realestate.servicecu.org Open in urlscan Pro
34.193.172.31  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://12248586.fls.doubleclick.net/activityi;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 HTTP 302
• https://12248586.fls.doubleclick.net/activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1

Request Chain 52

• https://12248586.fls.doubleclick.net/activityi;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 HTTP 302
• https://12248586.fls.doubleclick.net/activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1

Request Chain 64

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301

Request Chain 65

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301?zcc=1&cb=1707019515315 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003

Request Chain 66

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3

Request Chain 67

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301

Request Chain 68

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301

Request Chain 69

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://d.agkn.com/pixel/10751/?che=1707019515378&ip=138.199.38.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219843204782000175568 HTTP 302
• https://um.simpli.fi/aa_px?sk=219843204782000175568 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 70

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301

Request Chain 73

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img;sr HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjA5ODEyMzk2NDYxMjY5MjQwOQ== HTTP 302
• https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELkzUfdZ62NYhYOcdNyerNY&google_cver=1

Request Chain 74

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1

Request Chain 76

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301

Request Chain 77

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301

Request Chain 78

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301

Request Chain 79

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301

Request Chain 80

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301

Request Chain 81

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1707019515196&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=-wy_ZbayD9uSiM0Pw4yQuAw&sscte=1&crd=CIK9sQI&pscrd=IhMI9pvTnueQhAMVWwmiAx1DBgTH HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=IhMI9pvTnueQhAMVWwmiAx1DBgTH&is_vtc=1&ocp_id=-wy_ZbayD9uSiM0Pw4yQuAw&cid=CAQSKQAvHhf_x8XH7V0i9YukL-FY_LoTAEysSTyRH0utoFcLpAxA1GiDUwAb&random=224761133 HTTP 302
• https://www.google.de/pagead/1p-conversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=IhMI9pvTnueQhAMVWwmiAx1DBgTH&is_vtc=1&ocp_id=-wy_ZbayD9uSiM0Pw4yQuAw&cid=CAQSKQAvHhf_x8XH7V0i9YukL-FY_LoTAEysSTyRH0utoFcLpAxA1GiDUwAb&random=224761133&ipr=y

Request Chain 83

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=D1C32438D0E54881BFD669D2908B1301 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301

Request Chain 84

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365

Request Chain 85

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEE3j36SGkYR-3nMfSfsCKw4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://um.simpli.fi/g_match?id=

Request Chain 87

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301

Request Chain 88

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301?zcc=1&cb=1707019515315 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003

Request Chain 89

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3

Request Chain 90

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301

Request Chain 91

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301

Request Chain 92

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://d.agkn.com/pixel/10751/?che=1707019515378&ip=138.199.38.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D218983204782000176305 HTTP 302
• https://um.simpli.fi/aa_px?sk=218983204782000176305 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 93

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301

Request Chain 96

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img;sr HTTP 302
• https://idsync.rlcdn.com/400646.gif?partner_uid=-3673228304752881706

Request Chain 97

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1

Request Chain 99

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301

Request Chain 100

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301

Request Chain 101

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301

Request Chain 102

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301

Request Chain 103

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301

Request Chain 105

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=D1C32438D0E54881BFD669D2908B1301 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301

Request Chain 106

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365

Request Chain 107

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301

Request Chain 108

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEE3j36SGkYR-3nMfSfsCKw4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1C32438D0E54881BFD669D2908B1301 HTTP 302
• https://um.simpli.fi/g_match?id=

Request Chain 109

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1707019515197&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=-wy_Zey0D5-TiM0PnaK8kAw&sscte=1&crd=CIK9sQII7LuxAg&pscrd=IhMIrJ7TnueQhAMVnwmiAx0dEQ_CMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=IhMIrJ7TnueQhAMVnwmiAx0dEQ_CMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=-wy_Zey0D5-TiM0PnaK8kAw&cid=CAQSKQAvHhf_5WrSHz67NHx1KNvuxsZD90Yhgfahf5Orq4NmBKKBYV088xjm&random=619302134 HTTP 302
• https://www.google.de/pagead/1p-conversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=IhMIrJ7TnueQhAMVnwmiAx0dEQ_CMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=-wy_Zey0D5-TiM0PnaK8kAw&cid=CAQSKQAvHhf_5WrSHz67NHx1KNvuxsZD90Yhgfahf5Orq4NmBKKBYV088xjm&random=619302134&ipr=y

