea763c7641e1c9555b299944cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:18:05 GMT
x-content-type-options: nosniff
age: 452082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8345
x-xss-protection: 0
last-modified: Wed, 10 Jul 2019 09:48:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 17 Nov 2023 12:18:05 GMT

GET
DATA 200
OK truncated
/ Frame ED5F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fc6950dfde47558011c97e560e793bed53523cec120ad2cd773f4721eda84b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
215 B 357ms
170ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTBx,time:328,type:e,im:%7Bimprf:%7Bttecl:398,ecd:104,tsecr:48%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:112,o:216,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:114,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~970.250%5D%7D%7D,%7Bsl:o,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~970.250%5D%7D%7D,%7Bsl:i,t:216,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B112~100%5D,as:%5B112~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,rmeas:1,rend:1,renddet:IMG.qs,siq:116,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame ED5F 20 KB
21 KB 52ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 589199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 22:12:48 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame C145 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: 324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
URL: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 17:51:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 507E 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz5v-88MzIwE1fJesO4VFFHKbBjX2NujlHdGsZAKyAjly5t3NDrCs4RI8Nsy3IvM-NhV6cU71c6-AhSyC5klx4iISTN_p28UV9hhhC72CAHBt94EPwTkQjSJ9ljTt-59P8IeA5YdT1C27RGPlz1VWaHO1z0sCwgsh-jACdAwywYe1pxLiAr6nJRkqrLJeZs9fTY3kVrgz2FjfaRGlvOHLNHIPcDoRt4EtvYB_Ub-Og-8LT1bAW_HZYUntAcXolrhnNwnFv4yPI7GYYVWOIQn2hQ7Ox746rTwcaOdiKW2PMsmB1bx_xV1ZOWLqyoelk9CEWLA3Gb3azxfZK_SZkvt3V3X3WSB5tjKTwkkQ-2-r-F5Y2kUTbftPkIkwHEiwqnJZy1IF-52CBhLqMwa57w-8lU9T4Cv7d7RYfkYUEeDA1qIA6YRVLD-TG-P1RKgB6wgry6vAt1BE92j9rRW0sV4s70DLMeebhcjvQaESrgHj3frDpJECkVt9-kDmFFjx850JwLycuHJzBhmFY39qr7Pf6XiUGvvV2TluwFzBC6AJ5oT8D6Et79SgdgIhnJLLLBJBOMNcIw4vmfzxhQcby19993qBzTWgs27cPZfM7kHyYQm0ePDEzlzOvdppx1M8zNQOCMukGL0y1El0KNvtpCqR02FmNeX5DdiMtux2jhrEhh4sf_lIkRd0zOrl7pcY_Ea3OQDifwpQwLnAJhoS3myA2ht_5gTN5IO603Gcr9tFVvu-dnMIyjkfS3R5NDv-SGALzYKIbSQOk5zRhysfJMwGE_Sqj9niD49bXeypJs2MBUIzZa49Kbwf43KX3XnHaya_Fj0Pt4y_OgG25kTGqNCminlv95haokr7VZq9GWkrsaI3TWj_msyQsksJPGyxePIfdVbeeGyn6QhNYkQLgQfgmHA-En5pQrKX60_4L3-EkVZdfUZZByN-fcRap0OXAz7J0wnXOUGsqVuHR6SVhBzreygf8dWk30JPqaAgLRXZVZBFNgvtbyPJy-HBhxMnJ94zlflMExTzoMSMRkoEgHbX6_p9DZP85KWZ7rvnpjdKi475-loFg9kSY6AyXxC0H8d4WLfIeWOi06etOmJovwBule-lopCe_Hn4&sai=AMfl-YQrLOdsBxv1rXbk9uQWHubQKYMpAdoWgpKw9-DdAzsTDievoQy_5R0BGZIAnl8McJKrcRqbaE2-xpdrmhE92T7nsQcJvv6Y9ZbzC1ekk1tkvUDNc4RtFk-AyZTXNf73WGZMHGuBOMC_Xp-SqsPPApqnMYa6ZQqmDBbW&sig=Cg0ArKJSzHIzl3BOphxjEAE&cid=CAQSSwDq26N9Jj1jLVlh_Jqop_Kor3VpKdhow_EQJapCAXsWankObHqqc5xuJpfYP2OkdlRsEne-WcW5bfSY_oAVb_mJ4Un2kLEfNDEzEBgBIBM&id=lidar2&mcvt=1049&p=75,315,325,1285&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4294587217&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669139566219&rpt=197&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
215 B 285ms
284ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTFl,pingTime:-10,time:564,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669139567503%7C%7Cdfe6b50439bc8ab6903c045c3cb13c99%7C%7Cf8b8963e850cee297829880103706300%7C%7C04187b4e2f1e8c7982bc918e4a5caca5%7C%7C49908a688f461f9e429c1451fd1b804c%7C%7C064fa28dcb2ff6df03278a3bd32ddf48%7C%7C7690185fab1d2246fefa37424cbc7eda%7C%7Cff000cf0162b32aeb45e38c840a81b1c%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 viewability Show response
anz.audiencemanager.de/log/ad/ Frame 7547 43 B
295 B 42ms
42ms Fetch
image/gif 52.17.26.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anz.audiencemanager.de/log/ad/viewability?id=63468d106d216e35f43d8a6b&adId=e24dc6637d0c6ea9bdf8202323537158829457&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=88a09d3e34daee418b8e7b7d24f5383ad563bea1f91f3f216c6751148595b1ed&cb=1669148585&lsUserId=null&time=1&percentage=51&hless=0&jsCurl=324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
Requested by: Host: rainostreams.com
URL: https://rainostreams.com/mlb/tigers/?match=tigers-vs-sox&moment=21592022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.26.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-26-9.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:52:47 GMT
server: Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
x-powered-by: PHP/7.2.9
requestid: 37c0ef637d0c6fc3c889165954198634322651
content-type: image/gif
status: 200 OK
hostname: 10-0-13-140
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
responsetime: 8
content-length: 43