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response realestate.servicecu.org/	3 KB 1 KB	317ms 92ms	Document text/html	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash 14fc5fc57193b3ade80d8e3c5b49bf15bd3094077438dea09666d7ffcf11779a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Sun, 04 Feb 2024 04:05:13 GMT etag W/"65ab13c0-b42" last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	styles.6d13e6682ec160f5baf4.css realestate.servicecu.org/	107 KB 20 KB	184ms 183ms	Stylesheet text/css	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/styles.6d13e6682ec160f5baf4.css Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 8d67e2fd4f82dc28158fce318ab92a056791e8ca966a5f46855584d8a75f9720 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:13 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-1ab90" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css
GET H2	200	runtime-es2015.e5e10ef19ba08634dbff.js Show response realestate.servicecu.org/	9 KB 4 KB	275ms 274ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 0c114657e2bde87b64616eb48a74375814c396a52763f83eafeca97226a299f4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://realestate.servicecu.org/ Origin https://realestate.servicecu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:13 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-2551" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	polyfills-es2015.9bb6a27d95c208682ef8.js Show response realestate.servicecu.org/	36 KB 12 KB	94ms 93ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash 96d6d5709c7367c7249c19935f55d4053b929efc4eeb7e2c218d713c101c67ad Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://realestate.servicecu.org/ Origin https://realestate.servicecu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:13 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag W/"65ab13c0-90c9" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	vendor-es2015.4819b07c9d0633204775.js Show response realestate.servicecu.org/	2 MB 455 KB	276ms 276ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/vendor-es2015.4819b07c9d0633204775.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 50053b6ccba23f7f2a54be561797439d44befbf4e3bf360d42767a2a649ea152 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://realestate.servicecu.org/ Origin https://realestate.servicecu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:13 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-189141" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	main-es2015.51d391060adb646ed68a.js Show response realestate.servicecu.org/	225 KB 59 KB	274ms 273ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/main-es2015.51d391060adb646ed68a.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash 6647bfacfedc07723871358f9b4aa21bd40494266a5eb17ae84e75f487b1f01e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://realestate.servicecu.org/ Origin https://realestate.servicecu.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:13 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag W/"65ab13c0-38389" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	css fonts.googleapis.com/	6 KB 2 KB	36ms 15ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/styles.6d13e6682ec160f5baf4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 04 Feb 2024 03:57:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 04 Feb 2024 04:05:14 GMT
GET H2	200	logo.png realestate.servicecu.org/assets/images/	10 KB 10 KB	140ms 140ms	Image image/png	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://realestate.servicecu.org/assets/images/logo.png Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash dd8735cb69118687b338d7544df07ec695760744cb668841132302bd00776e0e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag "65ab13c0-2623" x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 9763
GET H2	200	lion.config.2f0b68fe76f28dcff1648f292e163452.js Show response realestate.servicecu.org/_main/	10 KB 4 KB	94ms 93ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/_main/lion.config.2f0b68fe76f28dcff1648f292e163452.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/main-es2015.51d391060adb646ed68a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash f04d5a7ec7315c7544b4509feb34a4b6e8ceb6c1430da598b30c616e1b6d8e4e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag W/"65ab13c0-28a1" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	client_scripts.1c1c1e78de2ce46a2af62f5ba88ec274.js Show response realestate.servicecu.org/_main/	18 B 198 B	93ms 92ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/_main/client_scripts.1c1c1e78de2ce46a2af62f5ba88ec274.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/main-es2015.51d391060adb646ed68a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 6405e9644722998d519a0ced4924c5d575ef39009baeec46eab9107275e7da2f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag "65ab13c1-12" x-frame-options SAMEORIGIN content-type application/javascript accept-ranges bytes content-length 18
GET H2	200	cub.style.ad71e0ec4447f2686ca531e2b4cc59fa.css realestate.servicecu.org/_main/	148 B 324 B	91ms 91ms	Stylesheet text/css	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/_main/cub.style.ad71e0ec4447f2686ca531e2b4cc59fa.css Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/main-es2015.51d391060adb646ed68a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash f32d2d0c5e4195df0e278c79c7d4bcf6ad27be079709f215e7d2faabb8a3425c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-94" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css
GET H2	200	en.json Show response realestate.servicecu.org/assets/i18n/	109 KB 30 KB	97ms 96ms	XHR application/json	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/assets/i18n/en.json Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash c08a978c3d66af058ba1c69d2455a781a42111cc87953b8185ff5d5cbbf94b18 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-1b5b6" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json
GET H2	200	gtm.js Show response www.googletagmanager.com/	432 KB 114 KB	64ms 45ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9ada6c1a6aff655ac4de19b6e6a103e33d4a438ed35625b2b8dd93f6e1539045 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 116585 x-xss-protection 0 last-modified Sun, 04 Feb 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 04 Feb 2024 04:05:14 GMT
GET H2	200	ipAddress Show response us-central1-lion-scu-prod.cloudfunctions.net/	52 B 324 B	192ms 128ms	XHR application/json	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-lion-scu-prod.cloudfunctions.net/ipAddress Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 87ce9e5bee48786b8caea0e28675832ce7f05e31782016b64e160d482caceb7a Request headers Accept application/json, text/plain, */* Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip server Google Frontend vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://realestate.servicecu.org x-cloud-trace-context 28cfc7163245b4083c5a4eb4d042b17c cache-control private function-execution-id 9i7c19nq0x4s alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72
GET H2	200	common-es2015.0c6369ce1ea902588ed3.js Show response realestate.servicecu.org/	15 KB 5 KB	92ms 92ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/common-es2015.0c6369ce1ea902588ed3.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash ccccd1cf2fc096f0a11b9fd0b572c43b17640c8e1c2e3f882ced1b0b50652aa6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag W/"65ab13c0-3a6c" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	stencil-ion-app_8-ios-entry-js-es2015.d144ee5f1256325d7916.js Show response realestate.servicecu.org/	38 KB 9 KB	93ms 93ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/stencil-ion-app_8-ios-entry-js-es2015.d144ee5f1256325d7916.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 2f2c6a42503266501c01afb630bba71b67d8d37def863d52ddaf1b9f2db0ebe5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-9704" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	home_footer.md Show response realestate.servicecu.org/_main/info/en/	1 B 180 B	92ms 92ms	XHR application/octet-stream	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/_main/info/en/home_footer.md Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag "65ab13c0-1" x-frame-options SAMEORIGIN content-type application/octet-stream accept-ranges bytes content-length 1
GET H2	200	stencil-ion-button_2-ios-entry-js-es2015.ac72e592d3935859bc16.js Show response realestate.servicecu.org/	23 KB 5 KB	93ms 93ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/stencil-ion-button_2-ios-entry-js-es2015.ac72e592d3935859bc16.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 02c0386312debcc651c0587b27fdafd6f8dc9b09082bf66e5bbb97c738d16159 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-5b9b" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
POST H2	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/	54 B 457 B	212ms 165ms	XHR text/plain	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Flion-scu-prod%2Fdatabases%2F(default)&VER=8&RID=99260&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.11.0%0D%0A&zx=q61oilz83n81&t=1 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 746670f0d2a071e01dafd77ddcc0326cfd6c4e69b930da12cd043e87390d727b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip x-content-type-options nosniff x-client-wire-protocol h2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71 x-xss-protection 0 server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://realestate.servicecu.org access-control-expose-headers x-client-wire-protocol,x-http-session-id cache-control private access-control-allow-credentials true x-http-session-id kAJ5_Vd5dbwdUv5J8JoxrXYYc1sZ-8Qxv2CIH4qj1EQ
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	64ms 32ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 04 Feb 2024 04:05:13 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 11064F55BF5745ED8154C24BB4C5C4FF Ref B: FRA31EDGE0611 Ref C: 2024-02-04T04:05:14Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	73f17f00337030409d2cf2da93fb808a Show response thefontzone.com/v4/w/fonts/	0 376 B	186ms 136ms	XHR application/json	18.173.187.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://thefontzone.com/v4/w/fonts/73f17f00337030409d2cf2da93fb808a?i=realestate.servicecu.org&l=realestate.servicecu.org&p=/&o=Win32&v2=1600x1200&r3=-60&s4=&y1=https%3A&y2=&y3= Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-126.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT via 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 x-amzn-trace-id Root=1-65bf0cfa-570012fd71ce5b44757215cc;Parent=23517bc84b048de3;Sampled=0;lineage=d7a1fa29:0 x-amzn-requestid eba7fdf5-5c40-433d-91c7-3c7cb0abb333 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amz-apigw-id Sl73PF-ioAMEIig= content-length 0 x-amz-cf-id 1bHSE3xi41q_i1J3KM5gdAuDsETYpnyhct03l9TnJG18pcy_j7-B1Q==
GET H2	200	popsixle.php Show response pop6serve.com/	390 B 887 B	299ms 96ms	Script text/javascript	23.22.244.225 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pop6serve.com/popsixle.php?t=27c30d7821609299b8fd3f03f3af1c3f33ccbd06a47304c7504885d6ad5abc9e Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.22.244.225 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-22-244-225.compute-1.amazonaws.com Software Apache / PHP/8.0.30 Resource Hash a52ba5ea5c44427847f99a23e126358228ffbcfb295c64922d36e329e98abf60 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip server Apache x-powered-by PHP/8.0.30 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-headers * content-length 238 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	294 KB 94 KB	23ms 22ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HRXT06SLJ7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dbe62fd1ffaa0cb10597ca52f0c3d97bd22cca12fa9b0e6bbddd31c9eb7b5249 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95957 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 04 Feb 2024 04:05:14 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 04 Feb 2024 03:48:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1025 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 04 Feb 2024 05:48:09 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	214 KB 58 KB	49ms 16ms	Script application/x-javascript	2a03:2880:f03d:1c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 04 Feb 2024 04:05:14 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57202 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug vrng8h4wPbAf6sJg2jB5Hv8crFTzBcxdHf+G/7ATxFNzpC+9J5S7Qelas1mRAlYKzHLDL4gNf1/3xmTBKIVTuA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	general_script.js Show response cdn1.rainlocal.com/asset/scripts/	8 KB 2 KB	70ms 12ms	Script application/javascript	2600:9000:20c3:b400:6:8145:3440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn1.rainlocal.com/asset/scripts/general_script.js?version=3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:b400:6:8145:3440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3d06303aa80158f63162e0068d9f570be0e5f4ee4c65cc121fb7d74093f3e662 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 086da553b96e728b869925910597a098.cloudfront.net (CloudFront) date Sat, 03 Feb 2024 18:25:34 GMT last-modified Tue, 07 Dec 2021 07:32:25 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 age 78900 etag W/"f563e68d63b83dd81aa4ebb51b12a696" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id slEmHp8LDfdRzutBx3B3ajT1dmgp-mO79L12PSERTm9mlXxQc4tLvQ==
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/	640 KB 65 KB	77ms 22ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 075be70fb9fdba263f070479ad7bd615a1c8221430a19827578418f0992015da Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id 5JteOzKW_9h5kqfWldHxe2rzHJFZuCNl content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:25 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 197 x-amz-server-side-encryption AES256 etag W/"c0d7a0b8a04051782e563e9063baf2c5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id n13bInk-W57vTKxI6cUSHU8l7jRrJPRUqjATOl5VZ7AAaTkUXc0qLw==
GET H2	200	20-es2015.c3f7d0e349db2cf130e9.js Show response realestate.servicecu.org/	617 B 628 B	92ms 92ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/20-es2015.c3f7d0e349db2cf130e9.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 7ca7ee07870e6ff2231687d52024a6448ed08dc33c65ae851b12200e5ee5d710 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-269" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	logo.png realestate.servicecu.org/_main/assets/images/	15 KB 16 KB	92ms 92ms	Image image/png	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://realestate.servicecu.org/_main/assets/images/logo.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash 7bd6872eb993e7bd9e59fd20c3da1b8feaae0e8d11fa9fb67009d077c620900a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag "65ab13c0-3dcb" x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 15819
GET H2	200	41-es2015.079e6956b5074f992340.js Show response realestate.servicecu.org/	2 KB 1 KB	92ms 92ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/41-es2015.079e6956b5074f992340.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 4d135ba49143bda7e021ab8161c2dcc373310d9748b41dfbc558a36c268b3517 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:49 GMT server nginx/1.22.1 etag W/"65ab13c1-7b5" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
GET H2	200	37-es2015.87ea703cb3e101edb7f9.js Show response realestate.servicecu.org/	769 B 627 B	93ms 93ms	Script application/javascript	34.193.172.31 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://realestate.servicecu.org/37-es2015.87ea703cb3e101edb7f9.js Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/runtime-es2015.e5e10ef19ba08634dbff.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-172-31.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash 48c14cc97e6906f72f85b0d8f6ac845006da2373be9613e006c218aebe1fe552 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip last-modified Sat, 20 Jan 2024 00:28:48 GMT server nginx/1.24.0 etag W/"65ab13c0-301" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 214 B	14ms 14ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1923944179&t=pageview&_s=1&dl=https%3A%2F%2Frealestate.servicecu.org%2F&ul=en-us&de=UTF-8&dt=Lion%20App&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=96678239&gjid=1552861271&cid=1470722238.1707019515&tid=UA-3159903-1&_gid=1555260170.1707019515&_r=1&_slc=1&gtm=45He41v0n81MCKXNXZv78941125za200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=161561215 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://realestate.servicecu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 259 B	33ms 13ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-HRXT06SLJ7&gtm=45je41v0v886452320z878941125za200&_p=1707019514610&_gaz=1&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1470722238.1707019515&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1707019514&sct=1&seg=0&dl=https%3A%2F%2Frealestate.servicecu.org%2F&dt=Lion%20App&en=page_view&_fv=1&_ss=1&tfd=1262 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HRXT06SLJ7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://realestate.servicecu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	52ms 18ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HRXT06SLJ7&cid=1470722238.1707019515&gtm=45je41v0v886452320z878941125za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HRXT06SLJ7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://realestate.servicecu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	37ms 17ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HRXT06SLJ7&cid=1470722238.1707019515&gtm=45je41v0v886452320z878941125za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0&z=1271682594 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 351 B	42ms 18ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3159903-1&cid=1470722238.1707019515&jid=96678239&gjid=1552861271&_gid=1555260170.1707019515&_u=YGBACEAABAAAACAAI~&z=515938959 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 04 Feb 2024 04:05:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://realestate.servicecu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/	54 B 176 B	165ms 164ms	XHR text/plain	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Flion-scu-prod%2Fdatabases%2F(default)&VER=8&RID=55231&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.11.0%0D%0A&zx=w5vkl9i0nni0&t=1 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash faa379643825e5b627a993b91e3fcc18320737eec3c18f55f07e991eb26b501c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 04 Feb 2024 04:05:14 GMT content-encoding gzip x-content-type-options nosniff x-client-wire-protocol h2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71 x-xss-protection 0 server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://realestate.servicecu.org access-control-expose-headers x-client-wire-protocol,x-http-session-id cache-control private access-control-allow-credentials true x-http-session-id fnSL6hTG-ujziudF0X_71UL3WSIyqSlOKVjQPvigVb4
GET H2	204	343005408.js Show response bat.bing.com/p/action/	0 117 B	33ms 33ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/343005408.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sun, 04 Feb 2024 04:05:13 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D53989D1678041408773F67447648FC9 Ref B: FRA31EDGE0611 Ref C: 2024-02-04T04:05:14Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 286 B	78ms 78ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=343005408&tm=gtm002&Ver=2&mid=54808399-81ed-4386-a333-60c2353545a6&sid=998deab0c31211ee9e10ad81d3c9b248&vid=998dd3e0c31211eebc2bbb1b33a1d516&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Lion%20App&p=https%3A%2F%2Frealestate.servicecu.org%2F&r=&lt=1098&evt=pageLoad&sv=1&rn=206139 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 04 Feb 2024 04:05:13 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D929401BD5F14B41AB29B4288D8C9239 Ref B: FRA31EDGE0611 Ref C: 2024-02-04T04:05:14Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	609268433667531 Show response connect.facebook.net/signals/config/	53 KB 11 KB	83ms 82ms	Script application/x-javascript	2a03:2880:f03d:1c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/609268433667531?v=2.9.144&r=stable&domain=realestate.servicecu.org&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b7798053a969920fdb4f02e94ab3f02e7b2b1625821f06664a3a79ae48d46bc4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 04 Feb 2024 04:05:14 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug x6dD2CVGZmViNpHq6iMCf1yCgu7IY7jWWPr1+6OgV/dNUf9H9MOCTimN1gnsXwV2QTBR1zT+05XTKlCL2wSjSQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	mobile.html Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame 89DA	572 B 1004 B	13ms 12ms	Document text/html	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F&parent_url=https%3A%2F%2Frealestate.servicecu.org%2F&parent_referrer= Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e90bd8da5d36b78bea3e087fffee63dcfc8415cedc4e883a6ef2efea6dab9493 Request headers Referer https://realestate.servicecu.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1167 cache-control max-age=3600 content-length 572 content-type text/html date Sun, 04 Feb 2024 03:56:28 GMT etag "87112e7d74a06c1831fed0c1548bde3c" last-modified Tue, 07 Mar 2023 02:06:22 GMT server AmazonS3 vary Accept-Encoding via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-id ebB6FggHPfGJh434JUCZGxdia0OtmOhELNDaDjeGNGEB09WTztCHAw== x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-amz-version-id Pm_bi9VmDzVjUW4aN8TmDfjAu.GQZJld x-cache Hit from cloudfront