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-408PMRYSHK&gtm=2oeb90&_p=1889171401&cid=1746738535.1669139563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1669139562&sct=1&seg=1&dl=https%3A%2F%2Frainostreams.com%2Fmlb%2Ftigers%2F%3Fmatch%3Dtigers-vs-sox%26moment%3D21592022&dt=%E2%9A%BE%EF%B8%8F%20Detroit%20Tigers%20Live%20Stream%20Free&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-408PMRYSHK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rainostreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rainostreams.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7547 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR95JGiV5LIyIMtwmAcUig7J6evod1tOPbWr7NRNJLOUqVmDlUsfxEmX5bGmcFaVRNZY67CBmTGqBL1f7lFCLgznjqznuEsWNV0CGI13orrakmeu1QNYo15euf&sai=AMfl-YRd3cOMnCQpOQlmNqugPzSKlbMuTIYZJLkJXDKl-EOjDE0SCRRSgrL2vewhYF_WB_YrkOhmCBgzY94Zq7U8PEmfRgT_Iql1U6uxAC049Zn0KRgrv1OVqnvhn7D4MKlM22xGeTvLQcZ1oWuGcPYR&sig=Cg0ArKJSzKAEloVangOeEAE&cid=CAQSTADq26N9EzD2meXjwgbqTEXb5PcqxA8QCzyisRKboXbN76jbzyU2gI_DkqE4YbIQS5DUVw0qNQVTnege39jMgcoOa4r7K-itlJndImMYASAT&id=lidar2&mcvt=1001&p=549,315,799,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3034430240&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669139566532&rpt=354&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
track1.aniview.com/ Frame 5CE7 0
93 B 102ms
100ms Ping
text/plain 52.45.229.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=rainostreams.com&rs=rainostreams.com&sid=99882&t=1669139563&cip=37.58.58.249&sn=&tgt=0&osv=10&bv=107.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5ff437ef5d97dc2827287c21&test=&aafaid=&proto=https&uid=1669139563024-949002043196-006153-006-006473&cha=0.7&stagid=62a0bbc5296c634ce32fb898&stplid=62a0bb6c8b86fe2812377b77&d35=&d36=6.2.62&cb=18916172422&d39=&d65=IntentIQ&d66=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ff437ef5d97dc2827287c21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.229.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-229-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rainostreams.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 22 Nov 2022 17:52:48 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
215 B 170ms
170ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTPR,pingTime:1,time:1216,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:114%7D,%7Bpiv:0,vs:o,r:l,t:140%7D,%7Bpiv:100,vs:i,r:,t:216%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1000,o:216,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:114,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~970.250%5D%7D%7D,%7Bsl:o,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~970.250%5D%7D%7D,%7Bsl:i,t:216,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:288,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,rmeas:1,rend:1,renddet:IMG.qs,siq:116,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:48 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 096E 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7782:a2ea:508a:9fe9:9064
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1180045&asId=3ef1c233-5598-7d5a-a1eb-bdfc5859ba25&tv=%7Bc:uIGTPS,pingTime:1,time:1217,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:114%7D,%7Bpiv:0,vs:o,r:l,t:140%7D,%7Bpiv:100,vs:i,r:,t:216%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:216,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:114,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1,0~0%5D,as:%5B41~970.250%5D%7D%7D,%7Bsl:o,t:140,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~970.250%5D%7D%7D,%7Bsl:i,t:216,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:288,fm:tnWjwin+111%7C112%7C113%7C114%7C121%7C13%7C14%7C15%7C16%7C1711%7C1712%7C1811%7C1812%7C191%7C192%7C1a1%7C1a2%7C1a3*.1180045-66149901,idMap:1a3*,rmeas:1,rend:1,renddet:IMG.qs,siq:116,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a2ea:508a:9fe9:9064 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.audiencemanager.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:48 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED5F 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB7nKh1vqKZAglxXDYkkhTwgJ-6SSrlwAwiyWz-rkjaCZFiVDPo8BozD0uLf-c_Qy0NwYs5pB9vjNkbFJPkgl9Z_0CEAhEKWLU5L-Og1IwZJe3JPcQ9h57JsvxBRHT5Wx3qp32yA&sai=AMfl-YQzuJ5I8bowq_VSyOrECSs46evtsKFrt-cMIVLpqKSmVL6IJPMg883sZbYDHPIVABrTtPPnbEHxSjqowaRDkJkfH0RYVbUyQb8h5rMgck1WVx2cK7rZFuT6V-TTNMjJW6Cyd6LH7AYw-u7uGGU&sig=Cg0ArKJSzFSIYehNt_bdEAE&cid=CAQSSwDq26N9IA5YgJkNPMCfbIsoowjZ9wHMEkk5VaIRe8FxzTtuPLJLsgRV6fhLiuEoIurLuzuoutl3PanehTbaUUoQ6GGpVvoLdAK1-RgBIBM&id=lidar2&mcvt=1001&p=1096,315,1346,1285&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.42&if=1&vu=1&app=0&itpl=22&adk=1639515143&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669139567143&rpt=248&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:52:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xlnmx6h2mrf9.l4.adsco.re
URL: https://xlnmx6h2mrf9.l4.adsco.re/