GET H2	200	mobile.html Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame CE8B	572 B 1005 B	13ms 13ms	Document text/html	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?cp._gcl_au=1.1.96772842.1707019515&cp._gid=GA1.2.1555260170.1707019515&cp._gat_UA-3159903-1=1&cp._ga=GA1.1.1470722238.1707019515&cp._ga_HRXT06SLJ7=GS1.1.1707019514.1.0.1707019514.60.0.0&cp._uetsid=998deab0c31211ee9e10ad81d3c9b248&cp._uetvid=998dd3e0c31211eebc2bbb1b33a1d516&cp.a_ps_main_v_id=018d724ab3ce0075bde76f39461803074002106c00b08&cp.a_ps_main__pn=1&cp.a_ps_main_ses_id=1707019514831&cp.a_ps_main__ss=1&cp.a_ps_main__se=1&cp.a_ps_main__sn=1&cp.a_ps_main__st=1707021314831&meta.robots=noindex,nofollow&meta.viewport=viewport-fit=cover,%20width=device-width,%20initial-scale=1.0,%20minimum-scale=1.0,%20maximum-scale=1.0,%20user-scalable=no&meta.format-detection=telephone=no&meta.msapplication-tap-highlight=no&meta.apple-mobile-web-app-capable=yes&meta.apple-mobile-web-app-status-bar-style=black&meta.google-site-verification=AJ04ViUUM0xd2x_r5YEn8wLSaZlEklMQMilsdHFnz2Y&meta.facebook-domain-verification=11cy4etwdw47ti4wul6unztqc6kss9&dom.referrer=&dom.title=Lion%20App&dom.domain=realestate.servicecu.org&dom.query_string=&dom.hash=&dom.url=https://realestate.servicecu.org/&dom.pathname=/&dom.viewport_height=1200&dom.viewport_width=1600&ut.domain=servicecu.org&ut.version=ut4.48.202402022024&ut.event=view&ut.visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&ut.session_id=1707019514831&ut.account=advantagepublisherservices&ut.profile=adv&ut.env=prod&tealium_event=view&tealium_visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&tealium_session_id=1707019514831&tealium_session_number=1&tealium_session_event_number=1&tealium_datasource=&tealium_account=advantagepublisherservices&tealium_profile=adv&tealium_environment=prod&tealium_random=9463411741326408&tealium_library_name=utag.js&tealium_library_version=4.48.0&tealium_timestamp_epoch=1707019514&tealium_timestamp_utc=2024-02-04T04:05:14.831Z&tealium_timestamp_local=2024-02-04T05:05:14.831&parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e90bd8da5d36b78bea3e087fffee63dcfc8415cedc4e883a6ef2efea6dab9493 Request headers Referer https://realestate.servicecu.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1167 cache-control max-age=3600 content-length 572 content-type text/html date Sun, 04 Feb 2024 03:56:28 GMT etag "87112e7d74a06c1831fed0c1548bde3c" last-modified Tue, 07 Mar 2023 02:06:22 GMT server AmazonS3 vary Accept-Encoding via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-id nDh4XXuHHqTP8nIq_EfsNUTEHlvY5va0domozDDm62QYhXuS9WQCuw== x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-amz-version-id Pm_bi9VmDzVjUW4aN8TmDfjAu.GQZJld x-cache Hit from cloudfront
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame 89DA	640 KB 65 KB	15ms 13ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F&parent_url=https%3A%2F%2Frealestate.servicecu.org%2F&parent_referrer= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 075be70fb9fdba263f070479ad7bd615a1c8221430a19827578418f0992015da Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F&parent_url=https%3A%2F%2Frealestate.servicecu.org%2F&parent_referrer= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id 5JteOzKW_9h5kqfWldHxe2rzHJFZuCNl content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:25 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 197 x-amz-server-side-encryption AES256 etag W/"c0d7a0b8a04051782e563e9063baf2c5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id _TkZdzgVcyfxl_YFfWqWRhXQ6-aBZNbRMqs9hwV8QR-TTIDZ-0p1EQ==
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame CE8B	640 KB 65 KB	13ms 12ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?cp._gcl_au=1.1.96772842.1707019515&cp._gid=GA1.2.1555260170.1707019515&cp._gat_UA-3159903-1=1&cp._ga=GA1.1.1470722238.1707019515&cp._ga_HRXT06SLJ7=GS1.1.1707019514.1.0.1707019514.60.0.0&cp._uetsid=998deab0c31211ee9e10ad81d3c9b248&cp._uetvid=998dd3e0c31211eebc2bbb1b33a1d516&cp.a_ps_main_v_id=018d724ab3ce0075bde76f39461803074002106c00b08&cp.a_ps_main__pn=1&cp.a_ps_main_ses_id=1707019514831&cp.a_ps_main__ss=1&cp.a_ps_main__se=1&cp.a_ps_main__sn=1&cp.a_ps_main__st=1707021314831&meta.robots=noindex,nofollow&meta.viewport=viewport-fit=cover,%20width=device-width,%20initial-scale=1.0,%20minimum-scale=1.0,%20maximum-scale=1.0,%20user-scalable=no&meta.format-detection=telephone=no&meta.msapplication-tap-highlight=no&meta.apple-mobile-web-app-capable=yes&meta.apple-mobile-web-app-status-bar-style=black&meta.google-site-verification=AJ04ViUUM0xd2x_r5YEn8wLSaZlEklMQMilsdHFnz2Y&meta.facebook-domain-verification=11cy4etwdw47ti4wul6unztqc6kss9&dom.referrer=&dom.title=Lion%20App&dom.domain=realestate.servicecu.org&dom.query_string=&dom.hash=&dom.url=https://realestate.servicecu.org/&dom.pathname=/&dom.viewport_height=1200&dom.viewport_width=1600&ut.domain=servicecu.org&ut.version=ut4.48.202402022024&ut.event=view&ut.visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&ut.session_id=1707019514831&ut.account=advantagepublisherservices&ut.profile=adv&ut.env=prod&tealium_event=view&tealium_visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&tealium_session_id=1707019514831&tealium_session_number=1&tealium_session_event_number=1&tealium_datasource=&tealium_account=advantagepublisherservices&tealium_profile=adv&tealium_environment=prod&tealium_random=9463411741326408&tealium_library_name=utag.js&tealium_library_version=4.48.0&tealium_timestamp_epoch=1707019514&tealium_timestamp_utc=2024-02-04T04:05:14.831Z&tealium_timestamp_local=2024-02-04T05:05:14.831&parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 075be70fb9fdba263f070479ad7bd615a1c8221430a19827578418f0992015da Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?cp._gcl_au=1.1.96772842.1707019515&cp._gid=GA1.2.1555260170.1707019515&cp._gat_UA-3159903-1=1&cp._ga=GA1.1.1470722238.1707019515&cp._ga_HRXT06SLJ7=GS1.1.1707019514.1.0.1707019514.60.0.0&cp._uetsid=998deab0c31211ee9e10ad81d3c9b248&cp._uetvid=998dd3e0c31211eebc2bbb1b33a1d516&cp.a_ps_main_v_id=018d724ab3ce0075bde76f39461803074002106c00b08&cp.a_ps_main__pn=1&cp.a_ps_main_ses_id=1707019514831&cp.a_ps_main__ss=1&cp.a_ps_main__se=1&cp.a_ps_main__sn=1&cp.a_ps_main__st=1707021314831&meta.robots=noindex,nofollow&meta.viewport=viewport-fit=cover,%20width=device-width,%20initial-scale=1.0,%20minimum-scale=1.0,%20maximum-scale=1.0,%20user-scalable=no&meta.format-detection=telephone=no&meta.msapplication-tap-highlight=no&meta.apple-mobile-web-app-capable=yes&meta.apple-mobile-web-app-status-bar-style=black&meta.google-site-verification=AJ04ViUUM0xd2x_r5YEn8wLSaZlEklMQMilsdHFnz2Y&meta.facebook-domain-verification=11cy4etwdw47ti4wul6unztqc6kss9&dom.referrer=&dom.title=Lion%20App&dom.domain=realestate.servicecu.org&dom.query_string=&dom.hash=&dom.url=https://realestate.servicecu.org/&dom.pathname=/&dom.viewport_height=1200&dom.viewport_width=1600&ut.domain=servicecu.org&ut.version=ut4.48.202402022024&ut.event=view&ut.visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&ut.session_id=1707019514831&ut.account=advantagepublisherservices&ut.profile=adv&ut.env=prod&tealium_event=view&tealium_visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&tealium_session_id=1707019514831&tealium_session_number=1&tealium_session_event_number=1&tealium_datasource=&tealium_account=advantagepublisherservices&tealium_profile=adv&tealium_environment=prod&tealium_random=9463411741326408&tealium_library_name=utag.js&tealium_library_version=4.48.0&tealium_timestamp_epoch=1707019514&tealium_timestamp_utc=2024-02-04T04:05:14.831Z&tealium_timestamp_local=2024-02-04T05:05:14.831&parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id 5JteOzKW_9h5kqfWldHxe2rzHJFZuCNl content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:25 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 197 x-amz-server-side-encryption AES256 etag W/"c0d7a0b8a04051782e563e9063baf2c5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id 2_BWVqRJzDnuKZ9fkWe0BUokecW15oo89Mdn1874JxavZKVYlt8dZg==
GET H2	200	channel firestore.googleapis.com/google.firestore.v1.Firestore/Listen/	810 B 0	701ms 701ms	XHR text/plain	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Flion-scu-prod%2Fdatabases%2F(default)&gsessionid=kAJ5_Vd5dbwdUv5J8JoxrXYYc1sZ-8Qxv2CIH4qj1EQ&VER=8&RID=rpc&SID=kl--46uqtGcEuE_PL5B-4g&CI=0&AID=0&TYPE=xmlhttp&zx=aa948gb3ugvg&t=1 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Referer, origin x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 access-control-allow-origin https://realestate.servicecu.org cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H2	200	utag.35.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame CE8B	5 KB 2 KB	21ms 21ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.35.js?utv=ut4.48.202309271844 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 620a8529dacaf51d76e1292d4ecb939abc7da8ce0a4353797272a65518b2592d Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?cp._gcl_au=1.1.96772842.1707019515&cp._gid=GA1.2.1555260170.1707019515&cp._gat_UA-3159903-1=1&cp._ga=GA1.1.1470722238.1707019515&cp._ga_HRXT06SLJ7=GS1.1.1707019514.1.0.1707019514.60.0.0&cp._uetsid=998deab0c31211ee9e10ad81d3c9b248&cp._uetvid=998dd3e0c31211eebc2bbb1b33a1d516&cp.a_ps_main_v_id=018d724ab3ce0075bde76f39461803074002106c00b08&cp.a_ps_main__pn=1&cp.a_ps_main_ses_id=1707019514831&cp.a_ps_main__ss=1&cp.a_ps_main__se=1&cp.a_ps_main__sn=1&cp.a_ps_main__st=1707021314831&meta.robots=noindex,nofollow&meta.viewport=viewport-fit=cover,%20width=device-width,%20initial-scale=1.0,%20minimum-scale=1.0,%20maximum-scale=1.0,%20user-scalable=no&meta.format-detection=telephone=no&meta.msapplication-tap-highlight=no&meta.apple-mobile-web-app-capable=yes&meta.apple-mobile-web-app-status-bar-style=black&meta.google-site-verification=AJ04ViUUM0xd2x_r5YEn8wLSaZlEklMQMilsdHFnz2Y&meta.facebook-domain-verification=11cy4etwdw47ti4wul6unztqc6kss9&dom.referrer=&dom.title=Lion%20App&dom.domain=realestate.servicecu.org&dom.query_string=&dom.hash=&dom.url=https://realestate.servicecu.org/&dom.pathname=/&dom.viewport_height=1200&dom.viewport_width=1600&ut.domain=servicecu.org&ut.version=ut4.48.202402022024&ut.event=view&ut.visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&ut.session_id=1707019514831&ut.account=advantagepublisherservices&ut.profile=adv&ut.env=prod&tealium_event=view&tealium_visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&tealium_session_id=1707019514831&tealium_session_number=1&tealium_session_event_number=1&tealium_datasource=&tealium_account=advantagepublisherservices&tealium_profile=adv&tealium_environment=prod&tealium_random=9463411741326408&tealium_library_name=utag.js&tealium_library_version=4.48.0&tealium_timestamp_epoch=1707019514&tealium_timestamp_utc=2024-02-04T04:05:14.831Z&tealium_timestamp_local=2024-02-04T05:05:14.831&parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id DdC9W0FPf5nsAKYowkxEzMOYXPwUT_1L content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 262 x-amz-server-side-encryption AES256 etag W/"f9602db62e83c3fe008207cc170468ba" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 6I45v-iv4_FCxLjtszObCiG0Cu9ZR1WVGpYCyx4QK_4qDjqv3Inaqg==
GET H2	200	utag.54.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame CE8B	4 KB 2 KB	23ms 22ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.54.js?utv=ut4.48.201903292223 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fc297f4e82298061268ed24e1d04ba53aba64615cfdb5f9ca0568a9bb02df9ba Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?cp._gcl_au=1.1.96772842.1707019515&cp._gid=GA1.2.1555260170.1707019515&cp._gat_UA-3159903-1=1&cp._ga=GA1.1.1470722238.1707019515&cp._ga_HRXT06SLJ7=GS1.1.1707019514.1.0.1707019514.60.0.0&cp._uetsid=998deab0c31211ee9e10ad81d3c9b248&cp._uetvid=998dd3e0c31211eebc2bbb1b33a1d516&cp.a_ps_main_v_id=018d724ab3ce0075bde76f39461803074002106c00b08&cp.a_ps_main__pn=1&cp.a_ps_main_ses_id=1707019514831&cp.a_ps_main__ss=1&cp.a_ps_main__se=1&cp.a_ps_main__sn=1&cp.a_ps_main__st=1707021314831&meta.robots=noindex,nofollow&meta.viewport=viewport-fit=cover,%20width=device-width,%20initial-scale=1.0,%20minimum-scale=1.0,%20maximum-scale=1.0,%20user-scalable=no&meta.format-detection=telephone=no&meta.msapplication-tap-highlight=no&meta.apple-mobile-web-app-capable=yes&meta.apple-mobile-web-app-status-bar-style=black&meta.google-site-verification=AJ04ViUUM0xd2x_r5YEn8wLSaZlEklMQMilsdHFnz2Y&meta.facebook-domain-verification=11cy4etwdw47ti4wul6unztqc6kss9&dom.referrer=&dom.title=Lion%20App&dom.domain=realestate.servicecu.org&dom.query_string=&dom.hash=&dom.url=https://realestate.servicecu.org/&dom.pathname=/&dom.viewport_height=1200&dom.viewport_width=1600&ut.domain=servicecu.org&ut.version=ut4.48.202402022024&ut.event=view&ut.visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&ut.session_id=1707019514831&ut.account=advantagepublisherservices&ut.profile=adv&ut.env=prod&tealium_event=view&tealium_visitor_id=018d724ab3ce0075bde76f39461803074002106c00b08&tealium_session_id=1707019514831&tealium_session_number=1&tealium_session_event_number=1&tealium_datasource=&tealium_account=advantagepublisherservices&tealium_profile=adv&tealium_environment=prod&tealium_random=9463411741326408&tealium_library_name=utag.js&tealium_library_version=4.48.0&tealium_timestamp_epoch=1707019514&tealium_timestamp_utc=2024-02-04T04:05:14.831Z&tealium_timestamp_local=2024-02-04T05:05:14.831&parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id BJ.mjvXbFhYrMHh7PGsJ8TXk2ydxJQQN content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:24 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 55 x-amz-server-side-encryption AES256 etag W/"f7a01a4e6796c44d90de9368ffa27e8e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id WyyRBus4YbDWtapM02lgfK7mXuqt8G48jU2YsK7wc-ssXq1F1JODvA==
GET H2	200	utag.35.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame 89DA	5 KB 2 KB	21ms 21ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.35.js?utv=ut4.48.202309271844 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 620a8529dacaf51d76e1292d4ecb939abc7da8ce0a4353797272a65518b2592d Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F&parent_url=https%3A%2F%2Frealestate.servicecu.org%2F&parent_referrer= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id DdC9W0FPf5nsAKYowkxEzMOYXPwUT_1L content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:16 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 262 x-amz-server-side-encryption AES256 etag W/"f9602db62e83c3fe008207cc170468ba" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id E0I8H0NaBWnQxy3Bi1heob2MIGMuguAru6Fp7v6h5BtUEaL2CO_YaQ==
GET H2	200	utag.54.js Show response tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/ Frame 89DA	4 KB 2 KB	23ms 23ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.54.js?utv=ut4.48.201903292223 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fc297f4e82298061268ed24e1d04ba53aba64615cfdb5f9ca0568a9bb02df9ba Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F&parent_url=https%3A%2F%2Frealestate.servicecu.org%2F&parent_referrer= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id BJ.mjvXbFhYrMHh7PGsJ8TXk2ydxJQQN content-encoding br via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) date Sun, 04 Feb 2024 04:05:14 GMT last-modified Fri, 02 Feb 2024 20:26:24 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 55 x-amz-server-side-encryption AES256 etag W/"f7a01a4e6796c44d90de9368ffa27e8e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id e_20o9l3ftK66_d6rhSu72JqniV1mJaj08tTu2235KBUqZlbRBxGWg==
GET H2	200	/ www.facebook.com/tr/	0 185 B	50ms 18ms	Image text/plain	2a03:2880:f13d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=609268433667531&ev=PageView&dl=https%3A%2F%2Frealestate.servicecu.org%2F&rl=&if=false&ts=1707019514922&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.1.1707019514922.161512942&ler=empty&cdl=API_unavailable&it=1707019514818&coo=false&exp=e1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 04 Feb 2024 04:05:14 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 Show response 12248586.fls.doubleclick.net/ Frame DEA6 Redirect Chain https://12248586.fls.doubleclick.net/activityi;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? https://12248586.fls.doubleclick.net/activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1?	2 KB 849 B	42ms 42ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://12248586.fls.doubleclick.net/activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash a2b93948d3f15906519da66beef573896d1fc04b8ca2bc5fddfd0cd8d9a41e6b Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tags.tiqcdn.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 824 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 04 Feb 2024 04:05:15 GMT expires Sun, 04 Feb 2024 04:05:15 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 04 Feb 2024 04:05:15 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://12248586.fls.doubleclick.net/activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	54ca1c81-15c8-49d6-9fac-73c81d510e53 Show response tag.simpli.fi/sifitag/ Frame CE8B	3 KB 2 KB	62ms 16ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash a0dbe2b545f1b1c58716095b65bed33c655fbd87c9602a239ccad18a320b90e3 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F7CNNGg5wWDbj-zC7U5B expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/ Frame 89DA	2 B 433 B	11ms 11ms	Script application/javascript	2600:9000:225b:6000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=advantagepublisherservices/adv/202402022023&cb=1707019514947 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:6000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/mobile.html?parent_title=Lion%20App&parent_domain=realestate.servicecu.org&parent_pathname=%2F&parent_url=https%3A%2F%2Frealestate.servicecu.org%2F&parent_referrer= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Sun, 04 Feb 2024 03:58:20 GMT via 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 415 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id 4BFXkO_YY5m6fTyz0iTyv-vYVuoQwKuA6B1Tyu9mZ539qROMxStt_g==
GET H2	200	activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 Show response 12248586.fls.doubleclick.net/ Frame C4E2 Redirect Chain https://12248586.fls.doubleclick.net/activityi;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? https://12248586.fls.doubleclick.net/activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1?	2 KB 1 KB	42ms 42ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://12248586.fls.doubleclick.net/activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash 940ec77ebb096a71f5753a01b2bd5b9fbc8f6ce5fc48736faf35ef3e01f77224 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tags.tiqcdn.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 817 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 04 Feb 2024 04:05:15 GMT expires Sun, 04 Feb 2024 04:05:15 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 04 Feb 2024 04:05:15 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://12248586.fls.doubleclick.net/activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	54ca1c81-15c8-49d6-9fac-73c81d510e53 Show response tag.simpli.fi/sifitag/ Frame 89DA	3 KB 2 KB	57ms 15ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/advantagepublisherservices/adv/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash a0dbe2b545f1b1c58716095b65bed33c655fbd87c9602a239ccad18a320b90e3 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F7CNNGg48n2tBIy5L4-B expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/	427 B 0	669ms 669ms	XHR text/plain	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Flion-scu-prod%2Fdatabases%2F(default)&gsessionid=fnSL6hTG-ujziudF0X_71UL3WSIyqSlOKVjQPvigVb4&VER=8&RID=rpc&SID=N5_Pofng_zPf12c3yupybg&CI=0&AID=0&TYPE=xmlhttp&zx=3pxqyl40fru7&t=1 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Referer, origin x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 access-control-allow-origin https://realestate.servicecu.org cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	50ms 11ms	Script application/x-javascript	108.138.40.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.40.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-40-116.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Sat, 03 Feb 2024 07:54:00 GMT Content-Encoding gzip Via 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront) Last-Modified Wed, 17 Jan 2024 00:44:59 GMT Server AmazonS3 X-Amz-Cf-Pop MUC50-P2 Age 72676 x-amz-server-side-encryption AES256 ETag W/"b7474eac210849250426a8f6a39d00f3" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id OYNicPccZX_59q5987-g9smCOFaId8GoMfCoPrz-lrIYcm__Zk81bg==