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rainostreams.com/	1970-01-20 17:14:59	Name: _ga Value: GA1.1.1746738535.1669139563
.rainostreams.com/	1970-01-20 17:14:59	Name: _ga_408PMRYSHK Value: GS1.1.1669139562.1.1.1669139562.0.0.0
rainostreams.com/	1970-01-20 16:24:35	Name: HstCfa4655573 Value: 1669139562875
rainostreams.com/	1970-01-20 16:24:35	Name: HstCla4655573 Value: 1669139562875
rainostreams.com/	1970-01-20 16:24:35	Name: HstCmu4655573 Value: 1669139562875
rainostreams.com/	1970-01-20 16:24:35	Name: HstPn4655573 Value: 1
rainostreams.com/	1970-01-20 16:24:35	Name: HstPt4655573 Value: 1
rainostreams.com/	1970-01-20 16:24:35	Name: HstCnv4655573 Value: 1
rainostreams.com/	1970-01-20 16:24:35	Name: HstCns4655573 Value: 1
bdnewszh.com/	1970-01-20 07:39:24	Name: a Value: 4lC2LA3Oc4E4TxOTQdii3qr3ehfbcy9a
.aniview.com/	1970-01-20 08:07:47	Name: aniC Value:
.adx.opera.com/	1970-01-20 16:24:35	Name: UID Value: OPU3144c4b853f144669f8774c3df5ac8a6
.doubleclick.net/	1970-01-20 07:39:03	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 17:00:35	Name: IDE Value: AHWqTUldW3vDe6BjPmPLHsW_PkYPsXNRIypxX3JcA4HbcI7y4Mav0DeUt3AUpKes
.casalemedia.com/	1970-01-20 16:24:35	Name: CMID Value: Y30MbULh1TK0lV41KqhcaQAA
.casalemedia.com/	1970-01-20 09:48:35	Name: CMPS Value: 5199
.casalemedia.com/	1970-01-20 09:48:35	Name: CMPRO Value: 5199
.adnxs.com/	1970-01-20 09:48:35	Name: uuid2 Value: 7437592809385330775
.adnxs.com/	1970-01-20 09:48:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><o/@>j!]tbPl1M>e)ZlrFUfJ+tGXxoaU@GO!_^UlfEsh>lX7eS_XUyRWX^X?#C^9[=3If)y3KL9D3I?+b5(D25
bdnewszh.com/	1970-01-20 07:39:21	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAY30MawFjfQxtgAGBAsAAIMqbFYnV1VAaDWCyFrj-7pQH7if8RSn7wnsOoi65NrONwQBHMEUCIG8Qe-CZgHVuLJKlLlYCTXS57cbxHvgRhXSNne3T4JMLAiEAnMFiLKG5A3PtWs_H_I7V-ZDP4UwGLdEuH_rtei2lwGDCACDbJ1PU33kkGBc66MbGTZ8h0XCubkI2I9smncT8O8G3HcQAECoADJggMKAEAAEAAAAAABTFABBhKrwOsN3e8tgKgdR6XbJlwwBIMEYCIQCT8rA0e_xaT15fZQyP7FGqhP1hiBTuEVn3MOBHxqOIEgIhANOmqbcG2MOqed-2Y0eqaTzwyBbi7E055Z3o3XDaDxsw
.doubleclick.net/	1970-01-20 07:39:00	Name: test_cookie Value: CheckForPermission
.rainostreams.com/	1970-01-20 17:00:35	Name: __gads Value: ID=6744aa83772f96b7:T=1669139563:S=ALNI_MaWOsktcH9-y5cZUNGK1Yb3PLQYsw
.rainostreams.com/	1970-01-20 17:00:35	Name: __gpi Value: UID=00000b8606dcf88f:T=1669139563:RT=1669139563:S=ALNI_MY7tITRHoqC--jz51MqzWdL6ra59Q