GET H/1.1	200 OK	/ Show response servedby.flashtalking.com/container/15062;111584;11586;iframe/ Frame 986C	2 KB 1 KB	47ms 13ms	Document text/html	184.30.135.56 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://servedby.flashtalking.com/container/15062;111584;11586;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Frealestate.servicecu.org%2F&ns=&cb=1525136307 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCKXNXZ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.30.135.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-135-56.deploy.static.akamaitechnologies.com Software prod-xre-app8.frk11 / Resource Hash 791c0ae01da8a5cb016f0499bd2908750d6de1f6197f20a4b6bbb6c0deaed81c Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://realestate.servicecu.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Encoding gzip Content-Length 954 Content-Type text/html Date Sun, 04 Feb 2024 04:05:15 GMT Expires Sun, 04 Feb 2024 04:05:15 GMT Pragma no-cache Server prod-xre-app8.frk11 Strict-Transport-Security max-age=86400 Vary Accept-Encoding
GET H2	200	up Show response insight.adsrvr.org/track/ Frame 7BDE	0 60 B	105ms 33ms	Document text/html	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=1lcgxq0&ref=https%3A%2F%2Frealestate.servicecu.org%2F&upid=hv9kzcy&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://realestate.servicecu.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 0 content-type text/html date Sun, 04 Feb 2024 04:05:15 GMT server Kestrel
GET H2	200	dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 adservice.google.com/ddm/fls/z/ Frame C4E2	42 B 401 B	76ms 41ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 Requested by Host: 12248586.fls.doubleclick.net URL: https://12248586.fls.doubleclick.net/activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12248586.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDEyMjQ4NTg2CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly90aXFjZG4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogQ09OVkVSU0lPTgpkZWJ1Z19rZXk6... ad.doubleclick.net/ddm/activity/ Frame C4E2	0 2 KB	75ms 40ms	Image image/png	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDEyMjQ4NTg2CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly90aXFjZG4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogQ09OVkVSU0lPTgpkZWJ1Z19rZXk6IDM1MTMwNTQ4Nzg5MDA5NTc0MTgKY3RjX2NvbnZlcnNpb25fYnVja2V0OiA1CmFyY2hldHlwZV9pZDogMQphcmNoZXR5cGVfaWQ6IDMKYXJjaGV0eXBlX2lkOiA0CmFyY2hldHlwZV9pZDogNQphcmNoZXR5cGVfaWQ6IDYKYXJjaGV0eXBlX2lkOiA3CmFyY2hldHlwZV9pZDogOAphcmNoZXR5cGVfaWQ6IDkKYXJjaGV0eXBlX2lkOiAxMAphcmNoZXR5cGVfaWQ6IDExCmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYXJjaGV0eXBlX2lkOiAxNgphcmNoZXR5cGVfaWQ6IDE3CmFyY2hldHlwZV9pZDogMTgKYXJjaGV0eXBlX2lkOiAxOQphcmNoZXR5cGVfaWQ6IDIwCmFyY2hldHlwZV9pZDogMjEKY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9BQ1RJVklUWV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTMwNTM5OTcKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDQiCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDc5NzAyOTE5MjY3MjA5NTE2ODIK Requested by Host: 12248586.fls.doubleclick.net URL: https://12248586.fls.doubleclick.net/activityi;dc_pre=CI7VxZ7nkIQDFeZckQUdRGgNBw;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12248586.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"7970291926720951682"}],"aggregatable_trigger_data":[{"filters":{"14":["13053997"]},"key_piece":"0x3cd55be69331ecef","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xe01b15bfea8a6e5b","not_filters":{"14":["13053997"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["13053997"]},"key_piece":"0x4b3c9f3610ced358","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x13acf48c0bacd468","not_filters":{"14":["13053997"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"3513054878900957418","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7970291926720951682","filters":{"14":["13053997"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"7970291926720951682","filters":{"14":["13053997"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"7970291926720951682","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"7970291926720951682","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["12248586"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 adservice.google.com/ddm/fls/z/ Frame DEA6	42 B 107 B	44ms 43ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1 Requested by Host: 12248586.fls.doubleclick.net URL: https://12248586.fls.doubleclick.net/activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12248586.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDEyMjQ4NTg2CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly90aXFjZG4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogQ09OVkVSU0lPTgpkZWJ1Z19rZXk6... ad.doubleclick.net/ddm/activity/ Frame DEA6	0 2 KB	41ms 41ms	Image image/png	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDEyMjQ4NTg2CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly90aXFjZG4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogQ09OVkVSU0lPTgpkZWJ1Z19rZXk6IDExMjY2NjgzMjM3Mjk4NjM0MTQ1CmN0Y19jb252ZXJzaW9uX2J1Y2tldDogNQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEzMDUzOTk3CiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA0IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiA3OTcwMjkxOTI2NzIwOTUxNjgyCg Requested by Host: 12248586.fls.doubleclick.net URL: https://12248586.fls.doubleclick.net/activityi;dc_pre=CObJx57nkIQDFTNGkQUdM-kMcQ;src=12248586;type=daily0;cat=daily0;qty=1;cost=;ord=1? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://12248586.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"7970291926720951682"}],"aggregatable_trigger_data":[{"filters":{"14":["13053997"]},"key_piece":"0x3cd55be69331ecef","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xe01b15bfea8a6e5b","not_filters":{"14":["13053997"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["13053997"]},"key_piece":"0x4b3c9f3610ced358","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x13acf48c0bacd468","not_filters":{"14":["13053997"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"11266683237298634145","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7970291926720951682","filters":{"14":["13053997"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"7970291926720951682","filters":{"14":["13053997"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"7970291926720951682","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"7970291926720951682","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["12248586"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p Show response i.simpli.fi/ Frame 89DA	800 B 763 B	30ms 16ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=382767&cb=sifi_att_1366588._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash e3ed609e5d5b005171a6398b2ae341b8900d07ddf662b9f22d9720fe25fffed5 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	p Show response i.simpli.fi/ Frame CE8B	800 B 763 B	27ms 15ms	Script application/javascript	35.234.162.151 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=382767&cb=sifi_att_1366588._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 151.162.234.35.bc.googleusercontent.com Software openresty / Resource Hash e7dd0e916860ebf53fa4b78941de149f42f66467882a43b0bc1a7d0ec1a467ff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	204	/ s.ad.smaato.net/c/ Frame CE8B Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301	0 236 B	78ms 30ms	Image text/plain	2600:9000:237d:d400:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 2600:9000:237d:d400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-cache, must-revalidate via 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P2 x-amz-cf-id gD6gmxLJLiaFKbsB89Y7x_qogWz0hrpFByjJz34CWvlKA5QNTi8M_w== x-cache Miss from cloudfront Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003 sync.targeting.unrulymedia.com/csync/ Frame CE8B Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301 https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301?zcc=1&cb=1707019515315 https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003	43 B 378 B	48ms 13ms	Image image/gif	46.228.174.117 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003 Protocol H2 Server 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT content-length 43 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers location https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003 pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-type text/html
GET H2	200	xuid eb2.3lift.com/ Frame CE8B Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3	37 B 140 B	28ms 8ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3 Protocol H2 Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	sync simplifi.partners.tremorhub.com/ Frame CE8B Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301	43 B 174 B	372ms 119ms	Image image/gif	2600:1f18:612b:4264:be67:3ab4:f70e:2a25 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 2600:1f18:612b:4264:be67:3ab4:f70e:2a25 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sun, 04 Feb 2024 04:05:15 GMT server nginx content-type image/gif Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame CE8B Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301	95 B 429 B	19ms 18ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Frame CE8B Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D1C32438D0E54881BFD669D2908B1301 https://d.agkn.com/pixel/10751/?che=1707019515378&ip=138.199.38.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219843204782000175568 https://um.simpli.fi/aa_px?sk=219843204782000175568 https://um.simpli.fi/empty.gif	43 B 361 B	14ms 13ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Protocol H2 Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	403	ProfilesEngineServlet sync.intentiq.com/profiles_engine/ Frame CE8B Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301	0 0	52ms 11ms	Image text/html	18.173.187.39 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 18.173.187.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-39.