242 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bdnewszh.com/embed/mlb/tigers.php Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://c.adsco.re/(Line 65) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript	warning	URL: https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://bdnewszh.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1669139563024-949002043196-006153-006-006473%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cdn.raino.xyz/hls/stream30.m3u8 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://antiadblocksystems.com/ntLZdr.htm?_=BAoAY30MawFjfQxrgAGBAsAAIDhzZ8kdOuQmab-Nieno1ThDQUIRD6ZCBEOqDOKf8VjUwQBIMEYCIQCcegQ0y1b2PrP0QHgHZa-HQjb2__E6d0PidTo8t1t08gIhAJsFUF40z55GzyRonJlV1sOIh1xiS_QJ3LWnoZKXHJd-wgAgwSU9k7SVQr-wtp2bhuREUo34H1SsabusLYT90MHo0a_EABAqAAyYIDCgBAABAAAAAAAUxQAQq6hphjJUSMJx-MPZqu3mnMMARjBEAiBsumnwPhYBr1eTaSK1w2M9SIugKWxxs44sVT9laYSAigIgZ7LihWzDUrdEy_7KS2b9FzKja3VrBLLhiiqf5sxBAjU&v=4&NryztAbL=4568855&minBid=&OSVimcHf=0:1,0&nhISYPBy=&ivfOMuzN=https%3A%2F%2Frainostreams.com%2F&s=1600,1200,1.65,2640,1980,1 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://antiadblocksystems.com/gva.htm?_=BAoAY30MawFjfQxsgAGBAsAAILHfM9WorxmXaKaxIB-PQsNLoEQBipF0ONGs_7G8OCKJwQBIMEYCIQDhHzD0IrUfwELdZ_klYIFm9yCRN73b1vDW8_VgbAznHgIhAMOYeWAa6eEX8j_W_6NHIqYVzL4GuoZY3AZY3TX1CjytwgAgOG-UxSLN8VDqYo26Rz2DKGjVPAO5-kL5ho25FmhxbiXEABAqAAyYIDCgBAABAAAAAAAUxQAQp3piViIStY1EizJI2AEOKMMASDBGAiEAl5kWdRgZZfWKMfcl-L6pgr9r2TPvT7yK7zvlXPNp40kCIQCLWzIfpqDTzMus4E-3fQGgDaJ4k9qGIIVGG8j3fhbK7w&v=4&vusnXQSq=4568855&minBid=&aAkPLZjD=0:1,0&oAWYzxTX=&nlqJRxcC=https%3A%2F%2Frainostreams.com%2F&s=1600,1200,1.65,2640,1980,1 Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

324fda46c3588fb060577d9484fd230e.safeframe.googlesyndication.com
4.adsco.re
6.adsco.re
ad.doubleclick.net
adsco.re
adservice.google.com
adservice.google.de
antiadblocksystems.com
anz.audiencemanager.de
bdnewszh.com
c.adsco.re
cdn.audiencemanager.de
cdn.hooliganmedia.com
cdn.jsdelivr.net
cdn.raino.xyz
cm.g.doubleclick.net
d3cod80thn7qnd.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
hdhtthluiemgr.com
ib.adnxs.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
player.aniview.com
prebid.a-mo.net
rainostreams.com
region1.google-analytics.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
streamsapi.xyz
sync.teads.tv
t.adx.opera.com
tg1.aniview.com
thaudray.com
tpc.googlesyndication.com
track1.aniview.com
trc.audiencemanager.de
us-u.openx.net
www.antiadblocksystems.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hdhtthluiemgr.com
x.bidswitch.net
xlnmx6h2mrf9.l4.adsco.re
xlnmx6h2mrf9.n4.adsco.re
xlnmx6h2mrf9.s4.adsco.re
4.adsco.re
6.adsco.re
xlnmx6h2mrf9.l4.adsco.re
104.111.242.245
13.224.189.111
139.45.197.237
142.250.186.98
147.75.85.234
162.252.214.5
164.92.99.145
172.217.16.198
185.200.116.90
185.80.39.216
185.89.211.116
192.99.0.58
2001:4860:4802:32::36
205.185.216.42
208.95.113.2
216.21.13.14
2600:1f13:800:7782:a2ea:508a:9fe9:9064
2600:9000:20eb:3800:1d:a62b:6a40:21
2600:9000:21f3:1400:8:48e:53c0:93a1
2606:4700:3030::ac43:df24
2606:4700:3033::6815:307d
2606:4700:3034::ac43:cad1
2606:4700::6810:5814
2606:4700::6811:a7ba
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a02:6ea0:c700::10
2a02:6ea0:c700::11
3.209.15.252
3.71.211.152
35.244.159.8
38.132.109.186
46.105.201.240
52.17.139.148
52.17.26.9
52.45.229.205
82.145.213.8
0048518833a824e4dd18ccc4795446e31ebe17e8c700a1014f60f4d238ff81fa
015ba8a9dcb16dce35019a2e3e0804c265b297a3058caa384f6b82bede65b971
018bcd6a7561e3168a2cdb461edba9ef4d64aeebb496116d539246180d1d9cb1
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
04d8deeb9e7dd172edae9c1a202bf91461d89a973dd243edddb99329cfe99f3c
05dfa4b617b6ac959e29e146c6789206c90e38bc368fea39a4d7b55bffb948ff
07a0b9016effeba63e20f7af81c01408884f1bea6b55406a9efa662a60af372e
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b73a6c9523ac0a35a817516e13c4e96a7908dc0df389f01f8dba5d6c47d21e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f1ac330d5dc44156e21d0e76ecd0b9887aebd3e22006a15620025ee91508e77
0fa7239a966a13b9377f22eaa292a4026a4a2b87485d267bcf51cf88995b152c
11162237c379e6e6e54916ee4eebe4407961b4d37293b71b21868077d1bead0d
112b22efe0bb3f7352a0630068977526d2fbaf36c67a10683a8b2c9e966c1618
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15203ffcf95082485fa4a70cb2df5a5cb451cd4e1e47a2e012d01ed43b69eb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1920a269c4dce0f8f38d338c4a47380144922a7d84f92ad4609188cac0f4d8e3
195e5ade6c4acc4f914b090e71262abb4e13047a1edfc157450c9f50fa3a467a
19836fd3e62972d80d5bd9b13d25a3d357cfbafc0400d140db61910ddfba9e91
213d848c0b06c23dd83edf2ebd4d09fe3e7fee9da691d7b129fae859d86e2fe4
222d1f5b49105c7151422d22892a2fdb896f41f7418e1f7f126f25b83cfa8815
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
261454a5fa73bfeae325e7aa56d217f0f7e0a073d9033818c39e594e6deeac3e
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