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame CE8B	43 B 409 B	16ms 14ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	freewheel um.simpli.fi/ Frame CE8B	43 B 409 B	16ms 15ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/freewheel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	engine pbid.pro-market.net/ Frame CE8B Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img;sr https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjA5ODEyMzk2NDYxMjY5MjQwOQ== https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELkzUfdZ62NYhYOcdNyerNY&google_cver=1	43 B 382 B	16ms 16ms	Image image/gif	2600:1901:0:8eee:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELkzUfdZ62NYhYOcdNyerNY&google_cver=1 Protocol H2 Server 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp-eu-5.c.datonics-gcp-01.internal p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear content-length 43 expires Mon, 1 Jan 1990 0:0:0 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESELkzUfdZ62NYhYOcdNyerNY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 315 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	/ loadm.exelator.com/load/ Frame CE8B Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1	0 771 B	33ms 33ms	Image text/plain	54.78.254.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1 Protocol H2 Server 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-254-47.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:20 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	yahoo um.simpli.fi/ Frame CE8B	43 B 409 B	18ms 16ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/yahoo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H/1.1	204	sync sync.bfmio.com/ Frame CE8B Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301	0 421 B	396ms 94ms	Image text/plain	52.3.191.88 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301 Protocol HTTP/1.1 Server 52.3.191.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-191-88.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Connection keep-alive Date Sun, 04 Feb 2024 04:05:14 GMT Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	29931 stags.bluekai.com/site/ Frame CE8B Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301	62 B 444 B	187ms 158ms	Image image/gif	72.246.169.24 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-246-169-24.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sun, 04 Feb 2024 04:05:15 GMT content-length 62 content-type image/gif Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	404	tpid=D1C32438D0E54881BFD669D2908B1301 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame CE8B Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301	49 B 265 B	100ms 29ms	Image image/gif	54.74.49.78 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 54.74.49.78 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-74-49-78.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.26.79 content-length 49 expires 0 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	204	merge ce.lijit.com/ Frame CE8B Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301	0 205 B	114ms 30ms	Image text/plain	79.125.80.207 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-80-207.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers expires Fri, 20 Mar 2009 00:00:00 GMT pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT x-merge GDPR Optout true cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 p3p CP="CUR ADM OUR NOR STA NID" Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	451	419566.gif idsync.rlcdn.com/ Frame CE8B Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301	0 98 B	39ms 16ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/1026675585/ Frame CE8B Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1707019515196&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=... https://www.google.com/pagead/1p-conversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ih... https://www.google.de/pagead/1p-conversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=IhM...	42 B 154 B	20ms 19ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=IhMI9pvTnueQhAMVWwmiAx1DBgTH&is_vtc=1&ocp_id=-wy_ZbayD9uSiM0Pw4yQuAw&cid=CAQSKQAvHhf_x8XH7V0i9YukL-FY_LoTAEysSTyRH0utoFcLpAxA1GiDUwAb&random=224761133&ipr=y Protocol H2 Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/1026675585/?random=1068633436&cv=7&fst=1707019515196&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=IhMI9pvTnueQhAMVWwmiAx1DBgTH&is_vtc=1&ocp_id=-wy_ZbayD9uSiM0Pw4yQuAw&cid=CAQSKQAvHhf_x8XH7V0i9YukL-FY_LoTAEysSTyRH0utoFcLpAxA1GiDUwAb&random=224761133&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	spotx_match um.simpli.fi/ Frame CE8B	0 272 B	19ms 17ms	Image text/plain	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-origin * date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	bounce ib.adnxs.com/ Frame CE8B Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=D1C32438D0E54881BFD669D2908B1301 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301	43 B 1 KB	14ms 14ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT an-x-request-uuid d83a8b37-b40f-462f-9da8-4df3f6ad52b1 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT an-x-request-uuid eced7c36-9f59-44c5-b239-95d04439f016 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301 cache-control no-store, no-cache, private x-proxy-origin 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame CE8B Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365	0 239 B	48ms 7ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365 Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame CE8B Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301	43 B 264 B	36ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	204	g_match um.simpli.fi/ Frame CE8B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://um.simpli.fi/g_match?id=&google_gid=CAESEE3j36SGkYR-3nMfSfsCKw4&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1C32438D0E54881BFD669D2908B1301 https://um.simpli.fi/g_match?id=	0 320 B	30ms 30ms	Image text/plain	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Protocol H2 Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Sat, 03 Feb 2024 04:05:15 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	/ s.ad.smaato.net/c/ Frame 89DA Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301	0 238 B	76ms 29ms	Image text/plain	2600:9000:237d:d400:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 2600:9000:237d:d400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-cache, must-revalidate via 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P2 x-amz-cf-id HpyUriPGNpX6vk3e8jc3BWB8UokkJ9OjDe7oRNv1FGY7HGgmJP-9QA== x-cache Miss from cloudfront Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003 sync.targeting.unrulymedia.com/csync/ Frame 89DA Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301 https://sync.1rx.io/usersync/simplifi/D1C32438D0E54881BFD669D2908B1301?zcc=1&cb=1707019515315 https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003	43 B 377 B	49ms 14ms	Image image/gif	46.228.174.117 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003 Protocol H2 Server 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT content-length 43 p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers location https://sync.targeting.unrulymedia.com/csync/RX-d937bfb1-1c06-42ad-a2cd-978e7a3e038e-003 pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-type text/html
GET H2	200	xuid eb2.3lift.com/ Frame 89DA Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3	37 B 139 B	29ms 8ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3 Protocol H2 Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://eb2.3lift.com/xuid?mid=7969&xuid=D1C32438D0E54881BFD669D2908B1301&dongle=yf3 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	sync simplifi.partners.tremorhub.com/ Frame 89DA Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301	43 B 175 B	371ms 118ms	Image image/gif	2600:1f18:612b:4264:be67:3ab4:f70e:2a25 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 2600:1f18:612b:4264:be67:3ab4:f70e:2a25 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sun, 04 Feb 2024 04:05:15 GMT server nginx content-type image/gif Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 89DA Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301	95 B 418 B	28ms 16ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D1C32438D0E54881BFD669D2908B1301 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Frame 89DA Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D1C32438D0E54881BFD669D2908B1301 https://d.agkn.com/pixel/10751/?che=1707019515378&ip=138.199.38.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D218983204782000176305 https://um.simpli.fi/aa_px?sk=218983204782000176305 https://um.simpli.fi/empty.gif	43 B 361 B	14ms 14ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Protocol H2 Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	403	ProfilesEngineServlet sync.intentiq.com/profiles_engine/ Frame 89DA Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301	0 0	50ms 11ms	Image text/html	18.173.187.39 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 18.173.187.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-39.muc50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame 89DA	43 B 409 B	20ms 18ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	freewheel um.simpli.fi/ Frame 89DA	43 B 409 B	20ms 19ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/freewheel Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	451	400646.gif idsync.rlcdn.com/ Frame 89DA Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=D1C32438D0E54881BFD669D2908B1301;mimetype=img;sr https://idsync.rlcdn.com/400646.gif?partner_uid=-3673228304752881706	0 42 B	16ms 16ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/400646.gif?partner_uid=-3673228304752881706 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp-eu-5.c.datonics-gcp-01.internal p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * location https://idsync.rlcdn.com/400646.gif?partner_uid=-3673228304752881706 content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 expires Mon, 1 Jan 1990 0:0:0 GMT