28ab54221ab1e2503a9371226479fa3d28e5a5853fb98336c81852b9880c87bd
2982400ad4ca3e3f282417123152779524e622827bbab4e4b329b281dd42b91d
2b6e18132b3e4c063dadb4994dc4bd9821d761b1123bf55bf1875b737f7787b3
2da7053046954cb9056a737ae65c513c516d6947360c1181b82ce438a1b36090
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e723ca5fe9426c3bfe35841f39b71652f46eeeeeeb15022ab6bc23a964afb31
2feb04419db4a554a9084fb048b6be04131fa633c91685b8ceb7e2a72b171386
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
327b7b8a588cf7715a236a4a6899d9b48dfdb614a0a57fadca80b561b923354c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
369e8aaf9517c75a49447dd39db3918b4d424a198ffe79562c466ff03ea243e9
36dcf000478cf87979f6fc8702dd2f68a11295c3bfdbc3c88d586b08e0ebbbb1
37dfe336865f73935d232c8272177a32176400143be24ee73e012eb51c5cdd4d
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3fc6950dfde47558011c97e560e793bed53523cec120ad2cd773f4721eda84b7
403829d3d39edc75678f545f2cba0fc8aed36da0ac923e40e8d2aad6326f8e9f
465da43739de56c09d5f8ec3328be11e9318f53959cc05979d3ab3d0a547a3bb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48e6ed9e4498bd6524f0961f74c0c102d0a50d677d298c62fc85a2d1828a4a8e
4aa337f0d0c98544c496f6bc2686447e474746c93761e1ce8d3680a1ecb35bd9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2c186a3ead07c214315007229b256aeead14181ac6ea0bdc511bcd6eba3b73
4e516f8df9a4dbcbac53af48b437d619ae24d64d643be17ebaad9d673388f516
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b6962d7e56092a0460ebe058e3484060286fe16d7f873e0817f511ae70a757
53eb07384a14fcc54efb807581672b793c75cc1bfdc0c6610345051820cd92af
541be6e17b933f0ca125df086e4d534c432ef226508f1fdae32c583fff79d9a8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55678f28a752ec5ac86e290b2481b8a5e3d7de7460a3f469412147dc224eb32c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5732b99e4d9737db919a918eea7a8b464e8e6bc84d3e420d0103ae57a8bbafc1
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
598538b486eef1fc4834f0a88093fc03b26c558e264afc21f5c3c4b2ba209f0c
59b099d2eecdcdf290b9259beef07988e5dcf8ee5122c8f904a1ce49f346419b
59dfb8e7251e63172a3db64421acc00233f5249b957ff2edd05f38cea51982a4
5a41ee25bf0c9981aa0ac6d615fdef67bd27378bf3834eccf6351794d4ecae47
5a997b809ee2484cce2385fd46baadbda01ede309e317ac345f324e199e627b6
5b90e06bb2eaad87451218e93271106594a16172f90927df761b33dc3d0b3e61
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3f2c3b6928bbf846de838aa05e1e1cdcfe62af65d1ccdd10d1bd84f8f0aadd
5edbdb5beaddd6d7d8be756648c57735dd191c3872f87650edb5109070d680fd
5f2d571dc958545acd535c55ab8b0480c4f4d5ff9f0222adc1189fa389a571be
5fada1700c1622777d64d1971e028ea7aca7729a11537736d4e88c6acada763e
5fcc1da2b9cbe5a38a0e9f93a69689dc50a588de72df1652d988373cd65bf972
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69e019986481b7844b548fe2d1cdc88a58815d0b1b8cbf22bd65fcf17f3458d8
6a6e50ca9bad01e65aaeb0557d9e7b4dc94647aea42fdd2549643aca35a767df
6aed7df9fc46d775768aeca88244812d2c678f87ca7349119168531166539ce3
6c931c8c22dbd9dde61efa7638b9f2de7717bf4aeba8b0b17b81ef3df7f03aad
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
721f4c021d879982d666e9b40589730f3174cea763c7641e1c9555b299944cd8
72cc93c261cc5e51dcebf11ecc8f13a4371ed1adc3b157b838cee8e33dad9f7c
75aff0bc58d648c24c3816edce9d779ed6028e91d35fa2daa529308c310fa518
775ec1e70b6655e087249f7306c8ea033c2cc5c52bd1da71339df02160190a38
77f4549659ce8142bc63343124c67ade745eee92fabd44584863532115a68591
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7cc78b751d025f51e7a2df07318492269ece579cd943f024e0e80a4fa6c4f6c0
8508408273717ae33118b2534e05ee065e92d87d023a169cc00254614593f4f9
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8a1dd5d6515b2dcf760bfa31c84e519c0fd8875b7e2c2cd476dcfe00055c2a0a
8aaade6f8a0c3a48538d7f9c00b649f9b074a4f125fe6f8a97cd40e90d4f04ae
8ab0b1d6b2dd64469766bc667c34b507d01a0953ed09c81b4567eb5100c30db5
8ba561acd6f8eefdc0dbd622d7a7816ff11e9de33009c18173612bb1601c4737
8c5693d5263a34cbdb98d86327d637d2d9639365c8ccb602f4aba39127cdf3c6
8ce5c4516b82051d10996eaf5671d3aa8ccd9271c87e072c42768abd0a339602
8eafcdcbf3556ea41a777041a615e1cd74163ede500baac21429cbb22a560abd
8fe99678c053859b50adbbe769aade0011ed6b2349962a9963dcc0b6db162aef
91c12967c791468cf8839be96380600dc78edba01eaf11e220186b802c515294
9552254eb1d1f63b07c0405e324ecc0e1f614e540d552cc5170c015ed885a459
9773cc0ff4f8a98729d9a2292b70da60cf02ba794b2f11e347a11e3ea5ebf113
9840fd7c20fb4614a1797f1fcf9613586fb54dac49dbe4b894086aa07555280f
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9e6476d34cd2e98e792cb73ef06e99b2c243089b3a7e102465db427ec3d26535
9f17f0b82cc1a92c5b28b895fb546d1021011cad51d77281b17f5e34dd74973a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0cf074dbb5cf2d6a603f520c9d5cf02c89ff1f8d13014f7f17064ebca8076bd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a53466b2d586363c578a7ee92b5b8dadf5f0a149ce0f5f9e3c134f98001fa6bd
a589874dee9ab8294d0b94d5aae579561214766c58625559d0fc45ff330b1e8e
a7f4b493ab642902cb73337e0450fab94e7de01d8b69270f0526886a71260773
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17cced49a457c9249178205866d08944bda661f5aefa7d395733923ad5dc057
b50fd02140a8fe66e57eb5c421fc6847a52abfbc7469bc3099a49d1e09ff77fc
b5df54a65fdfe8ff900463bbf8891ab0cfe34e42cf17e5861c880862fe3e7554
b7090d99febdb36e0059c263b0d9fe1ec0388a0609ab7add9a62c280f1e4db3e
b7739dd5ddf15601cfb1a74b8667eb1a6882489a478103112255c9d720581c1e
b7c77e19bd7a4d2a7224f0b857dcbcea10d8a257a78d956681d463ad5c7c8bad
b8214420e8588f91928f45829e9abd8c5ac30df6293a29597b1aa7cc9bc972e0
b8472f8e9376927bc57574db586960515033609db7823d5e6610f0c9993d8ebb
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b9a84df94e4cff2159425b698a31d72ccf543b70c102db4a8d07280ec75e700c
b9c1d83bc4993f351d6748e073a740cf652420399e4a1a837bdd8b46f0c4ae56
bb549244cac4f8a1fc7689328d89b49dbdd025d978c87b8b620a415380989b78
bc6a9220391407699acfe5c37d59d7062d377f0a808c0a79ca0b6c5d0e1a8c21
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be88cfd6168fed19ccd176ea3c8ad0f43553c7d887c4abc06598395e1af74535
beb77f0e62e98b0dc2caf54069a175df49d64b34b35fe460e01bc5db0f330aa1
bf6ea894abd3aed740e5e2a7d347e70cf27b409c537b7c09df0a0bad36061a68
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c1ba1e56408479adae7eef925a12a00d89aa601e815fc97c802e263b592f4510
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5d90d147d1854e5e03ec7a657c114a3a65a44ab6eb07e730189418831db3b22
c6ab7dd5559ef3d3c0ccf511c98cce21f26b8dbadc04c7804beb2a70bc447af3
c8e41425e25ee55e97bd7931aff278e153147b08f12bd06e76e8da0e7134eb8c
c9508331d23c9a20493210e9cd23d29978fc5e599efeffe6e180118885ff4d06
ca1ee0dc0e5a0f848703d0081ba60a12d44b0364da5c3b146985b6fe33f2e994
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
ccd5c1bf0581d325b503e678770ed9f7e1d6e59c10b4e1687b484fa2e4ff25ee
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce160efe6033940e7b04516413b0851b9340fcde7238609eb923c609721540df
ce2baea378d5072cb19ce610515bd50e43a8cfb324570100a2f1866eaff0da68
ce348db57e5e30cac363bb455991108d61928ce07e4789d6c11c390d0bf366b8
ce4000a78b079142c2f901d85c5e6792cb9cd61d6407c9da5391bc0794a4f94d
cf227338ebf7b493922dba673995e629ab0eac1edd6b019dd8dfdd26a04f408c
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d7ea801acced0113def58f07a4a23866bb5b84df1e265542abb1c810df36ffdc
d80251d59b2c8ec3665ab396d1cc906b8e115999a9c00dd2a96d49070a043db5
da3272249cab937abb9a9b789cb049e8b10e32b8730451e8eaad3f52bbbad119
db35fc68ab45959f59ba48ef6c750ec421e95121266fe9008fa768597235c69b
dde14c5c64c14e53c45c5ec18388da3de5851c78fcdf2e5e20e91431be20159b
df844419cc9ac6897808536c03132a6b090bc56c3ed70aec76e0488d533d2e8d
e0f50abf073b0c34d853c53da7bfab48463a11ffd11e11799cfb28317836da16
e2a03287e62bc4a40a3a16db388875a0766fc21ed7cf791a98e197fd4ea4f44c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f80022afef3697144dd657195687bb4dd230bda9efddcf6eaa0d5532e88f7
e6b4f06ac9d1e699882b645148e9aabce392fa1251c43b385f944be00ba03484
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8b5fada28fa86c6a3ca724d621b4fd77e537e4d0da477e971399e449f8ea94f
eaa9f8f1de394dc656370ec96056d1037aaf86658057e372744adfae3724eea2
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
ec61ebbfacad3db9eadb3406dd797c39a29a0d96a4375cb43f9c7c4ef46f78a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef52ba13a0b2e17f650f3359a65248b3c07da984654eda0c649c1fd5cce42fa5
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f274ef119b058f6b82b0ca949068d0a7a0d5db915097ac10a31040c3620f8d22
f30c216b7b817f9068a6837542f1816d99395092ec8f5c86ffe99e5e552b084b
f322a9a2b1e697954819e8529ae6edb45fff74b365b0d84f01d207561de6b8c2
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7f424d8596ea0d134a7cc165c534ef729ab5ade76b7d2d4b22a3f5095d9cc1f
f91acb1d04a82e6ae2f101159da2e8d8f2bf28e858b8a27888eded1bdd5bf6f8
f9536f9df6c04aa2ea6f5acadcdaaec8c548c025ffe424cdbcb766cdcdb1c774
f9e6b59e725bdfdd425ab0a66c110b7c542aa3a275442d8cc4176af43c962d28
fd2e9fa1d895e8cb88fb9ee3562acb6a1b9852158aa4793aa3a742097cc5556e
fdee7d0037e6e89eea01178f9a7a03f3a14ee397d31d6d6a5d2feea211d76632
fec64402b33d054d269a33294f8ab14da17380391f5162ea8dce8937b24247cc
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

rainostreams.com Open in urlscan Pro 2606:4700:3030::ac43:df24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

268 Requests

96 %HTTPS

54 %IPv6

32 Domains

58 Subdomains

53 IPs

9 Countries

2721 kBTransfer

6448 kBSize

23 Cookies

0 Outgoing links

Redirected requests

268 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rainostreams.com Open in urlscan Pro
2606:4700:3030::ac43:df24 Public Scan

Screenshot
Live screenshot

Full Image

268
Requests

96 %
HTTPS

54 %
IPv6

32
Domains

58
Subdomains

53
IPs

9
Countries

2721 kB
Transfer

6448 kB
Size

23
Cookies

268 HTTP transactions
6 data transactions