GET H2	204	/ loadm.exelator.com/load/ Frame 89DA Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1	0 771 B	32ms 32ms	Image text/plain	54.78.254.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1 Protocol H2 Server 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-254-47.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Sun, 04 Feb 2024 04:05:20 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=D1C32438D0E54881BFD669D2908B1301&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	yahoo um.simpli.fi/ Frame 89DA	43 B 409 B	21ms 20ms	Image image/gif	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/yahoo Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H/1.1	204	sync sync.bfmio.com/ Frame 89DA Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301	0 421 B	389ms 93ms	Image text/plain	52.3.191.88 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301 Protocol HTTP/1.1 Server 52.3.191.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-191-88.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Connection keep-alive Date Sun, 04 Feb 2024 04:05:15 GMT Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	29931 stags.bluekai.com/site/ Frame 89DA Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301	62 B 444 B	185ms 158ms	Image image/gif	72.246.169.24 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-246-169-24.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sun, 04 Feb 2024 04:05:15 GMT content-length 62 content-type image/gif Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	404	tpid=D1C32438D0E54881BFD669D2908B1301 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 89DA Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301	49 B 264 B	99ms 29ms	Image image/gif	54.74.49.78 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 54.74.49.78 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-74-49-78.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.4.179 content-length 49 expires 0 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	204	merge ce.lijit.com/ Frame 89DA Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301	0 204 B	110ms 30ms	Image text/plain	79.125.80.207 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 79.125.80.207 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-80-207.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers expires Fri, 20 Mar 2009 00:00:00 GMT pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT x-merge GDPR Optout true cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 p3p CP="CUR ADM OUR NOR STA NID" Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ce.lijit.com/merge?pid=2&3pid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	451	419566.gif idsync.rlcdn.com/ Frame 89DA Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301	0 42 B	35ms 17ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://idsync.rlcdn.com/419566.gif?partner_uid=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	204	spotx_match um.simpli.fi/ Frame 89DA	0 272 B	28ms 27ms	Image text/plain	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/54ca1c81-15c8-49d6-9fac-73c81d510e53 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-origin * date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	bounce ib.adnxs.com/ Frame 89DA Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=D1C32438D0E54881BFD669D2908B1301 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301	43 B 1 KB	13ms 13ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT an-x-request-uuid 313415b0-bcf5-4994-aabc-af06083b44a8 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT an-x-request-uuid 67cb65f2-7714-4749-8cae-7aca3a56f489 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DD1C32438D0E54881BFD669D2908B1301 cache-control no-store, no-cache, private x-proxy-origin 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 89DA Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365	0 239 B	43ms 7ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365 Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 7d6e3b6fefbbeb4d018118d74243a2fc P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D1C32438D0E54881BFD669D2908B1301&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 89DA Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301	43 B 97 B	32ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://us-u.openx.net/w/1.0/sd?id=537072966&val=D1C32438D0E54881BFD669D2908B1301 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sat, 03 Feb 2024 04:05:15 GMT
GET H2	204	g_match um.simpli.fi/ Frame 89DA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://um.simpli.fi/g_match?id=&google_gid=CAESEE3j36SGkYR-3nMfSfsCKw4&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D1C32438D0E54881BFD669D2908B1301 https://um.simpli.fi/g_match?id=	0 320 B	30ms 29ms	Image text/plain	35.204.74.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Protocol H2 Server 35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.74.204.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 04:05:15 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Sat, 03 Feb 2024 04:05:15 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/1026675585/ Frame 89DA Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1707019515197&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=-... https://www.google.com/pagead/1p-conversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&ps... https://www.google.de/pagead/1p-conversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&psc...	42 B 108 B	42ms 42ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=IhMIrJ7TnueQhAMVnwmiAx0dEQ_CMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=-wy_Zey0D5-TiM0PnaK8kAw&cid=CAQSKQAvHhf_5WrSHz67NHx1KNvuxsZD90Yhgfahf5Orq4NmBKKBYV088xjm&random=619302134&ipr=y Protocol H2 Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tags.tiqcdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 04 Feb 2024 04:05:15 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/1026675585/?random=799406044&cv=7&fst=1707019515197&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=IhMIrJ7TnueQhAMVnwmiAx0dEQ_CMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=-wy_Zey0D5-TiM0PnaK8kAw&cid=CAQSKQAvHhf_5WrSHz67NHx1KNvuxsZD90Yhgfahf5Orq4NmBKKBYV088xjm&random=619302134&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	getLoanOfficerInformation scu-lendingservices.bluesageusa.com/lendingservices/processing/ Frame	0 0	305ms 107ms	Preflight	3.228.248.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scu-lendingservices.bluesageusa.com/lendingservices/processing/getLoanOfficerInformation?fireId=scu-prod Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.248.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-248-248.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://realestate.servicecu.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://realestate.servicecu.org access-control-max-age 1800 content-length 0 date Sun, 04 Feb 2024 04:05:15 GMT server nginx/1.22.1 vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-frame-options SAMEORIGIN
POST H2	200	getLoanOfficerInformation Show response scu-lendingservices.bluesageusa.com/lendingservices/processing/	34 KB 35 KB	339ms 339ms	XHR application/json	3.228.248.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scu-lendingservices.bluesageusa.com/lendingservices/processing/getLoanOfficerInformation?fireId=scu-prod Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.248.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-248-248.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 4d9f3df86f756b4fa5ff38e62da3fbb10be2bfd803da41bc5ebf94886534f7b8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://realestate.servicecu.org date Sun, 04 Feb 2024 04:05:16 GMT access-control-allow-credentials true server nginx/1.22.1 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type application/json;charset=ISO-8859-1
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/	10 B 50 B	118ms 118ms	XHR text/plain	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Flion-scu-prod%2Fdatabases%2F(default)&VER=8&gsessionid=fnSL6hTG-ujziudF0X_71UL3WSIyqSlOKVjQPvigVb4&SID=N5_Pofng_zPf12c3yupybg&RID=55232&AID=1&zx=szdbb9hj9s0q&t=1 Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 04 Feb 2024 04:05:15 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://realestate.servicecu.org cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 x-xss-protection 0
OPTIONS H2	200	lenderStates scu-lendingservices.bluesageusa.com/lendingservices/ref/ Frame	0 0	97ms 97ms	Preflight	3.228.248.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scu-lendingservices.bluesageusa.com/lendingservices/ref/lenderStates Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.248.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-248-248.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://realestate.servicecu.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://realestate.servicecu.org access-control-max-age 1800 content-length 0 date Sun, 04 Feb 2024 04:05:16 GMT server nginx/1.22.1 vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-frame-options SAMEORIGIN
GET H2	200	lenderStates Show response scu-lendingservices.bluesageusa.com/lendingservices/ref/	5 KB 5 KB	107ms 106ms	XHR application/json	3.228.248.248 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scu-lendingservices.bluesageusa.com/lendingservices/ref/lenderStates Requested by Host: realestate.servicecu.org URL: https://realestate.servicecu.org/polyfills-es2015.9bb6a27d95c208682ef8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.248.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-248-248.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash c6641146a7c9e4fedbd866296f0b7a06828183877844670d6f78c9e5759b5673 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://realestate.servicecu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://realestate.servicecu.org date Sun, 04 Feb 2024 04:05:16 GMT access-control-allow-credentials true server nginx/1.22.1 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options SAMEORIGIN content-type application/json;charset=ISO-8859-1
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	14ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-HRXT06SLJ7&gtm=45je41v0v886452320za200&_p=1707019514610&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1470722238.1707019515&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&_s=2&sid=1707019514&sct=1&seg=0&dl=https%3A%2F%2Frealestate.servicecu.org%2F&dt=Lion%20App&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6271 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HRXT06SLJ7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://realestate.servicecu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 04:05:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://realestate.servicecu.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT