urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mj201.xyz/
Effective URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Submission: On November 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 11 countries across 78 domains to perform 346 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 154739.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2022. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.179.174 32244 (LIQUIDWEB)
11 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.230.93.42 14618 (AMAZON-AES)
22 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 23.35.229.56 16625 (AKAMAI-AS)
1 23.35.237.56 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
24 18.156.195.47 16509 (AMAZON-02)
1 185.89.208.11 29990 (ASN-APPNEX)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2a02:2638::24 44788 (ASN-CRITE...)
1 4 51.89.9.252 16276 (OVH)
1 169.63.109.126 36351 (SOFTLAYER)
2 185.89.210.20 29990 (ASN-APPNEX)
3 104.18.18.126 13335 (CLOUDFLAR...)
1 99.81.203.9 16509 (AMAZON-02)
1 147.75.85.234 54825 (PACKET)
1 35.213.117.18 15169 (GOOGLE)
1 34.149.50.64 15169 (GOOGLE)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 34.107.148.139 396982 (GOOGLE-CL...)
8 52.28.148.185 16509 (AMAZON-02)
1 104.18.13.76 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
14 18.66.97.62 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 54.164.239.233 14618 (AMAZON-AES)
3 108.138.4.10 16509 (AMAZON-02)
1 35.170.230.14 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
5 3.33.220.150 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.200.185.2 14618 (AMAZON-AES)
1 18.66.147.73 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 13.32.106.197 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
1 35.156.99.162 16509 (AMAZON-02)
1 52.59.9.89 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.94.180.123 35220 (SPOTX-AMS)
17 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.138.7.125 16509 (AMAZON-02)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
6 162.19.138.83 16276 (OVH)
1 3.227.132.135 14618 (AMAZON-AES)
2 34.253.58.124 16509 (AMAZON-02)
24 2a02:2638::3 44788 (ASN-CRITE...)
1 34.208.243.53 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.97.8 16509 (AMAZON-02)
1 3.131.167.203 16509 (AMAZON-02)
2 2a02:2638::2 44788 (ASN-CRITE...)
3 2a02:2638:1::4 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.247.15.44 16509 (AMAZON-02)
1 20 142.250.186.66 15169 (GOOGLE)
1 1 23.35.228.23 16625 (AKAMAI-AS)
3 52.69.93.39 16509 (AMAZON-02)
1 52.57.80.202 16509 (AMAZON-02)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
2 2 20.127.253.7 8075 (MICROSOFT...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 139.162.84.221 63949 (LINODE-AP...)
6 6 52.28.211.5 16509 (AMAZON-02)
2 2 34.243.37.252 16509 (AMAZON-02)
4 4 185.64.189.115 62713 (AS-PUBMATIC)
2 2 76.223.111.18 16509 (AMAZON-02)
1 3.75.3.113 16509 (AMAZON-02)
1 1 151.101.194.49 54113 (FASTLY)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 1 159.65.197.210 14061 (DIGITALOC...)
2 174.137.133.49 27257 (WEBAIR-IN...)
4 4 70.42.32.127 13789 (INTERNAP-...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 8 69.173.144.139 26667 (RUBICONPR...)
3 178.250.2.148 44788 (ASN-CRITE...)
3 2600:9000:223... 16509 (AMAZON-02)
19 2a02:2638:1::8 44788 (ASN-CRITE...)
5 2a02:2638::21 44788 (ASN-CRITE...)
2 23.205.235.133 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
2 2 213.19.147.45 3356 (LEVEL3)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
2 2 185.183.112.155 60350 (VP)
1 185.80.39.216 27381 (CASALE-MEDIA)
2 3 54.239.38.253 16509 (AMAZON-02)
1 1 54.210.175.101 14618 (AMAZON-AES)
1 54.164.104.239 14618 (AMAZON-AES)
2 2 35.210.53.219 15169 (GOOGLE)
346 93
2    72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
mj201.xyz
11    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
16    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:92ff:fe2d:3e71 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    34.230.93.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-93-42.compute-1.amazonaws.com
embed.sendtonews.com
22    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
8    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
at.teads.tv
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
24    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com
in-appadvertising.com
2    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
1    99.81.203.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-203-9.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    52.28.148.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    18.66.97.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-62.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1    2600:9000:2490:b600:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    54.164.239.233 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-239-233.compute-1.amazonaws.com
s2l.sendtonews.com
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    35.170.230.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-230-14.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    34.200.185.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-185-2.compute-1.amazonaws.com
timber.sendtonews.com
1    18.66.147.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-73.fra60.r.cloudfront.net
player.sendtonews.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
1    104.18.12.242 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    35.156.99.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-99-162.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    52.59.9.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-9-89.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
17    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
1    108.138.7.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-125.fra56.r.cloudfront.net
sb.scorecardresearch.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    3.227.132.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-132-135.compute-1.amazonaws.com
idx.liadm.com
2    34.253.58.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-58-124.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
24    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    3.131.167.203 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-167-203.us-east-2.compute.amazonaws.com
prod.uidapi.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
3    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.247.15.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-15-44.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
20    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
3    52.69.93.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-93-39.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    52.57.80.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-80-202.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    139.162.84.221 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1564-221.members.linode.com
a.c.appier.net
6    52.28.211.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-211-5.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    34.243.37.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com
ads.avct.cloud
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.75.3.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
4    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
3    2600:9000:223c:f000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
19    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
5    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    213.19.147.45 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
2    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.210.175.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-175-101.compute-1.amazonaws.com
sync.ipredictive.com
1    54.164.104.239 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-104-239.compute-1.amazonaws.com
rtb.adentifi.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
Apex Domain
Subdomains		 Transfer
48 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5787
csm.eu.criteo.net — Cisco Umbrella Rank: 5892
185 KB
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
310 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
pubads.g.doubleclick.net — Cisco Umbrella Rank: 388
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
209 KB
24 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1180
1 KB
22 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 597
135 KB
17 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 866
gum.criteo.com — Cisco Umbrella Rank: 481
mug.criteo.com — Cisco Umbrella Rank: 1946
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14340
ads.eu.criteo.com — Cisco Umbrella Rank: 5761
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10346
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7537
147 KB
15 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
2 MB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 19188
s2l.sendtonews.com — Cisco Umbrella Rank: 20776
timber.sendtonews.com — Cisco Umbrella Rank: 21718
player.sendtonews.com — Cisco Umbrella Rank: 23675
211 KB
11 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1405
pixel.rubiconproject.com — Cisco Umbrella Rank: 483
eus.rubiconproject.com — Cisco Umbrella Rank: 826
token.rubiconproject.com — Cisco Umbrella Rank: 1059
13 KB
11 simcast.com
simcast.com — Cisco Umbrella Rank: 154739
123 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1559
match.sharethrough.com — Cisco Umbrella Rank: 756
1 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 385
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 765
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1256
50 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1351
x.bidswitch.net — Cisco Umbrella Rank: 415
4 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 134
www.google.com — Cisco Umbrella Rank: 17
2 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 678
cdn.id5-sync.com — Cisco Umbrella Rank: 1469
20 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 743
as-sec.casalemedia.com — Cisco Umbrella Rank: 2125
dsum.casalemedia.com — Cisco Umbrella Rank: 2183
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
4 KB
5 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 724
image6.pubmatic.com — Cisco Umbrella Rank: 922
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 457
1 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
imasdk.googleapis.com — Cisco Umbrella Rank: 468
347 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361
cloudflare.com — Cisco Umbrella Rank: 171
30 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 822
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
189 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
185 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1095
884 B
3 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2078
2 KB
3 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4180
130 B
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2092
tags.crwdcntrl.net — Cisco Umbrella Rank: 1434
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1072
10 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 883
eb2.3lift.com — Cisco Umbrella Rank: 571
1 KB
3 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 2411
ib.adnxs.com — Cisco Umbrella Rank: 313
3 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6413
746 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2384
993 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 784
1 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 11949
466 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4359
890 B
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2813
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1486
s.tribalfusion.com — Cisco Umbrella Rank: 3468
1 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1868
cs.media.net — Cisco Umbrella Rank: 2342
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5594
914 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1607
at.teads.tv — Cisco Umbrella Rank: 5479
4 KB
2 mj201.xyz
mj201.xyz
3 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2245
35 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1482
493 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 683
304 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3919
173 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 4189
550 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1432
712 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 916
542 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1377
55 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15970
590 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2184
628 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 22847
440 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 946
470 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3901
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3578
904 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1556
398 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3302
309 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 207
265 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 688
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2002
17 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 12179
96 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1057
356 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5622
163 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 903
13 KB
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6584
1 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 7069
402 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1470
166 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 825
165 B
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 26416
547 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3209
145 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1047
694 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 22538
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
43 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 400299
852 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 39976
150 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 959
30 KB
0 smilewanted.com Failed
prebid.smilewanted.com Failed
346 78
Domain Requested by
24 static.criteo.net cdn.adapex.io
securepubads.g.doubleclick.net
static.criteo.net
ads.eu.criteo.com
24 c2shb.pubgw.yahoo.com cdn.adapex.io
22 img-s-msn-com.akamaized.net simcast.com
20 cm.g.doubleclick.net 1 redirects 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
19 pix.eu.criteo.net ads.eu.criteo.com
17 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
16 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
mj201.xyz
www.googletagservices.com
14 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
simcast.com
11 simcast.com mj201.xyz
simcast.com
code.jquery.com
8 btlr.sharethrough.com cdn.adapex.io
8 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
mj201.xyz
7 s2l.sendtonews.com embed.sendtonews.com
6 x.bidswitch.net 6 redirects
5 csm.eu.criteo.net ads.eu.criteo.com
5 pixel.rubiconproject.com 2 redirects simcast.com
5 id5-sync.com cdn.adapex.io
cdn.id5-sync.com
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
5 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.com tpc.googlesyndication.com
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
5 match.adsrvr.org js-sec.indexww.com
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
simcast.com
4 b1sync.zemanta.com 4 redirects
4 image6.pubmatic.com 4 redirects
4 www.googletagservices.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 timber.sendtonews.com embed.sendtonews.com
4 onetag-sys.com 1 redirects cdn.adapex.io
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
4 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
3 aax-eu.amazon-adsystem.com 2 redirects simcast.com
3 token.rubiconproject.com eus.rubiconproject.com
simcast.com
3 secure-gl.imrworldwide.com ads.eu.criteo.com
3 cat.nl.eu.criteo.com ads.eu.criteo.com
3 cc.adingo.jp 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
3 ads.eu.criteo.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
3 mug.criteo.com
3 fonts.gstatic.com fonts.googleapis.com
3 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
3 fonts.googleapis.com embed.sendtonews.com
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
3 embed.sendtonews.com simcast.com
mj201.xyz
embed.sendtonews.com
2 pool.admedo.com 2 redirects
2 sync.adotmob.com 2 redirects
2 dsum.casalemedia.com 2 redirects
2 sync.1rx.io 2 redirects
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 dsp.adkernel.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 ads.avct.cloud 2 redirects
2 sync.inmobi.com 2 redirects
2 rtb.fr.eu.criteo.com mj201.xyz
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 ib.adnxs.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
2 adservice.google.de pagead2.googlesyndication.com
imasdk.googleapis.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 mj201.xyz mj201.xyz
1 rtb.adentifi.com simcast.com
1 sync.ipredictive.com 1 redirects
1 dsum-sec.casalemedia.com
1 us-u.openx.net
1 tr.blismedia.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
1 match.adsby.bidtheatre.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 cs.emxdgt.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 ads.avads.net 1 redirects
1 match.sharethrough.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 s.tribalfusion.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 www.gstatic.com 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com mj201.xyz
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 lb.eu-1-id5-sync.com cdn.adapex.io
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 sb.scorecardresearch.com simcast.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 secure.cdn.fastclick.net mj201.xyz
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 s0.2mdn.net imasdk.googleapis.com
1 api.rlcdn.com js-sec.indexww.com
cdn.adapex.io
1 id.sv.rkdms.com js-sec.indexww.com
1 d15kdpgjg3unno.cloudfront.net embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 prebid.media.net cdn.adapex.io
1 ghb.adtelligent.com cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 ad.360yield.com cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 bidder.criteo.com cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 at.teads.tv a.teads.tv
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 prebid.smilewanted.com Failed cdn.adapex.io
346 118

This site contains links to these domains. Also see Links.

Domain
namesilo.com
Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-10-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-06 -
2023-06-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
securedvisit.com
Amazon		 2022-10-29 -
2023-11-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh

This page contains 22 frames:

Primary Page: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Frame ID: E29ADC9006A1D8A00F365F94B32A8305
Requests: 162 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 3279FD3020F1F0FF9A1CCEB56E354D53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1667852414&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667852414709&bpp=2&bdt=629&idt=158&shv=r20221101&mjsv=m202210270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6305049293299&frm=20&pv=2&ga_vid=1205011640.1667852415&ga_sid=1667852415&ga_hid=2079174110&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C44774649%2C42531706%2C44773614%2C31070616%2C44775017%2C31060048%2C31069794&oid=2&pvsid=23293085410307&tmod=2007339912&uas=0&nvt=1&ref=http%3A%2F%2Fmj201.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 30C599F310A4F827FA3E59DC6F9AAF51
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 065E71E0EC3A02F3C1D5D14C929BFC3D
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Frame ID: 2EF5B08A3365283F9DA7EAE56765FC76
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB70148E99021EDF3A1EB092471FDD74
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8DBA475297DEEF3E57386274FD3FD83
Requests: 2 HTTP requests in this frame

Frame: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: F508571CCE3731D8D834D7DE74C33C12
Requests: 1 HTTP requests in this frame

Frame: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 0731DFC4027170BC8A58622BCF6995A6
Requests: 10 HTTP requests in this frame

Frame: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 2828A52A0198527EA008EA3C3B2ABC4C
Requests: 9 HTTP requests in this frame

Frame: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: C11C14FAD8DA27141CEFB62D898302A0
Requests: 10 HTTP requests in this frame

Frame: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 30D932A8769BD78CC3ADA9645B2C09F5
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simcast.com
Frame ID: 69D186CD8F737C0B28A980CBC3A412F9
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: F9D806DAF4F6AE74308CBB22851C0D31
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2187D3D7BF843A4A6978DAC2619E8A71
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 8E09EA570AD6F3F1838C4E81F9DE5B18
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38638FA830F6ED10684C0353D59C88C1
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 4695472A769EF97AF1DE6288C80D30A9
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B066159A4391BC4F87DC46DBAECCC0F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5416C4DD2E3416B7A29F5124C6AC1D47
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 5BC361B5B48FF277041EC201E36F322D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B98814FC5ED3F68203E81591AE96FD45
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://mj201.xyz/ Page URL
  2. http://mj201.xyz/page/bouncy.php?&bpae=GbhOt6cGY0179bvvxYDfKdknofuOwLd56OzBNwHD06xybycl2K1qY%... Page URL
  3. https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

346
Requests

90 %
HTTPS

33 %
IPv6

78
Domains

118
Subdomains

93
IPs

11
Countries

4584 kB
Transfer

8997 kB
Size

61
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mj201.xyz/ Page URL
  2. http://mj201.xyz/page/bouncy.php?&bpae=GbhOt6cGY0179bvvxYDfKdknofuOwLd56OzBNwHD06xybycl2K1qY%2BMr3rqvhaAb0Cn6aQSrqyni6LQ8rx9eD0LqdUl1tJHTrrs%2FOlJCfUgmUx8FPvWjYRNZoNnXIgavBO6%2FDx%2FyKc0HSMjPFHNDL8fNDMoTLJ%2F13qyyeFryYm9G3fqWZAlqgPHdaHvB92X65hokLQv5NzgcrkA7qzVoYDvCkbYsj3X3AJGtge5K%2FlueBA46QHJLvdlSPM2QapLHP3GlfpEKF4KMfa%2FItDBZW%2FWkHh1hEOGZuZ%2F3%2BOj07RDuNFp7EqqA8cuJ%2Byq8d%2BhhJXfaVRuB%2BaBTUIpFMNI1iT3ogggBKYuAMzftVfbbfympDe1KRFH%2FWQzbnOuzwaEfH7WzL6veQ54q1beoeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 177
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=D24oBXx3ZTFpeGE3UnpGanY4d1psK2FmNHY2QlFLWDN1NWlnbWE3T2lqVUtrMXBoajhDS1daVDlHMysrOHJMRDQrbHBaM0ZZdmZDNThTZVRlWDd6RDd1UTVJME03YnhlQnpTbE9mcG9YeklDN2dIdXlWaE5qSVFOdUpyTzhEbW5peW0xOUpqQUd0MU9IZG9HR3ArcnEyb1BhekZiQ09iT2szeTR6ZC9ON1VGdEMxYUpodlkzK2NkSzN5cFY5OWxERkdvQng0RUF4NWVpS3RqL2Q5TklGQkF3ZmVieWV5T3Arbm81TFppUHVBYmJjamVNPXw&cppv=2
Request Chain 238
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simcast.com&sn=ChromeSyncframe&so=3&topUrl=simcast.com&bundle=j_sFql9wJTJGcVU1Vk5yMm9MbU5UNWduOVR0aE5nUmdBejZGeGMxSDZ0Y1RadXhrczJselVaUmlLaU1SS3B2SWpuVlZtRXolMkJUTm9YUWRjdE9DeFRVSkdYRWZPeEpQWDFqTWVxRm8lMkZkcHBhVFljOSUyQm1OOVBta05KVHJzMEJQUXZTN0JrJTJCT2o&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=CDh8GHxPOXg3S2JCeUZkR08wSTFNSllKdlZCc090TFE1dWxPblRLTmJKTmNGK1QzUGRha1MyZE1pVFgzaGhRRXE1U0lNd2ticDRkVzVHUUNyNm0xckduY0FuOGU4SUVTU2R5LzgxSXEwYVNCUkFOUndTSXVzRjhTWHVMZFRhdDI1N2lBQVRSKys0YXhaRGU5djVFNWZJWDlYMUhCemlwZ1NvSFBRVWpwYVlmY2xZSEtBUmRRYUd6QWJjQ0l1UkV1UjhiWnRiNnpYVGZLMHBWeE9sekNxajRYeWdOZGZSQWFKMXozZVNyZzhyM0lqRVIwNS8rT2preTNtWmwxWHF6dTJDekJyZUhNNVpFd0dSRElEbC9sS2Y0RVJiTFI5Qy9YSkh2UGlTWXgzZHNmeVlPST18&cppv=2
Request Chain 240
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENCyp4nJveNuyhWYn3Fb07s&google_cver=1&google_push=ASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENCyp4nJveNuyhWYn3Fb07s&google_cver=1&google_push=ASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 241
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENLTw4tjhc5rckX1FFZd1WQ&google_cver=1&google_push=ASkJ3FaZ9MU3dJRmnl2PJO3Tl5g9DkthFsS6_EeB6Od6BJ_DLIKuvXYkXX-RP5lv9FD0qpLbgg-f_mS0IRC_6D2PRY5QhwO4FgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaZ9MU3dJRmnl2PJO3Tl5g9DkthFsS6_EeB6Od6BJ_DLIKuvXYkXX-RP5lv9FD0qpLbgg-f_mS0IRC_6D2PRY5QhwO4FgQ&google_hm=ZzMwZGY4MDI3Mjg2MzZmZjEzNmY=
Request Chain 242
  • https://cs.media.net/cksync?type=g&google_gid=CAESED7gRwnYZFCe-sV9P5j85bI&google_cver=1&google_push=ASkJ3FZRJSzDS2OALi1lmln59XYCkSVN0I32pAY-QPbIOh_CQFJ0uaTsTqvNzoGRgaqfrtZZgudq_ZQoxzlafqEwibkGUIeL-2Xb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&mn_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZRJSzDS2OALi1lmln59XYCkSVN0I32pAY-QPbIOh_CQFJ0uaTsTqvNzoGRgaqfrtZZgudq_ZQoxzlafqEwibkGUIeL-2Xb&gdpr=&gdpr_consent=
Request Chain 245
  • https://ads.avads.net/sync/ggl?google_gid=CAESEABipUlx366Zqi9iEuV0QAo&google_cver=1&google_push=ASkJ3Fb1ANWuwzYm8gR1D6qQOI2L_6JZEH8Joz28yqnMIaXPwzj4yVZsemF7t9lqSz7gwOXCf32hPXCw1K6YMo0L4Xl6z9csDLI85Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGFiNDlmY2EtNDFkYy00NGY5LTk5NzItMTc1MTYwNjBhMWU5&google_push=ASkJ3Fb1ANWuwzYm8gR1D6qQOI2L_6JZEH8Joz28yqnMIaXPwzj4yVZsemF7t9lqSz7gwOXCf32hPXCw1K6YMo0L4Xl6z9csDLI85Q
Request Chain 246
  • https://sync.inmobi.com/gob?google_gid=CAESEDLkgvessFW-E1BCcP7Rgz4&google_cver=1&google_push=ASkJ3FZ5D6f4X7THqDmazdvz2IR9zhouDckFDdKqwr0X2UaGWucuZWQ4-BdbXMAvuBOBkVM-a3fYkMkW5EQ_EcgFFt94UglT6G9mUA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZ5D6f4X7THqDmazdvz2IR9zhouDckFDdKqwr0X2UaGWucuZWQ4-BdbXMAvuBOBkVM-a3fYkMkW5EQ_EcgFFt94UglT6G9mUA
Request Chain 248
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEORaXU1m8bPNbbWEiRF2OX4&google_cver=1&google_push=ASkJ3FbeuCG4416kbRVSa-0dgucNrOm-1QTupzUh2EjMAMiLjvMitRnDTSh3lsP8hHrAs6IpfTAORTg8RXXN3mtL95ZhHfwVnxq8w8SFMgzCaHO5mF-gQM8lBXSRwIXTfFV6tizaTZdrReGI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzM3MTU4NTU4Mzk3MDQ1Nw%3D%3D&google_push=ASkJ3FbeuCG4416kbRVSa-0dgucNrOm-1QTupzUh2EjMAMiLjvMitRnDTSh3lsP8hHrAs6IpfTAORTg8RXXN3mtL95ZhHfwVnxq8w8SFMgzCaHO5mF-gQM8lBXSRwIXTfFV6tizaTZdrReGI
Request Chain 249
  • https://a.c.appier.net/gcm?google_gid=CAESEEmUiffPmdqb220G05Fi94Y&google_cver=1&google_push=ASkJ3Fa2thRstFJmdfJN80SwwpmcH1KeVOiU-BO51JpLQgkDiubrJKWOuGcZcM6SLdfKGW-MGcCrwk9_odgxI4OlJsEMgRe1LoWGEJiM17zg2RFIqOytjvt63lmzPHpfPWckQWsArp2lx6Lw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bmkxeEJMSUFEWEMwWUJiaWdXaHBZdw%3D%3D&google_push=ASkJ3Fa2thRstFJmdfJN80SwwpmcH1KeVOiU-BO51JpLQgkDiubrJKWOuGcZcM6SLdfKGW-MGcCrwk9_odgxI4OlJsEMgRe1LoWGEJiM17zg2RFIqOytjvt63lmzPHpfPWckQWsArp2lx6Lw
Request Chain 250
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELves4H3O2N3a5EvKoAXiJQ&google_cver=1&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6vEmIQZcGXu8oFNgaNvZ5j_gppCOCng13iwz_CSoPK-oUPMSvLyax HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELves4H3O2N3a5EvKoAXiJQ&google_cver=1&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6vEmIQZcGXu8oFNgaNvZ5j_gppCOCng13iwz_CSoPK-oUPMSvLyax HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9ec557c1-cac4-47be-92dc-1c7e7eed1eca&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6vEmIQZcGXu8oFNgaNvZ5j_gppCOCng13iwz_CSoPK-oUPMSvLyax&google_hm=YBCgfruETjSEXiFDHF_kLw==
Request Chain 251
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF425iL4ZSJoAMkA4PwEdgw&google_cver=1&google_push=ASkJ3Fbz1kOPP3EssX_uYmxgz0-dz3Ct55Oe4ZyxGPr0OybS72Qxz8ck1ng3N2vTYNsVWqc4pnzmf7EhDrMMeK6hCCDwobWBitfxKJhbvcf5skW8fwxrYaf0uNi8QwVhuw7MASUiR2BrVWlh HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF425iL4ZSJoAMkA4PwEdgw&google_cver=1&google_push=ASkJ3Fbz1kOPP3EssX_uYmxgz0-dz3Ct55Oe4ZyxGPr0OybS72Qxz8ck1ng3N2vTYNsVWqc4pnzmf7EhDrMMeK6hCCDwobWBitfxKJhbvcf5skW8fwxrYaf0uNi8QwVhuw7MASUiR2BrVWlh&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fbz1kOPP3EssX_uYmxgz0-dz3Ct55Oe4ZyxGPr0OybS72Qxz8ck1ng3N2vTYNsVWqc4pnzmf7EhDrMMeK6hCCDwobWBitfxKJhbvcf5skW8fwxrYaf0uNi8QwVhuw7MASUiR2BrVWlh
Request Chain 252
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPPooUU0zV3NeLxKVJru14c&google_cver=1&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18I7Cw-FBrkBtIN7I98tcqW3e_bx3LBqZDxG27BLQtiuL7c HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18I7Cw-FBrkBtIN7I98tcqW3e_bx3LBqZDxG27BLQtiuL7c&google_gid=CAESEPPooUU0zV3NeLxKVJru14c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjgzNzk0OTIzNjY4NDE3NTU5NTc5&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18I7Cw-FBrkBtIN7I98tcqW3e_bx3LBqZDxG27BLQtiuL7c
Request Chain 256
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENICDaabluQzexsbjuvPOv8&google_cver=1&google_push=ASkJ3FZ5KPSA0ME_6GAz9SCBYxAtb4j16uTTYKIgMJ85GiQDM8_6huK4D69GQY2u038iIDOx_gZ4BDDuicrmyIncjXHpmRMqVaI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENICDaabluQzexsbjuvPOv8&google_push=ASkJ3FZ5KPSA0ME_6GAz9SCBYxAtb4j16uTTYKIgMJ85GiQDM8_6huK4D69GQY2u038iIDOx_gZ4BDDuicrmyIncjXHpmRMqVaI
Request Chain 257
  • https://um.simpli.fi/gp_match?google_gid=CAESEF3MTfjHmhfx7hnflehG-_E&google_cver=1&google_push=ASkJ3FZDIR2y2zgP0kK-sSH_kAuMuKrvelYhBUKcD-pBAOlboJ4Jemxfx7-KKooQWAgNLX64CrPltRuEOB3piSXC-unUfgsgMtUA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=277A72B4EF4540EABB197973C60BF197&google_push=ASkJ3FZDIR2y2zgP0kK-sSH_kAuMuKrvelYhBUKcD-pBAOlboJ4Jemxfx7-KKooQWAgNLX64CrPltRuEOB3piSXC-unUfgsgMtUA
Request Chain 259
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPjzh4CAp0ncsXnmXTNc2CA&google_cver=1&google_push=ASkJ3FbyxgN3rrTGtCMQMMdHDZ9Lya1XkKQRf4FtWRijb56bogJjCuo813NkewbDRibcxEtnZfHKa4tsXgKenbT1-btwzqPTC9Vw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ASkJ3FbyxgN3rrTGtCMQMMdHDZ9Lya1XkKQRf4FtWRijb56bogJjCuo813NkewbDRibcxEtnZfHKa4tsXgKenbT1-btwzqPTC9Vw
Request Chain 261
  • https://sync.inmobi.com/gob?google_gid=CAESEDLkgvessFW-E1BCcP7Rgz4&google_cver=1&google_push=ASkJ3FYOfUubSygzkfvHK0gFlTK7XHMmPbPGtpfYsQOzyBS7bgNsh5ECiCv_4n6119-_qyBo1KLD6a1kqFp5xtH-nV_NhQYj4WmE_g HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FYOfUubSygzkfvHK0gFlTK7XHMmPbPGtpfYsQOzyBS7bgNsh5ECiCv_4n6119-_qyBo1KLD6a1kqFp5xtH-nV_NhQYj4WmE_g
Request Chain 262
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_cver=1&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_ujHJNgF18hhde4MzM3ZE39On HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_ujHJNgF18hhde4MzM3ZE39On&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_ujHJNgF18hhde4MzM3ZE39On&google_hm=d1FKZWdzc0F2SmN4ZHhhY005R0U=
Request Chain 270
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF425iL4ZSJoAMkA4PwEdgw&google_cver=1&google_push=ASkJ3FZ-Rhd0LEOtf_szsv_3-Ps43atONdCR60As956VdXN2gW1ojOiRimmXEz0hHO8ezpcrxkvZdxb8kbZs5hje_euEKWHqh2gecg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF425iL4ZSJoAMkA4PwEdgw&google_cver=1&google_push=ASkJ3FZ-Rhd0LEOtf_szsv_3-Ps43atONdCR60As956VdXN2gW1ojOiRimmXEz0hHO8ezpcrxkvZdxb8kbZs5hje_euEKWHqh2gecg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ-Rhd0LEOtf_szsv_3-Ps43atONdCR60As956VdXN2gW1ojOiRimmXEz0hHO8ezpcrxkvZdxb8kbZs5hje_euEKWHqh2gecg
Request Chain 271
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKXgHhpt4PUEAdKGypQFSuA&google_cver=1&google_push=ASkJ3Fa7tIoX9Obvsf16aLuBQbatbsje_Xne3CNU5duRFZpg8k6lRxwJSyFfC63SUoD4YXlt0E_eyLVE7TC9vTtbZ5f4jfS_NqialA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE3ODlMUEEtMjQtMUtHTw==&google_push=ASkJ3Fa7tIoX9Obvsf16aLuBQbatbsje_Xne3CNU5duRFZpg8k6lRxwJSyFfC63SUoD4YXlt0E_eyLVE7TC9vTtbZ5f4jfS_NqialA
Request Chain 274
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJgOGNQw-IoEpXv6W7e1LfI&google_cver=1&google_push=ASkJ3FZeJmnuxjt0lxoDHUkQrcH5GIQKklVWcKd2oXxEjzq0I2KG_bdDTBFoyAuwwFY9Gc52UZNhzQwTUAOVZdzGklJ004HyqA2ANg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZeJmnuxjt0lxoDHUkQrcH5GIQKklVWcKd2oXxEjzq0I2KG_bdDTBFoyAuwwFY9Gc52UZNhzQwTUAOVZdzGklJ004HyqA2ANg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 275
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_cver=1&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5sNKvwA_twBZmpuYZzmWHSVO-Vnc HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5sNKvwA_twBZmpuYZzmWHSVO-Vnc&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5sNKvwA_twBZmpuYZzmWHSVO-Vnc&google_hm=d1FKZWdzc0F2SmN4ZHhhY005R0U=
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=&gdpr_consent=
Request Chain 339
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1667852419407 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7658201123
Request Chain 340
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0858220403190b51880f5d1d&expiration=[EXPIRATION]&gdpr=0
Request Chain 341
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3HoduOgkQeGAXByAMl0Rsg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3HoduOgkQeGAXByAMl0Rsg
Request Chain 345
  • https://sync.adotmob.com/cookie/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
Request Chain 346
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=10caffe3-fe32-4cc6-b5b7-5fa2c1ff9ca4&expires=30
Request Chain 348
  • https://x.bidswitch.net/sync?ssp=rubicon HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=6010a07e-bb84-4e34-845e-21431c5fe42f HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=6010a07e-bb84-4e34-845e-21431c5fe42f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=21c9831b-1d46-403d-a37d-35f817d18116&user_group=1&ssp=rubicon&bsw_param=6010a07e-bb84-4e34-845e-21431c5fe42f HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=6010a07e-bb84-4e34-845e-21431c5fe42f&expires=30

346 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mj201.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mj201.xyz/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 20:20:13 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
mj201.xyz/page/ 		685 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mj201.xyz/page/bouncy.php?&bpae=GbhOt6cGY0179bvvxYDfKdknofuOwLd56OzBNwHD06xybycl2K1qY%2BMr3rqvhaAb0Cn6aQSrqyni6LQ8rx9eD0LqdUl1tJHTrrs%2FOlJCfUgmUx8FPvWjYRNZoNnXIgavBO6%2FDx%2FyKc0HSMjPFHNDL8fNDMoTLJ%2F13qyyeFryYm9G3fqWZAlqgPHdaHvB92X65hokLQv5NzgcrkA7qzVoYDvCkbYsj3X3AJGtge5K%2FlueBA46QHJLvdlSPM2QapLHP3GlfpEKF4KMfa%2FItDBZW%2FWkHh1hEOGZuZ%2F3%2BOj07RDuNFp7EqqA8cuJ%2Byq8d%2BhhJXfaVRuB%2BaBTUIpFMNI1iT3ogggBKYuAMzftVfbbfympDe1KRFH%2FWQzbnOuzwaEfH7WzL6veQ54q1beoeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://mj201.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 20:20:13 GMT
Keep-Alive
timeout=5, max=99
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		38 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/page/bouncy.php?&bpae=GbhOt6cGY0179bvvxYDfKdknofuOwLd56OzBNwHD06xybycl2K1qY%2BMr3rqvhaAb0Cn6aQSrqyni6LQ8rx9eD0LqdUl1tJHTrrs%2FOlJCfUgmUx8FPvWjYRNZoNnXIgavBO6%2FDx%2FyKc0HSMjPFHNDL8fNDMoTLJ%2F13qyyeFryYm9G3fqWZAlqgPHdaHvB92X65hokLQv5NzgcrkA7qzVoYDvCkbYsj3X3AJGtge5K%2FlueBA46QHJLvdlSPM2QapLHP3GlfpEKF4KMfa%2FItDBZW%2FWkHh1hEOGZuZ%2F3%2BOj07RDuNFp7EqqA8cuJ%2Byq8d%2BhhJXfaVRuB%2BaBTUIpFMNI1iT3ogggBKYuAMzftVfbbfympDe1KRFH%2FWQzbnOuzwaEfH7WzL6veQ54q1beoeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
baf52a7b535a94319154306eeacd83e6fb1ee60257abcc608214a025d871e8bd

Request headers

Referer
http://mj201.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
7102
content-type
text/html; charset=UTF-8
date
Mon, 07 Nov 2022 20:20:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1667852414.dop145.fr8.t,1667852414.cds157.fr8.hn,1667852414.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
application/javascript
connection
Upgrade
accept-ranges
bytes
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		531 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4710d2d86157e62fa6527c9a689b0130c0798dd3e163cb993ffd90af9e42ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10793
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 07 Nov 2022 17:19:23 GMT
server
cloudflare
etag
W/"63693e1b-84c10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGUkwXFVvS5lqdfArVATiaA%2FcS3pl1iZhw%2F5Uej3a%2BgbMHtHg1amaMcKs5JACreyUUVjR1uGjD%2BhgUJYDgXK7VWGBzyDmNemQ0VcQMMnRsAtzSCYOUPdcCWHT4V2m9F0%2F7ygjkwd0cyLDLut"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
7668c4b44bf3694f-FRA
expires
Tue, 08 Nov 2022 17:20:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		169 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
637fc3c7b23162358e279e79d8d8ec83d930d1b163d14fd54d0c8e766e92b73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55407
x-xss-protection
0
server
cafe
etag
9687172972291017584
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 20:20:14 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		567 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=mj201.xyz
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:92ff:fe2d:3e71 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
2669e60bc4f9e28e101746299ad1d5ec2513c1e342b45981a9d520decd00484e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:20:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1654376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRrpjcCVoHleraR2sBnWmt08Ep7WedGFZcGv%2FjpI4xhyQ2glkbV6BPGPWp09CNHnV1cgZ7uaS2bW%2FY67LzFJ77fhyT3fpFmrOO%2BjFiN6rQwrH4U0upYwDG%2BM19hDOq%2FYglqtHGjC50BV2VYy5njZl9O%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668c4b6e90f91e7-FRA
expires
Sat, 28 Oct 2023 20:20:14 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4656410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8mRxHZQrGuPb%2Bedqm4cv1GEl5zMJnWynjTRPbWSbMfgyRgg9Cv88T7sDGoDAIJ0CEX9IXv55tbbtRlEI1UeKj%2B3tBQQokwzq8ePc7z%2BnOfBGhcNtgAIPxAi3iEPCmLqtjbnoHYuiTE3OAz%2FP2i78ZAR"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668c4b7095891e7-FRA
expires
Sat, 28 Oct 2023 20:20:14 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
352
embedcode.js
embed.sendtonews.com/player3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-42.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d8c392f8bc86d949f9eb29f44503d225b3914fde5d46fd43f8369af0f0e41295

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3101
expires
Mon, 07 Nov 2022 21:20:14 GMT
AA13mftb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13mftb.img?h=100&w=100&x=600&y=337.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
76a46ce3b818b8bba4380adb639cd88d51c32e86e53b29482c2f8a00649f9171
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 13:57:09 GMT
x-resizerversion
1.0
x-source-length
125064
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=408990
x-activityid
ea980a12-b5b8-4b08-987c-0a5d1cbffe01
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13mftb?h=100&w=100&x=600&y=337.5&m=5
timing-allow-origin
*
content-length
4037
expires
Sat, 12 Nov 2022 13:56:44 GMT
AA10Ozqi.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA10Ozqi.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0aedac10cb6f36176a2974f3b29a0bd8fbc032d213beea4c9052a129dd0685f2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Fri, 07 Oct 2022 08:20:40 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
18098
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=43323
x-activityid
5c873aca-badb-437a-86ff-b1a4ec819d49
content-location
https://img.s-msn.com/tenant/amp/entityid/AA10Ozqi
timing-allow-origin
*
content-length
18098
expires
Tue, 08 Nov 2022 08:22:17 GMT
AA13QkwA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13QkwA.img?h=100&w=100&x=339&y=351&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e2f0f53ed81ca4b4e032b568e8630bd54c94f5fc3cd75de61c731c2a7716c6a8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 19:41:33 GMT
x-resizerversion
1.0
x-source-length
283136
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429636
x-activityid
9fe25d34-3691-415c-9680-ab146bb1a75f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13QkwA?h=100&w=100&x=339&y=351&m=5
timing-allow-origin
*
content-length
3360
expires
Sat, 12 Nov 2022 19:40:50 GMT
AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		417 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 03:27:06 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
417
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=371177
x-activityid
1ca282a6-717d-490d-8c2d-29efe9af26cc
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length
417
expires
Sat, 12 Nov 2022 03:26:31 GMT
AA13hXo8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13hXo8.img?h=100&w=100&x=2103&y=1402&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ab6132d9085c4aa9c2f9d468f79c6992a7b5e20c860a9dfc7b9f14c5bb8ac0b3
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 18:46:39 GMT
x-resizerversion
1.0
x-source-length
2594153
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426380
x-activityid
a5638030-b7a1-4f44-8749-0c6d542a8a9f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13hXo8?h=100&w=100&x=2103&y=1402&m=5
timing-allow-origin
*
content-length
5075
expires
Sat, 12 Nov 2022 18:46:34 GMT
AAPwesU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPwesU.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94ae96a533fa880623827ca98a2fb20714f235d48b39f2900697b85d490b139f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Fri, 04 Nov 2022 03:27:51 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
2497
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=112089
x-activityid
0a56250b-a32d-42ef-bfba-ed5101f142e2
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPwesU
content-length
2497
expires
Wed, 09 Nov 2022 03:28:23 GMT
2.jpg
simcast.com/images/clipart/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/2.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Thu, 09 Dec 2021 00:11:41 GMT
server
Apache/2.4.38 (Debian)
etag
"23c5-5d2ab73682940"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
9157
AA13Onqy.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Onqy.img?h=100&w=100&x=960&y=676.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87744b9137b297c54f0ad2dbfd9b7b1cafee7a147a327bb28287052ee59c9bbe
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 07:03:14 GMT
x-resizerversion
1.0
x-source-length
73909
x-datacenter
eastap
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=384083
x-activityid
c221d63c-e6ca-4346-9693-34b02318fc86
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13Onqy?h=100&w=100&x=960&y=676.5&m=5
timing-allow-origin
*
content-length
3302
expires
Sat, 12 Nov 2022 07:01:37 GMT
AAm2UN1.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		313 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAm2UN1.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cdfb74bcd49b10dbb2a18f5ba627cbcfc27b3e5d7b6e6391abccb1accc69399d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 31 Oct 2022 07:28:50 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
313
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=169655
x-activityid
bc4b804f-4c13-455d-8f03-bf08a085a80b
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAm2UN1
content-length
313
expires
Wed, 09 Nov 2022 19:27:49 GMT
AA13PMnY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13PMnY.img?h=500&w=1000&x=314&y=278&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a58c070ee1966df1b427dc551883587e4dee3525d727121412e816c734a892a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 16:11:30 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
61782
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=417134
x-activityid
147037dc-a531-44bf-80f1-d7b78be089fd
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13PMnY?h=500&w=1000&x=314&y=278&m=2
timing-allow-origin
*
content-length
43241
expires
Sat, 12 Nov 2022 16:12:28 GMT
AA13QkwA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13QkwA.img?h=70&w=95&x=339&y=351&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7c83ecce660044516c704cda6c1adb24f1b4792b69679c29b481650d62ffbb82
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 19:53:00 GMT
x-resizerversion
1.0
x-source-length
283136
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430320
x-activityid
2a2797aa-be35-4780-8285-8166e5744905
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13QkwA?h=70&w=95&x=339&y=351&m=5
timing-allow-origin
*
content-length
2630
expires
Sat, 12 Nov 2022 19:52:14 GMT
AA13mftb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13mftb.img?h=70&w=95&x=600&y=337.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
830dcecaa61dd0303ffec5e884a80cea59152271bcb3179ca1ea93b91f45aaad
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 13:56:29 GMT
x-resizerversion
1.0
x-source-length
125064
x-datacenter
northeu
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=408983
x-activityid
3e480ea6-3365-4b24-a2fa-d5a24e222f62
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13mftb?h=70&w=95&x=600&y=337.5&m=5
timing-allow-origin
*
content-length
3090
expires
Sat, 12 Nov 2022 13:56:37 GMT
AA13Prno.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Prno.img?h=70&w=95&x=661&y=335&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b944904280f7d4a8b434220ad22547c123e72c98fa78ea2b0ffa5e59d9c3fd9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 14:25:21 GMT
x-resizerversion
1.0
x-source-length
215491
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=410672
x-activityid
5c492a2c-66ce-40ab-9d3d-65a6b89db07f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13Prno?h=70&w=95&x=661&y=335&m=5
timing-allow-origin
*
content-length
3427
expires
Sat, 12 Nov 2022 14:24:46 GMT
AA13PJZT.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13PJZT.img?h=70&w=95&x=601&y=243&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e13bddb4c9b1b4be546d52e5418251ffc6dc9f1f26b49fc6b4aed5ca7adadee9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 15:04:27 GMT
x-resizerversion
1.0
x-source-length
250797
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=413073
x-activityid
a187f219-7794-407e-92d1-08a4cc49cc1f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13PJZT?h=70&w=95&x=601&y=243&m=5
timing-allow-origin
*
content-length
2450
expires
Sat, 12 Nov 2022 15:04:47 GMT
BBZbaoj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		351 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Fri, 07 Oct 2022 03:21:31 GMT
x-resizerversion
1.0
x-source-length
351
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=414462
x-activityid
8bface9b-f642-406c-bce0-9bfb43a2f218
content-location
https://img.s-msn.com/tenant/amp/entityid/BBZbaoj
timing-allow-origin
*
content-length
351
expires
Sat, 12 Nov 2022 15:27:56 GMT
AA13PNPt.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13PNPt.img?h=70&w=95&x=400&y=266.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1557f447ef6ad45b6dfa532a19cf1be8ac95b37f6617dd5ed6b73d6ca81519d8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 17:32:11 GMT
x-resizerversion
1.0
x-source-length
42323
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421951
x-activityid
d49dfc58-e5d7-40e8-a0b9-be14014923d8
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13PNPt?h=70&w=95&x=400&y=266.5&m=5
timing-allow-origin
*
content-length
2279
expires
Sat, 12 Nov 2022 17:32:45 GMT
BB10ea2p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10ea2p.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Wed, 26 Oct 2022 20:37:38 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
1105
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=174444
x-activityid
11e65e1b-235b-4529-b7cf-81a60134471e
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/BB10ea2p
content-length
1105
expires
Wed, 09 Nov 2022 20:47:38 GMT
AA13Onqy.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Onqy.img?h=70&w=95&x=960&y=676.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0af68c6af8a6b0c2d1a3c16f34059673c7282d8fcc50129771cf9b47d165a9eb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 06:58:34 GMT
x-resizerversion
1.0
x-source-length
73909
x-datacenter
eastap
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=383873
x-activityid
545a7168-8102-4af2-bced-d1835871eb19
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13Onqy?h=70&w=95&x=960&y=676.5&m=5
timing-allow-origin
*
content-length
2162
expires
Sat, 12 Nov 2022 06:58:07 GMT
AA13hXo8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13hXo8.img?h=70&w=95&x=2103&y=1402&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0f9b3a6d3b1999740de9a3e05650e8ca6f8912057b8cb16f7d6ec1c0bf27989b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 18:41:48 GMT
x-resizerversion
1.0
x-source-length
2594153
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425996
x-activityid
e67e61ef-ea6c-40df-a035-07f02a096b83
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13hXo8?h=70&w=95&x=2103&y=1402&m=5
timing-allow-origin
*
content-length
3691
expires
Sat, 12 Nov 2022 18:40:10 GMT
AA13Q1EZ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13Q1EZ.img?h=70&w=95&x=547&y=187&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f61d1cb7a8e321842851a29cb5f9f9ce7da00c1c273dfe8fc6c9976a672cf17e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 16:41:51 GMT
x-resizerversion
1.0
x-source-length
186182
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=418808
x-activityid
b32b5f5c-cc88-4e20-bee7-55a6bb1b8442
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13Q1EZ?h=70&w=95&x=547&y=187&m=5
timing-allow-origin
*
content-length
2617
expires
Sat, 12 Nov 2022 16:40:22 GMT
AA13QkZh.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13QkZh.img?h=70&w=95&x=470&y=264.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c99498ba7bcd24d53bfbc6f62212c7d74762b60950ab40c6fc59194d04a479bb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 20:00:26 GMT
x-resizerversion
1.0
x-source-length
85012
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430831
x-activityid
1584f9ca-3911-4276-a1b6-f9c18849b3c0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13QkZh?h=70&w=95&x=470&y=264.5&m=5
timing-allow-origin
*
content-length
3054
expires
Sat, 12 Nov 2022 20:00:45 GMT
AAZ0uHE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAZ0uHE.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f8dbc2d5612573014af1406039e69f1f5fb7762820efe4c0550d700dcbd7da6e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Thu, 03 Nov 2022 14:58:28 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
4485
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=67011
x-activityid
69f62587-0faa-4dff-be32-11711f5f923e
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAZ0uHE
content-length
4485
expires
Tue, 08 Nov 2022 14:57:05 GMT
AA13PMIj.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13PMIj.img?h=300&w=400&x=327&y=184&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
de4588adcf09d44d32f0aba538717ccf6930fe2f01f727a799b8b96eeef5b08a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Mon, 07 Nov 2022 16:15:06 GMT
x-resizerversion
1.0
x-source-length
41428
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=417286
x-activityid
ff550742-d59e-493e-aee0-f88a56cd4527
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13PMIj?h=300&w=400&x=327&y=184&m=2
timing-allow-origin
*
content-length
18747
expires
Sat, 12 Nov 2022 16:15:00 GMT
5.jpg
simcast.com/images/clipart/news/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/5.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
84498164a91e08f53e2ea5e8240452b0871643a928278b94b94f7793ac3ecc9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
last-modified
Thu, 09 Dec 2021 00:11:44 GMT
server
Apache/2.4.38 (Debian)
etag
"2f23-5d2ab7395f000"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
12067
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
351
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1428c8eedcfed0a5fd6f1fafa7cde078aee0462790367adf3106137d73595dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43654
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 19:14:28 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Nov 2022 20:20:14 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Mon, 07 Nov 2022 20:20:14 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		311 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536be96e84e45f99f9a61e23db8898c193b475f5947b4f996e863f50e332a03f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7668c4b708ebbb97-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5bfe8d3f07e7e6bc856b373bed2212ed68374fdf3d62f509920583feeca317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27485
x-xss-protection
0
server
sffe
etag
"1387 / 714 of 1000 / last-modified: 1667822841"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Nov 2022 20:20:14 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
7M143009WAXN3Q25
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=
fpc
at.teads.tv/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:14 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 07 Nov 2022 20:20:14 GMT
pubads_impl_2022110201.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131066
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 08:35:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Nov 2023 19:56:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Mon, 07 Nov 2022 20:20:14 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/ 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11497aed23bafd3a335d0b62bff61942a082871f1fb1ca20ee2af272172c27eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119024
x-xss-protection
0
server
cafe
etag
7769517726042616357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 07 Nov 2022 20:20:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 3279 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 15:29:11 GMT
etag
2424782735605397694
expires
Mon, 21 Nov 2022 15:29:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		389 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caf0393daded642def1c7ab0921675fd4ba1ee0990f1fa6c46fc8d5dc6c7bea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 30C5 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1667852414&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667852414709&bpp=2&bdt=629&idt=158&shv=r20221101&mjsv=m202210270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6305049293299&frm=20&pv=2&ga_vid=1205011640.1667852415&ga_sid=1667852415&ga_hid=2079174110&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877%2C44774649%2C42531706%2C44773614%2C31070616%2C44775017%2C31060048%2C31069794&oid=2&pvsid=23293085410307&tmod=2007339912&uas=0&nvt=1&ref=http%3A%2F%2Fmj201.xyz%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=175
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:14 GMT
expires
Mon, 07 Nov 2022 20:20:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
content-type
font/woff2
connection
Upgrade
accept-ranges
bytes
content-length
75440
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20221028/ 		666 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-42.compute-1.amazonaws.com
Software
Apache /
Resource Hash
87756355c9c06dbff07ca70a57a7d5c7b1764ba03b62d445e5a4e549971359e7

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
last-modified
Fri, 28 Oct 2022 19:38:51 GMT
server
Apache
etag
"a6913-5ec1d684348c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Mon, 07 Nov 2022 21:20:15 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 18:36:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6200
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 07 Nov 2022 20:36:54 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		818 B
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2ab40c5fe2880affbd34359f60731a2b9578e8dbd9357ee5c636c79b40d48f9c

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:15 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.232.0
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=27336803185&lsavail=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://simcast.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bidRequest
in-appadvertising.com/api/ 		55 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=797d2870c6086a6&pubId=30557&sectionId=10399&vers=7.18.0&url=https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
b349eff0567902579e8727caf7a9f73c86689f314009846cb82dea09f6b59faa

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:15 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://simcast.com
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Cache-control
no-cache
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6685e3ed864ede86b9bd555090afb447da7b84753faf9aa61bad2d5a6464f046
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:15 GMT
AN-X-Request-Uuid
3dfa21fd-85fb-4dd4-bcb7-f9aba1d9831d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2285c75cf40bd5176%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fmj201.xyz%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%2233589fe7-a171-45e7-a093-ebd5e94f61ec%22%2C%22divId%22%3A%2233589fe7-a171-45e7-a093-ebd5e94f61ec%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286f0d946e8dc021%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2290574a562648cbc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2294f1c604e5cf3f7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2296c3187298d3215%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cf588cda-f31f-4f24-be28-ec3a7560c8e8%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673331fa28b43839aa9d9c52e519677100d7f8cdd940d3f9171e24d7fccf279d

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwANJI2RNcn8LSSjmCqMqH4XpdqX07wRLa3FsfP70LuVg3xMALc5P1a7YWWrK4zIxhRxFn47HM4EDJiK9ucRdvEiSt4P9LqH%2BylHarKMco9l%2Bbiflzhl8ESEKnVVNal8BpPLWCt4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7668c4ba2a319196-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.203.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-203-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
c
prebid.a-mo.net/a/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Mon, 07 Nov 2022 20:20:14 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
hbjson
grid.bidswitch.net/ 		25 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f052b238ec7aa4a7ef6e5e12101c9388cd5c6006913b71f90d5c17cc7fbb9fc8

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Nov 2022 20:20:15 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
bid
s.seedtag.com/c/hb/ 		11 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
via
1.1 google
server
nginx
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ghb.adtelligent.com/v2/auction/ 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
729d503cfda581195945a1b0510f6d1353013a1b32856a763b90d373aacd71e0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Nov 2022 20:20:15 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
972
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
03ac12ec5262548068212c1454bbf4ed4f047a69bc9ab3e43a41020c37d74d62

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.148.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-148-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dabe4ce7ed2551898ccc81aaef053928382047aa148234c0a7c8247189012ef1

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c2321f73e6bab7bcd053a752ad40f1bfb33ada59f6d23516dcdfec62c6116cd9

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
804dae52483ebec2efb413048fb7e47f32a258fbb671bcbd0699258a97c9f976

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ae4ccf188fe617dc8cf23f94dc2c81750f7a1896ff465c54333c358b19714d16

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6d5c9a8d991f36f692580aac0f32025b291df77c0f8e4fe7a1346b84d6db57fb

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
98c10cf8e11b0684b24dbe35aedaeffa730ce8dbddc2107ed21103b17ce42770

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cfd204e64ee1abf0e661f19fbabf6ea45a62c721a01db32dc3a7bb20d8257130

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d6ab275db17b02fb4b6c0d4f5ea0a6d1f85d204df353285ca5e990e8344d7652

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
67057b11e437aafa4a1cd6b4383a46fa7c10f9765584813337a8610d1468480f

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ee27f14763d43d487a50b9add28fd997856dfbe9dca9855d1c633e1801b677cf

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3710879a6e21dd4ca3ac14bcc643ea05a78ff32fc3128e1f00b5f3dcd160f5e4

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2d4b5265290f07ac5d1eeef2adebfe61856ecfd45a42b67db302c619e5bc0216

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 07 Nov 2022 20:20:15 GMT
server
ATS/9.1.10.25
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2079174110&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fmj201.xyz%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1836003480&gjid=1571164940&cid=1205011640.1667852415&tid=UA-205158314-1&_gid=874475672.1667852415&_r=1&gtm=2oub20&z=19383719
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 20:00:35 GMT
server
cloudflare
age
1023
etag
W/"903b41-9a4f-5ece6e068944a"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7668c4bdcd02bba7-FRA
expires
Tue, 08 Nov 2022 00:20:15 GMT
css
fonts.googleapis.com/ 		3 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 20:20:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 20:20:15 GMT
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 20:20:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 20:20:15 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5793066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXt0j%2F8FgngNU1QVTcHSuhxOHsYal8BSUsM8M63gj6fXjkSAnSZAFY0Bc2635h00GEk5n3yphgPNvwGqQDVxVaYD9M7YK97Ydt8IY%2BQqLLb5RJcvzwKYtafZBmTbyeSInIas8YfpVdps%2BcZTALKMplLC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668c4bdcca891d1-FRA
expires
Sat, 28 Oct 2023 20:20:15 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 065E 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4236487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dyltz3ZdFMOMVYpDcAuQ1db%2FZpdfV0hO5YMGLJiJKYiI5froLdh0TqMkuofSmF7pl4O5RKLU9%2FGaea47L%2BEmfY4q6P4uItelpHkdNOBYNg2FAQut3AIZy6u11BPfFyYpxkeOIH90UZOTPkjIMcI29Yf0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7668c4bddccf91d1-FRA
expires
Sat, 28 Oct 2023 20:20:15 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 065E 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
gzip
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
9Ve5GeWK1iW7BVD7ETUGm6tiIUfRP_gmu-BQoNxIW-f1MHRZkAvHjg==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b600:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 065E 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:04:51 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
51326
etag
"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
342796
x-amz-cf-id
yb8HToCWLTAIuiOKvBaKtR1zbc3U2efB7MHn0Zud6JyUzwun9kCRwQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11ef585be993e093c615916bc711fe48c27e0df2ff616306b11bb79e8e4e886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126233
x-xss-protection
0
expires
Mon, 07 Nov 2022 20:20:15 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 17:33:27 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
10009
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
GK6gQ1C0LhaHex_VSza5MCIM2HJWy83U7E_VpAMgHkMiHx28UAtfqw==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 17:33:27 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
10009
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
Syz7NBfx6p-xcrjNs3RCzDTAaZSkslVyNFRrOn6oCnp8bIuAMb5lDQ==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 17:33:26 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
10009
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
L_fwryIVZ08c9256y4uw_mYl1MQRafBpZ76lMZjp4HNRlXdbGA6WFg==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 07:50:42 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
45447
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
5cEqnSbqUwRIjzWKpng5OQ71WyOWizjGq-qURwW_IcBu1ywrp_Ku8g==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=995540&version=7.10.0&age=221107&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=2375&relativeTime=0.1&canonical=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		34 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=7PxUIKrDi3MshWAF&instance=995540&version=7.10.0&age=221107&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-42.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8ec981ebb3e387154f180ee2b2132c587213d876bb75bd2fc730e1af8597e195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
6347
expires
Mon, 07 Nov 2022 20:20:16 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 065E 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecdd26adcc4a8c8b6164c4da1adcf9bae9018e1cafdcb9f8c5b80cb488b6d625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:58:22 GMT
content-encoding
gzip
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
last-modified
Wed, 02 Nov 2022 22:01:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1314
x-amz-server-side-encryption
AES256
etag
W/"1d9e581e3d8699432b3c59f0e0e85ea1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
06UgDEyOI0Pb6d2SCl6cibuBq3uuScmARzYAUS2pmxMQVmOBctvuSg==
/
id.sv.rkdms.com/identity/ 		2 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.230.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-230-14.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
c5d9359c8864976bf5b15a6cb03467f239fdfa098f7eeea09ca1b96e99df7a77

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 07 Dec 2022 20:20:15 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 065E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 04:55:32 GMT
x-amz-cf-pop
FRA56-P6
age
55501
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
kFx-z7q_EiHOmDeYkzTOtdxjlwgfAs5e6F57KS-Z7P9mVc11Kq69nw==
bridge3.543.0_en.html
imasdk.googleapis.com/js/core/ Frame 2EF5 		686 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6bc59f44e24e22caa74b10ed80241a95067ac087249eaa2d06d4319d6b5fbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
355089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226184
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Nov 2022 17:42:06 GMT
expires
Fri, 03 Nov 2023 17:42:06 GMT
last-modified
Thu, 03 Nov 2022 17:37:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 20:20:15 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 065E 		248 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 18:52:29 GMT
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
5265
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
70mtSDv8TFjQyI7W0i64ABGyrMr5eh6j2Dizjx-MO45TI1TFNX1qHQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=214995540&version=7.10.0&age=221107&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=2628&relativeTime=253.1&canonical=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=FYzpNrAALM&USR_ID=214995540&ST_usrKey=7PxUIKrDi3MshWAF&SM_ID=2341032&C_ID=12018&C_companyName=Adapex&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Mon, 07 Nov 2022 20:20:17 GMT
0.js
player.sendtonews.com/bidderFiles/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
df0058c3af6569aacf1c15401e9607ac797013d89d45876c86c817cd426d2793

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:40:24 GMT
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2405
x-cache
Hit from cloudfront
content-length
1389
last-modified
Wed, 12 Oct 2022 20:07:56 GMT
server
Apache
etag
"dda-5eadbf2cfdf00-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
Au1jW6FBkCu4tDxDjwVxsvGoZOpGNcIqYdoBUFxIWKoHG30G9CvHQg==
expires
Mon, 07 Nov 2022 20:40:10 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:00:05 GMT
x-content-type-options
nosniff
age
4810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:00:05 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 23:20:44 GMT
x-content-type-options
nosniff
age
334771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 23:20:44 GMT
hzjy867bimeubvkd1s0egnhiod2lguys.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/hzjy867bimeubvkd1s0egnhiod2lguys.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f472dc1e44eced6b8848b5d5714e3be7aa7eb36b8fe0513b85969e08eb31cdfe

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 16:23:32 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
14203
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
53914
last-modified
Fri, 04 Nov 2022 20:48:46 GMT
server
AmazonS3
etag
"7500cc23a089fe7bdd76c07fd66cd3dd"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
bJvDsL0N9g894VP_pX-UIvSRhYZZi900bf-dhzU7hTbOyaaAM-RK6Q==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=214995540&version=7.10.0&age=221107&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=2644.9&relativeTime=270&sC_ID=8783&sm_id=2341032&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=FYzpNrAALM&USR_ID=214995540&ST_usrKey=7PxUIKrDi3MshWAF&SM_ID=2341032&C_ID=12018&C_companyName=Adapex&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Mon, 07 Nov 2022 20:20:17 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 065E 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:15 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
7668c4bfdf5990c1-FRA
vary
Accept-Encoding
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 065E 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Fmj201.xyz%2F&pid=l0ussSU1Y1Bf5&cb=0&ws=300x150&v=22.1031.1618&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.106.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-106-197.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
TY0017SRP9A9GHZX1ANT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
pEWHZnAFWxAaeAwHqGdMgfyKJqzd0u4qEToOCTVA3HNf_cKLOStBtw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 065E 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Mon, 07 Nov 2022 20:35:16 GMT
cygnus
htlb.casalemedia.com/ Frame 065E 		36 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22186f9a0aaa75d7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222a94499e253b16%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50690c03c4137664e27398b61617b2f9cb6e23f5c8a6972e099ae743fa4d24f

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCxfxiKmJgs1R7P49II%2FE9TyT5mArqJSyuG%2F%2BeyRk1zBGXDRZWqXW7QxZLTyVOiozG%2BC7ad1WVrPwFUnOeIZ9Fs6XeJpA1nzYuNmNxr5j%2Bep%2FzuBp3OMj%2BNw5JHZWTs0sSLVq5h9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7668c4c08e999957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 065E 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.99.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-99-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5447109bc32ae1f6babd89c35de89dd12c9941aee79430cf8a7f016c12aecbd8

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
gzip
x-prebid
pbs-java/1.103.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 065E 		138 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0d826f035d9f30308152ebbdbf4bbb9d39daea110db319dab082719e9280045c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:16 GMT
AN-X-Request-Uuid
54a1c0e1-83dc-4763-aa92-f57e0176cb8a
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame 065E 		19 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.9.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-9-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 065E 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 065E 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Mon, 07 Nov 2022 20:20:16 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.020276
X-SpotX-Timing-Transform
0.000457
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.020276
X-SpotX-Timing-Page-Require
0.000443
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001823
X-fe
030
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.024336
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000375
Last-Modified
Mon, 07 Nov 2022 20:20:16 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
X-SpotX-Timing-Page-Exception
0.000028
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000016
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000915
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e212dbf387f623e2be7338b85bcbfa15fce26aac18ffd0af2aa47a1c13f36e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11022
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjmIIm%2F5D%2FfwSV01dpNgXdAuG8T7JhvqoSNxXHUxCBTgez5H11r2aUpOlxyMuOXhZIgo8Eg5SgHmjfU8RHcxldUeqpuzIV7pyPGZYnm9%2Bn%2FI0Lv6rE1e%2F4AMj206nbrhnGoHCaN%2Bz6U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7668c4c0f98d8fee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ima_sdk_v&pvsid=23293085410307&v=h.3.543.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9565037823771164&plah=simcast.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:20:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB70 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:03:25 GMT
expires
Tue, 07 Nov 2023 20:03:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F8DB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7536c331887036d81b5f7763e462d6227ff50a3fcab3586de88edc9e0b1a297
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l2dpsEnKyH_ST_8YgZjprg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-l2dpsEnKyH_ST_8YgZjprg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Mon, 07 Nov 2022 20:20:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
8p1s3370r3q56r383p5p995r05553360playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/8p1s3370r3q56r383p5p995r05553360playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4133630f5743f968871f0c3cefe69caed1e90fb2d4b49b53a94aaeb58995667

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:13:21 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
67363
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Fri, 04 Nov 2022 20:43:05 GMT
server
AmazonS3
etag
"2760931a23826ee9c6e4f0f1c2a65162"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
7Y7iLxRwLuuRZSoTAwCcCxbLa9wY-L9QKgCllwg6UHOtJHnsevBqng==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=214995540&version=7.10.0&age=221107&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=3009.1&relativeTime=634.2&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.543.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=214995540&version=7.10.0&age=221107&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=3009.6&relativeTime=634.7&sm_id=2341032&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8783&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.ix.time=103.8&prebid.bidders.rubicon.time=210&prebid.bidders.appnexus.time=57.5&prebid.bidders.triplelift.time=56.7&prebid.bidders.pubmatic.time=59.8&prebid.bidders.spotx.time=131.6&prebid.start=2779.1&prebid.time=215&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sp4rsqpq8r2q473on4054ns580q60n27base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		10 KB
10 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/sp4rsqpq8r2q473on4054ns580q60n27base.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b51d267052c057abc8437f28c7e7907234f6ac7fd21f2a53649b391698ffbea

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:14:43 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
65280
x-cache
Hit from cloudfront
content-length
10044
last-modified
Fri, 04 Nov 2022 20:44:24 GMT
server
AmazonS3
etag
"96c0bf8f3c6a26dea8d28c6f9b38562b"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
xFnyXEk0M7ebqHWL8RQHM-dh4FW9a6qqEhcvokANyFfVoXzeYUIVnQ==
8p1s3370r3q56r383p5p995r05553360.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		2 KB
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/8p1s3370r3q56r383p5p995r05553360.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5785651ac5965eeff4f1e09a26cf45ec8e11fa48ea7eb54cac890ec7476fa54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 17:34:02 GMT
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
9975
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Fri, 04 Nov 2022 20:45:26 GMT
server
AmazonS3
etag
W/"06526a8607722a6c75e11608b865f350"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
Bc01PXKHH3AbUWNTAqVckrsesgf3LAOpKSdeTSZoUUR2Mt0i0DCE9Q==
ads
pubads.g.doubleclick.net/gampad/ Frame 2EF5 		37 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2341032&us_privacy=false&cust_params=sessionKey%3D214995540-7PxUIKrDi3MshWAF%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.10.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D10%26us_privacy%3Dfalse&sdkv=h.3.543.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.543.0&sid=0A1DC075-D055-4BAE-81C4-7B49E3A7F5DD&nel=0&eid=44748969%2C44750822%2C44765701&ref=http%3A%2F%2Fmj201.xyz%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1667852414080&idt=1976&dt=1667852416342&cookie=ID%3D6e3b15de9a9471e4-22ee89506fce0031%3AT%3D1667852414%3ART%3D1667852414%3AS%3DALNI_MbmM9lNTKzUx4XuBL4S71uqtOkk3w&gpic=UID%3D00000b7e61dbd597%3AT%3D1667852414%3ART%3D1667852414%3AS%3DALNI_MbrDrJnQX14VnIVMw6sI4Xh2aL3Kw&correlator=1468847139270376&scor=2752430144687138&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aa484c9024e97359c9c94217638b6086c1d55adbab145a9e5a9ecf1a300d89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1538
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
8p1s3370r3q56r383p5p995r05553360-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		354 KB
355 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/8p1s3370r3q56r383p5p995r05553360-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23acc4967fbfb464cd7aff561d361a0ba4fe6fe88dfd234a3afd15c8e2c6ca7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 17:34:03 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
9974
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
362276
last-modified
Fri, 04 Nov 2022 20:45:19 GMT
server
AmazonS3
etag
"2151f62e4d4cfee92cec0d02dc02e131"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
RT_TsebLGOopfyVVF2euQSptelqh1gz0xNC8qcnuD8G_VpFKoioVzg==
ads
securepubads.g.doubleclick.net/gampad/ 		189 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23293085410307&correlator=4286488874091278&eid=31070660%2C31070743%2C31070233&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=765640834%2C1061345380%2C2236014936%2C4269102928&sfv=1-0-39&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D200%26wrap_l%3D1200%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D400%26padpr%3D20%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D500%26waae%3D1300%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D6e3b15de9a9471e4-22ee89506fce0031%3AT%3D1667852414%3ART%3D1667852414%3AS%3DALNI_MbmM9lNTKzUx4XuBL4S71uqtOkk3w&gpic=UID%3D00000b7e61dbd597%3AT%3D1667852414%3ART%3D1667852414%3AS%3DALNI_MbrDrJnQX14VnIVMw6sI4Xh2aL3Kw&abxe=1&dt=1667852416372&lmt=1667852416&dlt=1667852414080&idt=663&adxs=315%2C791%2C1230%2C0&adys=193%2C1061%2C288%2C1929&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fmj201.xyz%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1859&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=1205011640.1667852415&ga_sid=1667852415&ga_hid=2079174110&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
370e754410e0188f95bfc212b8926ee1d34be1852c488ce583a3c4ce5d4020a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44267
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame F508 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Tue, 07 Nov 2023 20:20:16 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F8DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=23293085410307&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
ed8c0acd-c4e6-471d-ad45-b166a339b2ef
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/ed8c0acd-c4e6-471d-ad45-b166a339b2ef
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e3534d987a90a565c0b7e86c571fa8d6d2f3cebfa4540ed2fddecd8a4647560

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
pagead2.googlesyndication.com/bg/ Frame DB70 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16184
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Nov 2023 14:03:14 GMT
8p1s3370r3q56r383p5p995r05553360.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 KB
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8p1s3370r3q56r383p5p995r05553360.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18615e6fe15f5ea3a5587ae7bd99e76edd7a9cf76401de7d68055980ec4d267f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 20:50:13 GMT
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
84604
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Fri, 04 Nov 2022 20:47:11 GMT
server
AmazonS3
etag
W/"e1823572a2ca5a95d05604d445cb4e4f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
Ky-OzXZ9dRwbEIM5GsnilXezYKaXX9bBYhHvH5QYzTeHLlMcq1e8Fw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=214995540&version=7.10.0&age=221107&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=3231.8&relativeTime=856.9&alt=0&sC_ID=8783&sm_id=2341032&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=FYzpNrAALM&USR_ID=214995540&ST_usrKey=7PxUIKrDi3MshWAF&SM_ID=2341032&C_ID=12018&C_companyName=Adapex&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Mon, 07 Nov 2022 20:18:45 GMT
generate_204
tpc.googlesyndication.com/ Frame DB70 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IaD-HA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame 2EF5 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214995540-7PxUIKrDi3MshWAF%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8783%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.10.0%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D10%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=0A1DC075-D055-4BAE-81C4-7B49E3A7F5DD&adk=2458199627&correlator=1468847139270376&ctv=0&dlt=1667852414080&dt=1667852416543&ged=ve4_td3_tt1_pd3_la3000_er313.20.741.781_vi0.0.1200.1600_vp100_ts1_eb24171&idt=1976&is_amp=0&omid_p=Google1%2Fh.3.543.0&osd=2&ptt=20&ref=http%3A%2F%2Fmj201.xyz%2F&scor=2752430144687138&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44750822%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.543.0&sdr=1&vconp=2&video_doc_id=2341032&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&loc=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&cookie=ID%3D6e3b15de9a9471e4-22ee89506fce0031%3AT%3D1667852414%3ART%3D1667852414%3AS%3DALNI_MbmM9lNTKzUx4XuBL4S71uqtOkk3w&gpic=UID%3D00000b7e61dbd597%3AT%3D1667852414%3ART%3D1667852414%3AS%3DALNI_MbrDrJnQX14VnIVMw6sI4Xh2aL3Kw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 065E 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1667852415933&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=397197&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2341032&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1667852416819&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=886&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Business&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dmj201.xyz%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-125.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-length
43
x-amz-cf-id
BfYW8UU_fPZZUJyMV7omlXzA5_HrAaKu51BvR1vYPnEOdO9210KMrQ==
x-cache
Miss from cloudfront
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=7PxUIKrDi3MshWAF&instance=214995540&version=7.10.0&age=221107&cmd=PLAY&key=eKVKXbhX&c_id=12018&seq=1&order=7&absoluteTime=3539.8&relativeTime=1164.9&alt=0&sC_ID=8783&sm_id=2341032&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=PLAY&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=FYzpNrAALM&USR_ID=214995540&ST_usrKey=7PxUIKrDi3MshWAF&SM_ID=2341032&C_ID=12018&C_companyName=Adapex&version=70100000&sC_ID=8783&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=mj201.xyz%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Mon, 07 Nov 2022 20:18:46 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
484246
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=D24oBXx3ZTFpeGE3UnpGanY4d1psK2FmNHY2QlFLWDN1NWlnbWE3T2lqVUtrMXBoajhDS1daVDlHMysrOHJMRDQrbHBaM0ZZdmZDNThTZVRlWDd6RDd1UTVJME03YnhlQnpTbE9mcG9YeklDN2dIdXlWaE5qSVFOdUpyTz...
367 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=D24oBXx3ZTFpeGE3UnpGanY4d1psK2FmNHY2QlFLWDN1NWlnbWE3T2lqVUtrMXBoajhDS1daVDlHMysrOHJMRDQrbHBaM0ZZdmZDNThTZVRlWDd6RDd1UTVJME03YnhlQnpTbE9mcG9YeklDN2dIdXlWaE5qSVFOdUpyTzhEbW5peW0xOUpqQUd0MU9IZG9HR3ArcnEyb1BhekZiQ09iT2szeTR6ZC9ON1VGdEMxYUpodlkzK2NkSzN5cFY5OWxERkdvQng0RUF4NWVpS3RqL2Q5TklGQkF3ZmVieWV5T3Arbm81TFppUHVBYmJjamVNPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
71ebddf359d51fcfb42066c45be12a76736146fccbfa51f8c01747a225c3a3f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1442563
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=D24oBXx3ZTFpeGE3UnpGanY4d1psK2FmNHY2QlFLWDN1NWlnbWE3T2lqVUtrMXBoajhDS1daVDlHMysrOHJMRDQrbHBaM0ZZdmZDNThTZVRlWDd6RDd1UTVJME03YnhlQnpTbE9mcG9YeklDN2dIdXlWaE5qSVFOdUpyTzhEbW5peW0xOUpqQUd0MU9IZG9HR3ArcnEyb1BhekZiQ09iT2szeTR6ZC9ON1VGdEMxYUpodlkzK2NkSzN5cFY5OWxERkdvQng0RUF4NWVpS3RqL2Q5TklGQkF3ZmVieWV5T3Arbm81TFppUHVBYmJjamVNPXw&cppv=2
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
646104
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.132.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-132-135.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
c234875f62a68f24
vary
Origin
request-time
3
id
id.crwdcntrl.net/ 		43 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.58.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-58-124.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.10.125
access-control-allow-credentials
true
content-length
43
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=D24oBXx3ZTFpeGE3UnpGanY4d1psK2FmNHY2QlFLWDN1NWlnbWE3T2lqVUtrMXBoajhDS1daVDlHMysrOHJMRDQrbHBaM0ZZdmZDNThTZVRlWDd6RDd1UTVJME03YnhlQnpTbE9mcG9YeklDN2dIdXlWaE5qSVFOdUpyTzhEbW5peW0xOUpqQUd0MU9IZG9HR3ArcnEyb1BhekZiQ09iT2szeTR6ZC9ON1VGdEMxYUpodlkzK2NkSzN5cFY5OWxERkdvQng0RUF4NWVpS3RqL2Q5TklGQkF3ZmVieWV5T3Arbm81TFppUHVBYmJjamVNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
534073
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
579.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
d1a582bbe0579cf662200e4b48d0f6f294e673caf4fbfd9aa86e44211ac9bef4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:20:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=23293085410307&bg=!r6ylrOjNAAZPh4lnb4c7ACkAdvg8WmJ5GpSzLHHJA6ezE_uxtws8-NZ__mRiWMw2nWDDr1bdXGlS0AIAAAB-UgAAAANoAQcKAPuA0BVFhZ42B6Cbrp0457ZUX9nx5Ynxo4oO5y5z_fhtaz6Lcb7e30HmI2O8v5RI2cKaxFn5FmK2_Acbqw0kZQqAGTn2d2q_FTEWFJYIloV4ai4mFtYefxRm6MX7yQQlSNeBxUWBeQb3UxK9j6UzUZSOSPQFFGHG1EaACZM8zz08JTApPAEa3jfrG1-tT-NFUbaFRbuop-Z-wnA3TNv8EqjMWzOHJQPWkY1JnPfwcrKcT-3rOkQf3f4bMKvglGVn8awL5CWeC8joINEec5vwKbptV20Q0TY0BcrOjQ3cMbykZKy8MkD6gl22NdwZyJdA2m4OUqrhNbXtQuaXlZkCnSP87cw_fhtnqkpBexeifrRlLT9dbxjdnFkCD9DN2TJ3KnkelnvoaP0jjCDhyJaOVSg_s7zIlYMS3J5QTA7u7iELpKGQwvTZJRnFtKtKW2X3yP4jzRp3nMkh5Zgx6OsnND1SGfKvB6JgfmXu90IEjG8S8pbBNgfYf_xgWTZkr77JvEWQ4qZsgV_1WT7-G95TmrKPaR43MLgmfyfi_yvKiAQnq8rYmsCF3d2S9mZB6eshpKpp0Ka8wsVcCLnxe3QzS_hfIrjTtRVbXoVQsd8ATgxsWTr-18FemoQ_IblExzhYA5YoaN9rH86Gnp2TzAcXXp490rdNvXFCFSwnffywnExMpdoVVieADskT7LkLVOYuKBznC4r2aKpdzNxt8dVQhKcH_HQVqYQC-XfkM6cpJkX4NZMohL5N-SKbF4pUgcohztwZS3rzv5n49N_xvTsy4cYeZ09C_mMBtq8ax9XagHp9Gn8jpYh3F4X35sJmxBLoyr3GqeI0ZHvXs90FgXoYnMngmCYf9bMWjVHCPGFDO3NyupsG-__atOBYZeQcwnIMRJVvF3_yZCZIgssi35SN_yJ6qsMockMRgzsnQnvhDkS90-eTyD5ImVGQrKH2jHqcHRBg9CcfX-RW7iZiIBuG1y-0TTKYpQcSJjWQpi2M_EHnJtCv7x5B6nHYKIOWZFNIj3lHuTWYjju0WpHQ3W8NyDO_IWPHfFYDFKBQFxVFe3TiI9kObw70k03xozA5Fu6AFvCRzHF22DkSy4MDRpNXDB0FyrFpgSemIBEgx_y9hG2n2F-gh3HEEN6SsijT4o5F4rquDro_3H2C9JFeM1Vp5OuLH5tftlpM9YJo0VPMPWKSrhvuDJr16txgQsVzu8FlYCa-4Sdk2S2CxBBQlg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
cache-control
public, max-age=86400
last-modified
Mon, 7 Nov 2022 16:47:28 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
VD6XB4MBHFJKJ9DH
age
2791
etag
W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7668c4c6fd169bf8-FRA
x-amz-id-2
a05TOcWOnJKrOsbJzgI4ouelLEAs/jW7tt5UEs3lfB6eB8+M9ZBIxELZdCS20TkaNbFYH4Y+BAg=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:20:17 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:05:50 GMT
content-encoding
gzip
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 16:32:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
65671
x-amz-server-side-encryption
AES256
etag
W/"a576cab5f14785e90bbbb12b6ee95a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
jGiAqSHqKgVaJ5m8Ywo80eSikhUMDv3XsOazOy1pnIGQP8x1rer4NA==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.167.203 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-167-203.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
container.html
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 0731 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Tue, 07 Nov 2023 20:20:16 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2828 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Tue, 07 Nov 2023 20:20:16 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame C11C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Tue, 07 Nov 2023 20:20:16 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 30D9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Tue, 07 Nov 2023 20:20:16 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 69D1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simcast.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
server
Kestrel
server-processing-duration-in-ticks
938750
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Nov 2022 20:20:17 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.58.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-58-124.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
38972bc5834aa6852a6f25abf751f363f74f1cd3129bce78df4758eb4fee46df

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.45.5.242
access-control-allow-credentials
true
content-length
60
expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0731 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaIPRgGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSYAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nPElN1d-3yXreppLgRZnL4MPoHSAfuMgDIMJUlegnJURDVdYy2OPgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=uftSxDPxn6M&uach_m=[UACH]&cid=CAQSOwDq26N95CZGov9IEhxDyKAkJrt7UvsYqdbHf9W0Hi4QcO2PH_ibUQqCBDTW7zEagcN4G6eWZ9P9-j9bGAEgEw
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0731 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFOv_CsoH-gGdg2ICAgAAANzcIsRkPmtirXdIVgk5jtsQgGhpY_LKhnA2sVRpyQpCABIAAA&wp=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
292466
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame F9D8 		139 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a69777504794cf84c8b5f8ffad7e1933136446e9f2f452ebed24a72c7d4d38c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dq3h4CuHBZM0SzmXCXnZVXatazYgRth_uh47XdbXQkqSUdbqEar3rc_TNn0pWifoczlZEtUXXcVaPLZDQvf53J1N7TxUBcEREDT18pa3_aKK-Vr51yJLjNY6fDXB9BCgF0SQ4fAbnVT92J1xPHAxGUmecFDQe9Xvf6zThf_a2L2jxTQDM8YC4dE05gaqXVu63zWXkeD70yYxdjMVYXwqV2a0a-bT9kLIXXZ9YlfwVRgjT-qgnXUK3SkjzEYxFEzzO5WWaQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
91919029
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0731 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 19:56:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2187 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Tue, 08 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 0731 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
20694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 14:35:23 GMT
l
www.google.com/ads/measurement/ Frame 0731 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ30OjgRrUbqiK_cqaV17QTZL13Zpuan3reHbyVVkZasPLva5F_EXst7eic021eBi5JwOlH9s4RnEccvD3QQXyceV-OWg
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 0731 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Nov 2023 08:50:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0731 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:20:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2828 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsOy-gGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9hx3ceziC1Yk8V7weXQfFvd5R7UANem1btG5AoFici10XG1YQnargBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=3L47UU_liTE&uach_m=[UACH]&cid=CAQSOwDq26N95CZGov9IEhxDyKAkJrt7UvsYqdbHf9W0Hi4QcO2PH_ibUQqCBDTW7zEagcN4G6eWZ9P9-j9bGAEgEw
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2828 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLikCdACmAKdg2ICAgAAANzcIsRkPmtirXdIVgk5jtsQf2hpY2GJNf2mKBt3CPyuABIAAA&wp=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
317510
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8E09 		128 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c5d7a468a55091c51c959117ce5c3f18514d3b99c77bc1112fd2918ff717bfb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:16 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7NMX0SuHBZM0SzmXd9h7hqE1rQwQNYRyckKDh5FK1SxO7Oc2N6fb-3Kw--ao7en13JdF0SfUF6JJYLcjpjavSbfqIwDkAYcHTRdMY0oL2QBvSDKbZxr_MfilxV6dMm8ViZV-_4EJl-1ZZHM9ibVPFE3QBl4x0llqFfbGJAebvEw_k8KdOAWoQsvs3LeRoyjLEVsjAg8rDNPQjMY9re7RhaPL9NwT_2fBVN-z13MviTZ_3kMPsRt0IwoMdw6h2-F5sHJHFg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
86566042
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2828 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 19:56:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3863 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Tue, 08 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 2828 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
20694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 14:35:23 GMT
l
www.google.com/ads/measurement/ Frame 2828 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFzucknYU-vKbCIcgsd9zaZAzBDjOo3lL9OmXuoMPSq0tivHyYE8NX4aTYfoBhJoe67cvpVmDv-uflnJ5n150ax9j_TA
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 2828 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Nov 2023 08:50:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2828 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:20:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C11C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNUfBgGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hantJJ-AvX3Nf87ioim-QcdadVaw0f2q1oLyWcDiu79jp_xw8pb_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=4HvjCuBPMj0&uach_m=[UACH]&cid=CAQSOwDq26N95CZGov9IEhxDyKAkJrt7UvsYqdbHf9W0Hi4QcO2PH_ibUQqCBDTW7zEagcN4G6eWZ9P9-j9bGAEgEw
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame C11C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFMc1rAL6AZ2DYgICAAAA3NwixGQ-a2Ktd0hWCTmO2xCAaGljuZAsv05_HeCAi0cAEgAA&wp=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
281037
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4695 		136 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a346e52cf4f2cd51a0159dba53407cf42b37c5b085f838748b782f4a00177b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 20:20:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OIANYyuHBZM0SzmXSxnLyMgk3ktSog0IuJw4aU6jb0xQQphM3sQnNV5vYkCrD_DivD8HBqNLZjoJFV0S-pRIHH1TYsxquNH9QYhZgeeuBCe6dMEN5ykxODGMMk_AeNfkbHiOBKyNteIMvtHZPeJgiE7Ya7v-0yEJLdyh6vDHNcHEM_ADH2VsTtSP4y2hcgxcsuEOf4BRXapQ-K3RjFYlVKPOGCAh5ZIYRBePKm90DuDV7sqwBd7p_B3jM9-J85V1GBRmtw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
80828019
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame C11C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 19:56:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6B06 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Tue, 08 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame C11C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
20694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 14:35:23 GMT
l
www.google.com/ads/measurement/ Frame C11C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRfu2c7oLHTqhbMxbaTAoj92jODUBhhQZz7LTzToNEhzIi1y9_zcuWtHuXLEgZfrqLoaKZz0TjGdqvCXzMDHye-T6QMg
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame C11C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Nov 2023 08:50:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C11C 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:20:17 GMT
css
fonts.googleapis.com/ Frame 30D9 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 18:56:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 20:20:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 30D9 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
20608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 14:36:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 30D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ccq_zgGhpY7_iGo2R9fgP58-2sAnRpu-ZbbHJ_ZTeEGQQASCG94YmYJXCpoKwB6ABo4vF7gLIAQmpAv_Y-MQbxrA-4AIAqAMByAPLBKoEtgJP0BzwKPDGRAi3cB-Vb45a_PasQ40Oux6gmOhbGponXxHSpyV9osfA2aB5uh5-yDQRK8NLG9VF9wHXXhieGOPTZt-HwnGj1ikEPDMr7-Lwn6NWW5VEnugnD8_M9C04rDH3mqgcjnx2b-nqrmyWuBLRCUALrNHqCA8y4HqkQuzJdrOzo6mOSyvRT8CCbgGWYAWrA4z_1zVBWcRMmLlqQSUhksaFF0bd8e92PN1MwXieeLelIu3CqsQkl-OArekauwGFjNVoszP6L0p-P6WCzMR5-rc8tIF8fIUOXYjijm9FYRhZKWciJGuW-rcqA1zGLQInhClbFDXQW8TgDR1kj8Tk7EfFSpUxgU5c1q_jYiNZBVfqCct2ZLtGO-cd0HhXReV9Yr1Q8YNu5WhbdsBmupjWZTkmyzuswASUlp7BsgTgBAGSBQQIBBgBkgUECAUYBKAGLoAHz9DVmAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCGwAPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAZgMn42Xm5AEuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=8PxiYdR7YVM&uach_m=[UACH]&cid=CAQSOwDq26N95CZGov9IEhxDyKAkJrt7UvsYqdbHf9W0Hi4QcO2PH_ibUQqCBDTW7zEagcN4G6eWZ9P9-j9bGAEgDg&template_id=515
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/ Frame 30D9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 12:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
29754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
server
cafe
etag
12585499704757265805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 12:04:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 30D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 19:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
1405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 19:56:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 30D9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
20694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7305
x-xss-protection
0
server
cafe
etag
12747696668401323709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Nov 2022 14:35:23 GMT
l
www.google.com/ads/measurement/ Frame 30D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEJjYW2AwN6390YsiZybr15y7RcosuXMMQWuEcHHU2aBKffjRdVytULnVKxBIUe4-br4bM8WlvHDV3t7v91y5okt01NQ
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30D9 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48204
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667489865617883"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Nov 2022 20:20:17 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 30D9 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 12:55:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 12:55:03 GMT
16272888955745119377
tpc.googlesyndication.com/simgad/ Frame 30D9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16272888955745119377?w=100&h=100
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e35a8f69bf211ed6d8ac69515a5cc50065a4131d7c93249164f3d48fa695e60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 05:45:00 GMT
x-content-type-options
nosniff
age
570917
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1467
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 11:19:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Nov 2023 05:45:00 GMT
truncated
/ Frame 30D9 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 30D9 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
sid
mug.criteo.com/ Frame 69D1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simcast.com&sn=ChromeSyncframe&so=3&topUrl=simcast.com&bundle=j_sFql9wJTJGcVU1Vk5yMm9MbU5UNWduOVR0aE5nUmdBejZGeGMxSDZ0Y1RadXhrczJselVaUmlL...
  • https://mug.criteo.com/sid?cpp=CDh8GHxPOXg3S2JCeUZkR08wSTFNSllKdlZCc090TFE1dWxPblRLTmJKTmNGK1QzUGRha1MyZE1pVFgzaGhRRXE1U0lNd2ticDRkVzVHUUNyNm0xckduY0FuOGU4SUVTU2R5LzgxSXEwYVNCUkFOUndTSXVzRjhTWHVMZF...
438 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CDh8GHxPOXg3S2JCeUZkR08wSTFNSllKdlZCc090TFE1dWxPblRLTmJKTmNGK1QzUGRha1MyZE1pVFgzaGhRRXE1U0lNd2ticDRkVzVHUUNyNm0xckduY0FuOGU4SUVTU2R5LzgxSXEwYVNCUkFOUndTSXVzRjhTWHVMZFRhdDI1N2lBQVRSKys0YXhaRGU5djVFNWZJWDlYMUhCemlwZ1NvSFBRVWpwYVlmY2xZSEtBUmRRYUd6QWJjQ0l1UkV1UjhiWnRiNnpYVGZLMHBWeE9sekNxajRYeWdOZGZSQWFKMXozZVNyZzhyM0lqRVIwNS8rT2preTNtWmwxWHF6dTJDekJyZUhNNVpFd0dSRElEbC9sS2Y0RVJiTFI5Qy9YSkh2UGlTWXgzZHNmeVlPST18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a93494db2c3dd46aa79768d6fbff99b2b8a7cfdae4ea4593a7b58659535ef8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3010698
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=CDh8GHxPOXg3S2JCeUZkR08wSTFNSllKdlZCc090TFE1dWxPblRLTmJKTmNGK1QzUGRha1MyZE1pVFgzaGhRRXE1U0lNd2ticDRkVzVHUUNyNm0xckduY0FuOGU4SUVTU2R5LzgxSXEwYVNCUkFOUndTSXVzRjhTWHVMZFRhdDI1N2lBQVRSKys0YXhaRGU5djVFNWZJWDlYMUhCemlwZ1NvSFBRVWpwYVlmY2xZSEtBUmRRYUd6QWJjQ0l1UkV1UjhiWnRiNnpYVGZLMHBWeE9sekNxajRYeWdOZGZSQWFKMXozZVNyZzhyM0lqRVIwNS8rT2preTNtWmwxWHF6dTJDekJyZUhNNVpFd0dSRElEbC9sS2Y0RVJiTFI5Qy9YSkh2UGlTWXgzZHNmeVlPST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
581269
content-length
0
expires
0
increment
id5-sync.com/api/esp/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
i.match
s.tribalfusion.com/z/ Frame 2187
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENCyp4nJveNuyhWYn3Fb07s&google_cver=1&google_push=ASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENCyp4nJveNuyhWYn3Fb07s&google_cver=1&google_push=ASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENCyp4nJveNuyhWYn3Fb07s&google_cver=1&google_push=ASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7668c4c9eebe6907-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
162
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENCyp4nJveNuyhWYn3Fb07s&google_cver=1&google_push=ASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-BARIrDyXyJp738S5OvL-Nq_lHB_9Ol8b9shqVun1qd9D8EqO6Oyw_F_t-Or1SgJsm78XYMswz4mk1qUOH69LvWdpzq4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7668c4c86b116907-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2187
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENLTw4tjhc5rckX1FFZd1WQ&google_cver=1&google_push=ASkJ3FaZ9MU3dJRmnl2PJO3Tl5g9DkthFsS6_EeB6Od6BJ_DLIKuvXYkXX-RP5lv9FD0qpLbgg-f_mS0IRC_6D2PRY5QhwO4FgQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaZ9MU3dJRmnl2PJO3Tl5g9DkthFsS6_EeB6Od6BJ_DLIKuvXYkXX-RP5lv9FD0qpLbgg-f_mS0IRC_6D2PRY5QhwO4FgQ&google_hm=ZzMwZGY4MDI3Mjg2MzZmZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaZ9MU3dJRmnl2PJO3Tl5g9DkthFsS6_EeB6Od6BJ_DLIKuvXYkXX-RP5lv9FD0qpLbgg-f_mS0IRC_6D2PRY5QhwO4FgQ&google_hm=ZzMwZGY4MDI3Mjg2MzZmZjEzNmY=
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FaZ9MU3dJRmnl2PJO3Tl5g9DkthFsS6_EeB6Od6BJ_DLIKuvXYkXX-RP5lv9FD0qpLbgg-f_mS0IRC_6D2PRY5QhwO4FgQ&google_hm=ZzMwZGY4MDI3Mjg2MzZmZjEzNmY=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2187
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESED7gRwnYZFCe-sV9P5j85bI&google_cver=1&google_push=ASkJ3FZRJSzDS2OALi1lmln59XYCkSVN0I32pAY-QPbIOh_CQFJ0uaTsTqvNzoGRgaqfrtZZgudq_ZQoxzlafqEwibkGUIeL-2Xb
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&mn_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZRJSzDS2OALi1lmln59XYCkSV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&mn_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZRJSzDS2OALi1lmln59XYCkSVN0I32pAY-QPbIOh_CQFJ0uaTsTqvNzoGRgaqfrtZZgudq_ZQoxzlafqEwibkGUIeL-2Xb&gdpr=&gdpr_consent=
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:17 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&mn_hm=MzEwODU0MDE3MTQ5MjY0MTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZRJSzDS2OALi1lmln59XYCkSVN0I32pAY-QPbIOh_CQFJ0uaTsTqvNzoGRgaqfrtZZgudq_ZQoxzlafqEwibkGUIeL-2Xb&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 07 Nov 2022 20:20:17 GMT
/
cc.adingo.jp/adx/push/ Frame 2187 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEJdZq9yVVPtTxXhawvceQi8&google_cver=1&google_push=ASkJ3FYx54X2AfdkgZ-IIc11uf8h0ED6uYXPCvuLOEXhncDxYME7dhUTjhPNrZbK9EBF07nSz3qSSUzjAVSsoyTjhXiLFIxeiOk
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.93.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-93-39.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
awselb/2.0
v1
match.sharethrough.com/E4rooAtA/ Frame 2187 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDYXi8JLpmgHMBJDQ_y7WM0&google_cver=1&google_push=ASkJ3FZ8S0heTdVwuIaqsaU-wyKCt8pIsRyPqbWaMVx24KCUlKLghP1YI98a23UEWYxNAoZxUzKKwAr30hlze8XqBVcT6P_v2o65yA
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.80.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-80-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
pixel
cm.g.doubleclick.net/ Frame 2187
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEABipUlx366Zqi9iEuV0QAo&google_cver=1&google_push=ASkJ3Fb1ANWuwzYm8gR1D6qQOI2L_6JZEH8Joz28yqnMIaXPwzj4yVZsemF7t9lqSz7gwOXCf32hPXCw1K6YMo0L4Xl6z9csDLI85Q
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGFiNDlmY2EtNDFkYy00NGY5LTk5NzItMTc1MTYwNjBhMWU5&google_push=ASkJ3Fb1ANWuwzYm8gR1D6qQOI2L_6JZEH8Joz28yqnMIaXPwzj4yVZsemF7t9lqSz7gwOX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGFiNDlmY2EtNDFkYy00NGY5LTk5NzItMTc1MTYwNjBhMWU5&google_push=ASkJ3Fb1ANWuwzYm8gR1D6qQOI2L_6JZEH8Joz28yqnMIaXPwzj4yVZsemF7t9lqSz7gwOXCf32hPXCw1K6YMo0L4Xl6z9csDLI85Q
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGFiNDlmY2EtNDFkYy00NGY5LTk5NzItMTc1MTYwNjBhMWU5&google_push=ASkJ3Fb1ANWuwzYm8gR1D6qQOI2L_6JZEH8Joz28yqnMIaXPwzj4yVZsemF7t9lqSz7gwOXCf32hPXCw1K6YMo0L4Xl6z9csDLI85Q
date
Mon, 07 Nov 2022 20:20:16 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
0.gif
id5-sync.com/i/495/ Frame 2187
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEDLkgvessFW-E1BCcP7Rgz4&google_cver=1&google_push=ASkJ3FZ5D6f4X7THqDmazdvz2IR9zhouDckFDdKqwr0X2UaGWucuZWQ4-BdbXMAvuBOBkVM-a3fYkMkW5EQ_EcgFFt94UglT6G9mUA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZ5D6f4X7THqDmazdvz2IR9zhouDckFDdKqwr0X2UaG...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZ5D6f4X7THqDmazdvz2IR9zhouDckFDdKqwr0X2UaGWucuZWQ4-BdbXMAvuBOBkVM-a3fYkMkW5EQ_EcgFFt94UglT6G9mUA
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZ5D6f4X7THqDmazdvz2IR9zhouDckFDdKqwr0X2UaGWucuZWQ4-BdbXMAvuBOBkVM-a3fYkMkW5EQ_EcgFFt94UglT6G9mUA
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 2187 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2WAXtA114N2Z-6QVRqXB80wKsqoVsThOM0oQkk28T2v3A1IxsJKLbJRIoTxrO7kczIHaHmMCq
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 3863
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEORaXU1m8bPNbbWEiRF2OX4&google_cver=1&google_push=ASkJ3FbeuCG4416kbRVSa-0dgucNrOm-1QTupzUh2EjMAMiLjvMitRnDTSh3lsP8hHrAs6IpfTAORTg8RXXN3m...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzM3MTU4NTU4Mzk3MDQ1Nw%3D%3D&google_push=ASkJ3FbeuCG4416kbRVSa-0dgucNrOm-1QTupzUh2EjMAMiLjvMitRnDTSh3lsP8hHrAs6IpfTAORTg8RXXN3mtL95...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzM3MTU4NTU4Mzk3MDQ1Nw%3D%3D&google_push=ASkJ3FbeuCG4416kbRVSa-0dgucNrOm-1QTupzUh2EjMAMiLjvMitRnDTSh3lsP8hHrAs6IpfTAORTg8RXXN3mtL95ZhHfwVnxq8w8SFMgzCaHO5mF-gQM8lBXSRwIXTfFV6tizaTZdrReGI
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2MzM3MTU4NTU4Mzk3MDQ1Nw%3D%3D&google_push=ASkJ3FbeuCG4416kbRVSa-0dgucNrOm-1QTupzUh2EjMAMiLjvMitRnDTSh3lsP8hHrAs6IpfTAORTg8RXXN3mtL95ZhHfwVnxq8w8SFMgzCaHO5mF-gQM8lBXSRwIXTfFV6tizaTZdrReGI
Date
Mon, 07 Nov 2022 20:20:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 3863
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEEmUiffPmdqb220G05Fi94Y&google_cver=1&google_push=ASkJ3Fa2thRstFJmdfJN80SwwpmcH1KeVOiU-BO51JpLQgkDiubrJKWOuGcZcM6SLdfKGW-MGcCrwk9_odgxI4OlJsEMgRe1LoWGEJiM1...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bmkxeEJMSUFEWEMwWUJiaWdXaHBZdw%3D%3D&google_push=ASkJ3Fa2thRstFJmdfJN80SwwpmcH1KeVOiU-BO51JpLQgkDiubrJKWOuGcZcM6SLdfKGW-MGcCrwk9_odgxI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bmkxeEJMSUFEWEMwWUJiaWdXaHBZdw%3D%3D&google_push=ASkJ3Fa2thRstFJmdfJN80SwwpmcH1KeVOiU-BO51JpLQgkDiubrJKWOuGcZcM6SLdfKGW-MGcCrwk9_odgxI4OlJsEMgRe1LoWGEJiM17zg2RFIqOytjvt63lmzPHpfPWckQWsArp2lx6Lw
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bmkxeEJMSUFEWEMwWUJiaWdXaHBZdw%3D%3D&google_push=ASkJ3Fa2thRstFJmdfJN80SwwpmcH1KeVOiU-BO51JpLQgkDiubrJKWOuGcZcM6SLdfKGW-MGcCrwk9_odgxI4OlJsEMgRe1LoWGEJiM17zg2RFIqOytjvt63lmzPHpfPWckQWsArp2lx6Lw
date
Mon, 07 Nov 2022 20:20:17 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
287
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 3863
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELves4H3O2N3a5EvKoAXiJQ&google_cver=1&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELves4H3O2N3a5EvKoAXiJQ&google_cver=1&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfp...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9ec557c1-cac4-47be-92dc-1c7e7eed1eca&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6vEmIQZcGXu8oFNgaNvZ5j_gppCOCng13iwz_CSoPK-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6vEmIQZcGXu8oFNgaNvZ5j_gppCOCng13iwz_CSoPK-oUPMSvLyax&google_hm=YBCgfruETjSEXiFDHF_kLw==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbcrKPFtgWMNbGTF_NGmxpiV9Azc0UGd66eQ-IAFWShGpFVGX_g86dYOFHJ4C04nSyertDErn-XWWDEfpgm6pB6vEmIQZcGXu8oFNgaNvZ5j_gppCOCng13iwz_CSoPK-oUPMSvLyax&google_hm=YBCgfruETjSEXiFDHF_kLw==
Date
Mon, 07 Nov 2022 20:20:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3863
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fbz1kOPP3EssX_uYmxgz0-dz3Ct55Oe4ZyxGPr0OybS72Qxz8ck1ng3N2vTYNsVWqc4pnzmf7EhDrMMeK6hCCDwobWBitfxKJhbvcf5skW8fwxrYaf0uNi8QwVhuw7MASUiR2BrVWlh
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fbz1kOPP3EssX_uYmxgz0-dz3Ct55Oe4ZyxGPr0OybS72Qxz8ck1ng3N2vTYNsVWqc4pnzmf7EhDrMMeK6hCCDwobWBitfxKJhbvcf5skW8fwxrYaf0uNi8QwVhuw7MASUiR2BrVWlh
date
Mon, 07 Nov 2022 20:20:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3863
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPPooUU0zV3NeLxKVJru14c&google_cver=1&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18I...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjgzNzk0OTIzNjY4NDE3NTU5NTc5&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjgzNzk0OTIzNjY4NDE3NTU5NTc5&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18I7Cw-FBrkBtIN7I98tcqW3e_bx3LBqZDxG27BLQtiuL7c
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjgzNzk0OTIzNjY4NDE3NTU5NTc5&google_push=ASkJ3FaucSK6G2zg9pw5rOO00TtWyrmEl5NHojfyYZz5LC05bRs9liwa3qFyJ8I2HjNAefXGD0D6KWSUWoa011ekrwyabtUp18I7Cw-FBrkBtIN7I98tcqW3e_bx3LBqZDxG27BLQtiuL7c
date
Mon, 07 Nov 2022 20:20:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame 3863 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEJdZq9yVVPtTxXhawvceQi8&google_cver=1&google_push=ASkJ3FZfLDj1c4f4gBg5AFgBUOCDaODaRhaV9maGWTQHa5jEoreAAgrRhrtKknpOtBzl3oQcQb7kNwS8BlsAxTzuu8GPXqfSR-jDANEi5O6hVGkRNC4TIeuAPPIozRea8Zw_yfWKCRCrg2d9
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.93.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-93-39.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
awselb/2.0
um
cs.emxdgt.com/ Frame 3863 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEH0dAg8F1h5CQeJcvWkQBgI&google_cver=1&google_push=ASkJ3FZMfglFOSeJAjJYzJrjJeXYVzwbgR2EpLAXO5dNnLBtJGL121LinwWaLhCWqPqcR22IBz-SlGHg3V9MeUTfMok-IW104rWu30LeUdk-W4QziiJrtLQTJGXeh6mHND3RWJH93REyfCwU
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 3863 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8H-aPmR7hGDbGdfKM97SrSwOt5pmKq4OPjiNAJNupxlX7b3aMoSZOtwqOrEClDZDK601IyQ
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6B06
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENICDaabluQzexsbjuvPOv8&google_push=ASkJ3FZ5KPSA0ME_6GAz9SCBYxAtb4j16uTTYKIgMJ85GiQDM8_6huK4D6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENICDaabluQzexsbjuvPOv8&google_push=ASkJ3FZ5KPSA0ME_6GAz9SCBYxAtb4j16uTTYKIgMJ85GiQDM8_6huK4D69GQY2u038iIDOx_gZ4BDDuicrmyIncjXHpmRMqVaI
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230101-FRA
pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1667852417.350394,VS0,VE173
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENICDaabluQzexsbjuvPOv8&google_push=ASkJ3FZ5KPSA0ME_6GAz9SCBYxAtb4j16uTTYKIgMJ85GiQDM8_6huK4D69GQY2u038iIDOx_gZ4BDDuicrmyIncjXHpmRMqVaI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 6B06
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEF3MTfjHmhfx7hnflehG-_E&google_cver=1&google_push=ASkJ3FZDIR2y2zgP0kK-sSH_kAuMuKrvelYhBUKcD-pBAOlboJ4Jemxfx7-KKooQWAgNLX64CrPltRuEOB3piSXC-unUfgsgMtUA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=277A72B4EF4540EABB197973C60BF197&google_push=ASkJ3FZDIR2y2zgP0kK-sSH_kAuMuKrvelYhBUKcD-pBAOlboJ4Jemxfx7-KKooQWAgNLX64CrPltRuEOB3piSX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=277A72B4EF4540EABB197973C60BF197&google_push=ASkJ3FZDIR2y2zgP0kK-sSH_kAuMuKrvelYhBUKcD-pBAOlboJ4Jemxfx7-KKooQWAgNLX64CrPltRuEOB3piSXC-unUfgsgMtUA
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=277A72B4EF4540EABB197973C60BF197&google_push=ASkJ3FZDIR2y2zgP0kK-sSH_kAuMuKrvelYhBUKcD-pBAOlboJ4Jemxfx7-KKooQWAgNLX64CrPltRuEOB3piSXC-unUfgsgMtUA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 06 Nov 2022 20:20:17 GMT
google
match.adsrvr.org/track/cmf/ Frame 6B06 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE5FJRBuCpDG4hHGjsntBCs&google_cver=1&google_push=ASkJ3FY8r7pcPMTZ1WxL434mia9eFYLc80sJm3V1Bgp3gDtiXVZLw3-3R0pAjw1mZvGMYsxDQd8u-_fhr1nfd7vhd9KCuIwj2XM
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6B06
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPjzh4CAp0ncsXnmXTNc2CA&google_cver=1&google_push=ASkJ3FbyxgN3rrTGtCMQMMdHDZ9Lya1XkKQRf4FtWRijb56bogJjCuo813NkewbDRibcxEtnZfHKa4tsXgK...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ASkJ3FbyxgN3rrTGtCMQMMdHDZ9Lya1XkKQRf4FtWRijb56bogJjCuo813NkewbDRibcxEtnZfHKa4tsXgKenbT1-btwzqPTC9Vw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ASkJ3FbyxgN3rrTGtCMQMMdHDZ9Lya1XkKQRf4FtWRijb56bogJjCuo813NkewbDRibcxEtnZfHKa4tsXgKenbT1-btwzqPTC9Vw
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ASkJ3FbyxgN3rrTGtCMQMMdHDZ9Lya1XkKQRf4FtWRijb56bogJjCuo813NkewbDRibcxEtnZfHKa4tsXgKenbT1-btwzqPTC9Vw
Date
Mon, 07 Nov 2022 20:20:17 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
dsp.adkernel.com/ Frame 6B06 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEORcGpE0lB4zsbbSPnrllaM&google_cver=1&google_push=ASkJ3FZ9kzN6-8CUUic3QRZPIUhn7iICyeNlEdROLEH1_yGCevC6NYZ8klfCiFVzy8rFLEWwA5n_fLdTn1gOveVKIyj8KhjL_479
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:17 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
0.gif
id5-sync.com/i/495/ Frame 6B06
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEDLkgvessFW-E1BCcP7Rgz4&google_cver=1&google_push=ASkJ3FYOfUubSygzkfvHK0gFlTK7XHMmPbPGtpfYsQOzyBS7bgNsh5ECiCv_4n6119-_qyBo1KLD6a1kqFp5xtH-nV_NhQYj4WmE_g
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FYOfUubSygzkfvHK0gFlTK7XHMmPbPGtpfYsQOzyBS7...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FYOfUubSygzkfvHK0gFlTK7XHMmPbPGtpfYsQOzyBS7bgNsh5ECiCv_4n6119-_qyBo1KLD6a1kqFp5xtH-nV_NhQYj4WmE_g
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FYOfUubSygzkfvHK0gFlTK7XHMmPbPGtpfYsQOzyBS7bgNsh5ECiCv_4n6119-_qyBo1KLD6a1kqFp5xtH-nV_NhQYj4WmE_g
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6B06
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_cver=1&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_u...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_u...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_ujHJNgF18hhde4MzM3ZE39On&google_hm=d1FKZWdzc0F2SmN4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_ujHJNgF18hhde4MzM3ZE39On&google_hm=d1FKZWdzc0F2SmN4ZHhhY005R0U=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbUI0SEGmrZdLURYNfsjS1CvIJipGyfTbLUumIBkA9kNG_izo2o5QkeXare52G9cJl8IPw_ujHJNgF18hhde4MzM3ZE39On&google_hm=d1FKZWdzc0F2SmN4ZHhhY005R0U=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
240
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6B06 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMk3VhIaGrbwVF5u520bLgdB6UR99SH69osnzExSOv-qWMAwiswKJRoYJVvhBfvRj-sQoMz3g
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 0731 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22f0b4fd60de384916b6b6d9b8d3057e6d57ad772774cb8a37a5dcc68114cdec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2828 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e94d83dd860763fa662738c3a26121ca1cddfeb45a45a0a99c053b408052aa4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C11C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63bc51e13b7a75b9181829108d2553d355ace231defdc12da8ad18c98d4c8b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5416 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Tue, 08 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 30D9 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
412fdd2c371a2aa42756c6a0dd154016a76e81275d0ed2c4117ed0c5e5c6b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5416 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEj_umwCr5DCjTFGHWgjVZ0&google_cver=1&google_push=ASkJ3FZIrbBz7yjbHPTfezwxHhiwvs_zFHYfdsjwa2FPtmqZPHvZhi6zBY3IxnyZ7cWn5ddjWdtfw6Y8qgU_lS7iqjjIDhml9CVBzQ
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 5416
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ-Rhd0LEOtf_szsv_3-Ps43atONdCR60As956VdXN2gW1ojOiRimmXEz0hHO8ezpcrxkvZdxb8kbZs5hje_euEKWHqh2gecg
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=68K04zGQTYqW3yk-8nMcHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ-Rhd0LEOtf_szsv_3-Ps43atONdCR60As956VdXN2gW1ojOiRimmXEz0hHO8ezpcrxkvZdxb8kbZs5hje_euEKWHqh2gecg
date
Mon, 07 Nov 2022 20:20:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5416
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKXgHhpt4PUEAdKGypQFSuA&google_cver=1&google_push=ASkJ3Fa7tIoX9Obvsf16aLuBQbatbsje_Xne3CNU5duRFZpg8k6lRxwJSyFfC63SUoD4YXlt0E_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE3ODlMUEEtMjQtMUtHTw==&google_push=ASkJ3Fa7tIoX9Obvsf16aLuBQbatbsje_Xne3CNU5duRFZpg8k6lRxwJSyFfC63SUoD4YXlt0E_eyLVE7TC9vTtbZ5f4jfS_NqialA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE3ODlMUEEtMjQtMUtHTw==&google_push=ASkJ3Fa7tIoX9Obvsf16aLuBQbatbsje_Xne3CNU5duRFZpg8k6lRxwJSyFfC63SUoD4YXlt0E_eyLVE7TC9vTtbZ5f4jfS_NqialA
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEE3ODlMUEEtMjQtMUtHTw==&google_push=ASkJ3Fa7tIoX9Obvsf16aLuBQbatbsje_Xne3CNU5duRFZpg8k6lRxwJSyFfC63SUoD4YXlt0E_eyLVE7TC9vTtbZ5f4jfS_NqialA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
sync
dsp.adkernel.com/ Frame 5416 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEORcGpE0lB4zsbbSPnrllaM&google_cver=1&google_push=ASkJ3FYABYp3Pfg4M2gKLvT5Cmza0iuFIF4jyEsrnQ8oxyassmMa_0mwArQrlTcJQCv8uZI1V8H64hfomXSzGz__blQ8kHgIXXm0KA
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:17 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
/
cc.adingo.jp/adx/push/ Frame 5416 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEJdZq9yVVPtTxXhawvceQi8&google_cver=1&google_push=ASkJ3FYaahjQr_3wpJJAW3s0IZO6_jHg83WS7u3j9W3MLYZFpYR7wpAm0gD2KnE-iZW3y2L6wArWaKLiCNogJnr1AiX_JZmfhR0Quw
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.93.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-93-39.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
awselb/2.0
/
onetag-sys.com/match/ Frame 5416
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJgOGNQw-IoEpXv6W7e1LfI&google_cver=1&google_push=ASkJ3FZeJmnuxjt0lxoDHUkQrcH5GIQKklVWcKd2oXxEjzq0I2KG_bdDTBFoyAuwwFY9Gc52UZNhzQwTUAO...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZeJmnuxjt0lxoDHUkQrcH5GIQKklVWcKd2oXxEjzq0I2KG_bdDTBFoyAuwwFY9Gc52UZNhzQwTUAOVZdzGklJ004HyqA2ANg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5416
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_cver=1&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5s...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENCjsWH1Lx0PkYt_B92szRU&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5s...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5sNKvwA_twBZmpuYZzmWHSVO-Vnc&google_hm=d1FKZWdzc0F2S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5sNKvwA_twBZmpuYZzmWHSVO-Vnc&google_hm=d1FKZWdzc0F2SmN4ZHhhY005R0U=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ64gJBIdpsiulKzRphyaLz1zBEu4gPqFSwf70d313Aok_MvpOJK0wzSrHw1uf6eRrUrkC5sNKvwA_twBZmpuYZzmWHSVO-Vnc&google_hm=d1FKZWdzc0F2SmN4ZHhhY005R0U=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
243
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5416 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ji9YWaCCDUQ1gFpB9zYRdqZ_Fh6sj1uggN0N0T9kTf3Ww49aEXmDJOz1kpNW4RDsS3hNqK1qk
Requested by
Host: 3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4695 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4695 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4695 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Nov 2023 20:20:17 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4695 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 02 Nov 2023 20:20:17 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4695 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CZZWtzmYDt9TqtwzdgNM_JClOpyAMyxi_d86omAVt6Q3xp7ufbvOfNAluKycqekBMSsHD9FxqtJpWAgd9gvhQ7S7f42XPHS5FOVodTU4OxOVrSUEC89GPRVHOaZO6GgEpp3-snls6r6XPaOn32HgQwKU0HW658uAH0QjJVA5sZF6hwDIlR7y7VUjI_DWb7DAqh0zny6e4Oj1jw_H7RLMdEF6a37hKfanva0kACY6bURodUtb2D-Q8z_rtgeIAQfLpsPbtjCsIfa0VlAvGKBe9dDms-xaioCXEsk7bG6Y3V3uaqLiSHWiFDuRb7tqCRREXvo4DmHCpDrtf9gerqzYyVOtT6MZdbv0Gsi_r8m3USWi6TE_BJW-xeq28TwYwjEd8W29ycP0H-Jx7VDaN_8SYu1xFHal_iN0v7KV7Btqq2BH9KIj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4629311
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 4695 		44 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1667852417
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
DYugWZe3jNQEJ2ZB6Dk1yTNTz35ET_CRzN1dgda1DCDE_cvaZ_XFiw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 4695 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
img
pix.eu.criteo.net/img/ Frame 4695 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30189897
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10911
expires
Mon, 23 Oct 2023 06:25:15 GMT
img
pix.eu.criteo.net/img/ Frame 4695 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoCapgemini-Digital-Engineering-and-Manufacturing-Services-231575DE.gif%3Feb%3D1&v=3&w=400&s=1T9UF-vptHAda8jXRX9xXfKK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=757768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1544
expires
Wed, 16 Nov 2022 14:49:45 GMT
img
pix.eu.criteo.net/img/ Frame 4695 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoVolkswagen-Infotainment-GmbH-148893DE-2108271431.gif%3Feb%3D1&v=3&w=400&s=bb3_IoSR0ZYE9ihBnWN-mwnE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a7e8227efd35d01dc33f80ade6cf28dafbde7e35ad8c0c203b85fc11d2232152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1916
expires
Thu, 02 Nov 2023 20:20:17 GMT
img
pix.eu.criteo.net/img/ Frame 4695 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=899414
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Fri, 18 Nov 2022 06:10:32 GMT
all
csm.eu.criteo.net/ Frame 4695 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OIANYyuHBZM0SzmXSxnLyMgk3ktSog0IuJw4aU6jb0xQQphM3sQnNV5vYkCrD_DivD8HBqNLZjoJFV0S-pRIHH1TYsxquNH9QYhZgeeuBCe6dMEN5ykxODGMMk_AeNfkbHiOBKyNteIMvtHZPeJgiE7Ya7v-0yEJLdyh6vDHNcHEM_ADH2VsTtSP4y2hcgxcsuEOf4BRXapQ-K3RjFYlVKPOGCAh5ZIYRBePKm90DuDV7sqwBd7p_B3jM9-J85V1GBRmtw&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4695 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4695 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8E09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8E09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8E09 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Nov 2023 20:20:17 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8E09 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 02 Nov 2023 20:20:17 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 8E09 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=w7sCTXyB9hrfaY7YMBZvZt17b_FYLjmUJwrz3jQvZHBrpIIHVCMbxXuw21xEA7lzpNLZn6lm7byFMz14B_U4r7p5rFj1ICoOeiViCAfLiY7B0SB1sYyaZIC1mlWrfNMnEFVFH8Im_6KbGLu_z2zSdsE7Ey1OtR3lsHTShWdVCK3sqM1j0KyisMaILjFCXIPqMS9PHS7EaI-JdGs2z3S_mhF0MOkhruPHCuhkkglqexX9aSJne7vFOcgz8SLQfKQe6BITuCvDMNJWFmGtOENzowjJLM-0Jw2bqvunJZp8Cg8iCw2f8OF0pvA3NCymVvQxiIGMEuvvcdUEJ8klZfIFHdvC_HDJbe6gXkjhk1CLXq2n47suM88jCquIDS5Ciqrt7tY72jLrJO5WCuKbn70roW7uadfOTyEouf0AiAnFLtLXndon
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4065684
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8E09 		44 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1667852417
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
VztEF-u4FK1-DuKuN36jpTE_HXUQtVHzKc5kZYZf3W7VsRcfyo0x8w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F9D8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame F9D8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F9D8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Nov 2023 20:20:17 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F9D8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 02 Nov 2023 20:20:17 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame F9D8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Tf8z8KakDsbZ4BraU9MWJoTlYqCG9uT_bSFn9TTGvJlysqyKi2vFSjDx4bS4ym_1jx_5tXDzdxLllLrKmSz3_RUMsFoCUxS9bgv6I3d50bQt8V5XuFKMqxII8XS6sASiAGVraTLZlwWchi2pSNRdL4vTSFhlAmbp6JrDr2ZyGrp4c2P-BxqueznEyb_Cadf_0suUHxB4wYvjDx2yO2vxeFgchTgm-p88YV2dXTyrdJ9JdQZl2r5Mf_S4UeoyuPEWD5wLZl4HprLEwErpOMGfIUclX8mgs8BRUMeYOhoBRZ7oca6-07DHp_cJu3kvfBbquSkp3hjyW2FeqE6gf5H4sEcZmE_pRo4LW797Vg1EZLsTTp7FbWlcfB41x2ziKVqv8RKPDLjywp7wMvQvN2I9l-QtUpH6ezdhfQtifzyPFFJYoGVE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5413218
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame F9D8 		44 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1667852416
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
qPL4Oh7XmR3bgHTMh_3r0lCr9Ra9l9QnT9wcSqlmy55eKUq4Q8H0aQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 8E09 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
img
pix.eu.criteo.net/img/ Frame 8E09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoCapgemini-Digital-Engineering-and-Manufacturing-Services-231575DE.gif%3Feb%3D1&v=3&w=400&s=1T9UF-vptHAda8jXRX9xXfKK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=757768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1544
expires
Wed, 16 Nov 2022 14:49:45 GMT
img
pix.eu.criteo.net/img/ Frame 8E09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=899414
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Fri, 18 Nov 2022 06:10:32 GMT
img
pix.eu.criteo.net/img/ Frame 8E09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=668&s=RzlXPgLWe7UusCNVxlt4lCp9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30189897
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13859
expires
Mon, 23 Oct 2023 06:25:15 GMT
img
pix.eu.criteo.net/img/ Frame 8E09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2Flogoeos-uptrade-GmbH-32731DE-2009111208.gif%3Feb%3D1&v=3&w=400&s=fi4YOzfB5gFrMDSIhiNKUnHt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ef84ae85aa4b2bdfa8c54df1dfa159a49706e728ebeeafa3d0b7094c6c2a890c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=727865
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2256
expires
Wed, 16 Nov 2022 06:31:22 GMT
all
csm.eu.criteo.net/ Frame 8E09 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=7NMX0SuHBZM0SzmXd9h7hqE1rQwQNYRyckKDh5FK1SxO7Oc2N6fb-3Kw--ao7en13JdF0SfUF6JJYLcjpjavSbfqIwDkAYcHTRdMY0oL2QBvSDKbZxr_MfilxV6dMm8ViZV-_4EJl-1ZZHM9ibVPFE3QBl4x0llqFfbGJAebvEw_k8KdOAWoQsvs3LeRoyjLEVsjAg8rDNPQjMY9re7RhaPL9NwT_2fBVN-z13MviTZ_3kMPsRt0IwoMdw6h2-F5sHJHFg&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8E09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8E09 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
animejs.js
static.criteo.net/animejs/ Frame F9D8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoCapgemini-Digital-Engineering-and-Manufacturing-Services-231575DE.gif%3Feb%3D1&v=3&w=400&s=1T9UF-vptHAda8jXRX9xXfKK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=757768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1544
expires
Wed, 16 Nov 2022 14:49:45 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=899414
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Fri, 18 Nov 2022 06:10:32 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=RvgLKdjxsCa071ptabsHOAat
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30189897
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11301
expires
Mon, 23 Oct 2023 06:25:15 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoBundeswehr-57119DE-1909271352.gif%3Feb%3D1&v=3&w=400&s=-_uZgdsO8R-26I4piLBqsvlm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e45d13ca7e69af031f470855d125c93f8ab8f95999a6c269b52ad8656ecb8d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=556951
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6736
expires
Mon, 14 Nov 2022 07:02:49 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoRatbacher-GmbH-46710DE.gif%3Feb%3D1&v=3&w=400&s=f4eG8R2wWDnzryQ3uVHpVVLj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
adbe941a66b1fc0b0858f6e3fb85fbd6af7e25ea616b3f34a80a0868fdb302ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=657126
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2080
expires
Tue, 15 Nov 2022 10:52:24 GMT
all
csm.eu.criteo.net/ Frame F9D8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dq3h4CuHBZM0SzmXCXnZVXatazYgRth_uh47XdbXQkqSUdbqEar3rc_TNn0pWifoczlZEtUXXcVaPLZDQvf53J1N7TxUBcEREDT18pa3_aKK-Vr51yJLjNY6fDXB9BCgF0SQ4fAbnVT92J1xPHAxGUmecFDQe9Xvf6zThf_a2L2jxTQDM8YC4dE05gaqXVu63zWXkeD70yYxdjMVYXwqV2a0a-bT9kLIXXZ9YlfwVRgjT-qgnXUK3SkjzEYxFEzzO5WWaQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F9D8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F9D8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Nov 2023 20:20:17 GMT
img
pix.eu.criteo.net/img/ Frame 4695 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoCapgemini-Digital-Engineering-and-Manufacturing-Services-231575DE.gif%3Feb%3D1&v=3&w=400&s=1T9UF-vptHAda8jXRX9xXfKK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=757768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1544
expires
Wed, 16 Nov 2022 14:49:45 GMT
img
pix.eu.criteo.net/img/ Frame 4695 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=899414
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Fri, 18 Nov 2022 06:10:32 GMT
img
pix.eu.criteo.net/img/ Frame 8E09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoCapgemini-Digital-Engineering-and-Manufacturing-Services-231575DE.gif%3Feb%3D1&v=3&w=400&s=1T9UF-vptHAda8jXRX9xXfKK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=757768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1544
expires
Wed, 16 Nov 2022 14:49:45 GMT
img
pix.eu.criteo.net/img/ Frame 8E09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT0JHUiNAA2n550SOfIM1aTWwuyb1g&u=%7C%2BCBSyjrcfGEmLfCPEA3UWzmgetRetAtqdQX7NgQJHlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeo7Xkzl_-qONzvo5OuAh8Ww7JBt6KMD9nmDWZ3BRcLc5zUPMSr24DbwH4ymRZKnzFg7J2qqqoMaSRj535OsZHAfhFlFhxnRoiMSLsijyPPyFpL_wHh6x4G-ra49hcJwlNuSi9vXq6_FyA-KVbfEYsBP8EfEzsgO3vydz2JnJDEqD7O1YhDGkRSYBbOtsM2x__-7uu5vFesaZdje05tGGCoZwB8MWN0FwCaWP27kVmbVuTTLk74Ix4A3r1XbZy-wZax6sTu1PgzcFc7BfmsoS7cLp4DuKHZo0NSogZSUqQ_kez7LJlCFtkTEzCx6I76gRMWlpnREjILjbFBbL1NfQFfdIpfC2zKRx95g_CvuDM_lewlAB26e7Hokn1tf1gEMtE1-05PftdHh3hTwYqmTyYGyILgAMWejdtU160yh5TwwdS5AtBOEIWPmm38YHksnGGcVM9OsvOvlyJ173HZaQocZM-Y5jvh6Ee2BYB7yfCWq-AscjCfz4NKcoRLn81uncAjzMty1HdR6rOBxcyK7LkM-v1FrarmwgIZWZ_ZLBI3AalcFMWTU2OQk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAdMogGhpY73iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgShAk_QKFgyJqPxAY7y3ZFdSEeXyQPncavmBUhsH3cFXkCqkQQir3RDcKOb5MmleLVRgWNCNO5v-5f_DFZXBnYBkHKy6cCUuckYRRARG1QyFxEq3DHiaGNniChvH9D7Nxajt2FGFlrjTo3vhCGdnf6BOpU6a9XAk7s68RkeqxOvjS9DsGX-VgqhXEgt7tgwwgP6Ks6aC6Ei1cIVk6z3sJMEGo9afdd3cf5YQfLj8wMepsukI_3pLwYa_5GMF6qDtjjfXuayvhdv2XcBLGKC-vtKZid-xzFgL59rVshYHHAOnlmqIMNFx-FnNM77zYFCsXuBUapWyEafUfs9xR_96b8NSZqDy6i9jTpjRddF5_YHVHXZAKZ9BqojlXEPnvyUjhU05eHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1s8of7c-xG8tQWJMMNHR6FPec-MA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=899414
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Fri, 18 Nov 2022 06:10:32 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoCapgemini-Digital-Engineering-and-Manufacturing-Services-231575DE.gif%3Feb%3D1&v=3&w=400&s=1T9UF-vptHAda8jXRX9xXfKK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=757768
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1544
expires
Wed, 16 Nov 2022 14:49:45 GMT
img
pix.eu.criteo.net/img/ Frame F9D8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=899414
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2640
expires
Fri, 18 Nov 2022 06:10:32 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 30D9 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 09:03:51 GMT
x-content-type-options
nosniff
age
472586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Nov 2023 09:03:51 GMT
PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
pagead2.googlesyndication.com/bg/ Frame 5BC3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Requested by
Host: mj201.xyz
URL: http://mj201.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16184
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Nov 2023 14:03:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0731 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8j0mGTq3h1DRozyxp8YIUd9nJ7cvsc_cWcH1a4-zAWvVGObPTyq8FKB3_MipkIoWYk7S4uozzyxO5CWEMu01jJs0&sig=Cg0ArKJSzK4hHDoYZdyYEAE&cid=CAASF-RoVguVl8TBqHBfHu7NrT-3ihpD5m4a&id=lidar2&mcvt=1000&p=193,315,443,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=765640834&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667852417084&rpt=328&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 4695 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OIANYyuHBZM0SzmXSxnLyMgk3ktSog0IuJw4aU6jb0xQQphM3sQnNV5vYkCrD_DivD8HBqNLZjoJFV0S-pRIHH1TYsxquNH9QYhZgeeuBCe6dMEN5ykxODGMMk_AeNfkbHiOBKyNteIMvtHZPeJgiE7Ya7v-0yEJLdyh6vDHNcHEM_ADH2VsTtSP4y2hcgxcsuEOf4BRXapQ-K3RjFYlVKPOGCAh5ZIYRBePKm90DuDV7sqwBd7p_B3jM9-J85V1GBRmtw&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsT4JHUiNAA2n5_SUstE3xrY6Skr6vA&u=%7C%2BCBSyjrcfGGxMyJExL9fxtnnXcU8G8OUVhUgRQWM9cA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZGRChAuyN_oaMIREaxYBbe8Ghhjb9vKRFNMfDLsDDebcN3Nxyt5AH5WwtWlsr2f7eMEZ97kIoy98aOVt6XzCbajwejsRDYo_WKqmxvhNtP9nuKOE-5fuKTiIoJd0k_O575CFUSGYvqWVvtJ9Oyomu-mHI7iM_SmfUK3LHTmKhpfBy7wJseGDtDZYgWF2vUn0xB-1mQuk9DTPcLCaX1lPMbXBU5re-F4sFSB_e6AO8eZP43o9zHFUIHle7x0TZiOvT8Avgtw5mLFPdoUsR2dFBX-BSH121UuvFmMITUFb2DNGg6V2Q0kBy3UQmAyLsxhgkJzfXAJp3P_dO4U2l2wNumoY_9mW1syP1OATh8qSf50d_XrOM1wzt-qpXrMWSgBgEUqdppiS8-z38odI61mX_FfsuKIUHivGFIBmfYY8XNX5zzkKxvgilFBsPh6j8C7wqPEO8X3s9PNp59T3V73ziz9E9HHdOPofyMjM8PbN3de_9f1Zw-cO_p28zveQzxc0xb5gJhQ_HAIrwk-GqSBpvb9klFObq2v3mCbBF3LD8rbU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_nP2gGhpY77iGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSeAk_Qh9XhlOKDc_3orj482dh07-LAuKP7qU7rabk1s7Wzi5kxOpPph-xysgphJ_Z7LeiPisBZtuiRSTP-bt3ckB2LUXvWxzGWnQsnTtf4ivKXBqGmQpiebYLoxXGj8e2jrH7oAfdirkU86DKfSe8KP_l-4xZVajDxDY6UnX_fhYAD5MMPnYOJtFSAYV03KTt7QrnIgCOHyJD6cWsXSSlmujcowCa5NapVNSBXdTVDUmbQTeGrZTUKA_2_28_khWLdbn6YPY0hqVni1DvHMyWQCDRjVSJ8YDzKxaiSOoAJoM1o2Y7elU42HuyYt1lCSi0ueI1798-hKHlotWegw2Dgb6wLWlI2id-JXxo-UXI3FHSr1soR8fTxera4tgAbo6jgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3GVxTgWlj0MAbSCJakJ8qk-r57yA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame F9D8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dq3h4CuHBZM0SzmXCXnZVXatazYgRth_uh47XdbXQkqSUdbqEar3rc_TNn0pWifoczlZEtUXXcVaPLZDQvf53J1N7TxUBcEREDT18pa3_aKK-Vr51yJLjNY6fDXB9BCgF0SQ4fAbnVT92J1xPHAxGUmecFDQe9Xvf6zThf_a2L2jxTQDM8YC4dE05gaqXVu63zWXkeD70yYxdjMVYXwqV2a0a-bT9kLIXXZ9YlfwVRgjT-qgnXUK3SkjzEYxFEzzO5WWaQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2logAAGsTwJHUiNAA2n5_S1Jjqy6Wq3DA3eMg&u=%7C%2BCBSyjrcfGFsJBrZJWrhlT2%2Fyzn98%2BObpf76qt80meE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY0_-Omnr7SCgGlbsvDHnj7RLQclDk4M5Iir6Otq6Khgl_Guj-vmg_QC9DTHTck95RVqV9UZCRoCJ-gQ88ToUkp9X1iB9lIfA_4Lc54qepF77iKeZlhVDY6JL2_LlPlQz8Swz35uLFVBGK3k2S2JjrCLtFjf9CVHRwq3ax7902LTOdxFMvKpuJ-87Mu_R5Nlf_FzulQiAZdg8rSLtwG0cuvLF7fRDF0v3Ncp4ZuMRes-fT7vSUQzRIG36cNuCgUl9IYuFDrF8zCI6BKA4CkiGiJ4asxhAPdce7VSGnplnFED8Ve-oXCIaN0S2j9GpIgq7DRzOfBqs9r_VFYU4pDQ4qFdHoEYUclmSdQIwbGexUuHtbw1bmt9wGgUEYgvcpyTKLnwfe5d5BLITdZn7WMNh0y5fsK50qRiYwyHHIGrbHuRoqh154jmE_Ed2-yUDoTd8U0PTfDcTI4NrPvI-4M_zjAlmcdLwxALorjgceuII-0PGC_q3kma6rg2R1_BZQo0Uko9_bRC4XHB58F4nmJ2uRaYavmWjVvdD8Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTA2egGhpY7ziGo2R9fgP58-2sAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQmpAv_Y-MQbxrA-4AIAqAMBqgSbAk_Q558Qv7hVCpOpXMDa4Al1GkmwclJOHv-g_IdSlHZsKeSUQv0giUQF1vfDTLqnoqB4l5B8qcLJwN3-NEjbUmWvKj4btLP_vxubbXcYUf6Amo9LsZxDqpevFmM0nIpKXP1aiJ3zmS--4SB1qtrZeGDuk1PJl2R8NNYx-3LYCu1HGDsykwqAc2ACOocuVGAdxXQlEO2AjKkw7tEjVWlrv_nZqnjZYr9JKG0ZN9mfxLG7q2hxSAvHda6Scoqa5i14KHzZIL0MmhgJr9ykgPojaUS2dQPhhh6KoXqW5VE0AdHcauOswAGMGCy6OK2QDdf9-66nfktsR1g4VWlhOoZDlaRtGMr8F5YVltCBlAppMxqYO2hb0Hy2y1xj-8fgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RiumMKXLSBrUHKqllIcp3sxBI2w%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Nov 2022 20:20:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C11C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKyw_56YvQjyYyx7mGxWkez2UBrjLHbD0HAUcYA_lZgsm6NVp_XsrgGFn6xtz2WSCy2DSkGS-HngIXOqBdkJWCXLk&sig=Cg0ArKJSzLrUJqDri9D-EAE&cid=CAASF-Ro2iogNiueeZFec15Vv46mPVdokG91&id=lidar2&mcvt=1000&p=538,1250,788,1550&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2236014936&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667852417098&rpt=591&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3gK6dAFt2iV1WYByuLjkaEB5AbqvF_rx505j_yHDk27NB4mUKQRyd7V8iiqt58IYhEA8X0m8CdtLJ7cqB5gemdtD17jQxGuTRBEx4RhbEd2bwsfAdvK3mvAc1oHqiC8As4gcfGNjf7M6paAlm7P7lI-l_zkqFv-puGgZl54sbWkzyRIaxCcQtt9V8GoQEZnBTMh9LEQA9kwbVhszsqzsW4aRAQCWiC-9pkixsukqEwKVV6cLkfgIcYiuDn9IXC42d0yVU_TI7dBU96ANpbi9rKSjzMg9sC9Bz5jO5qFt8856rynvs1gZKMg0G_lvL4dYqae0bS-FocAPkvYgNyEpBpJDGnr0DbBILntedMbuuNZGcCuS2HW6hUkPY-GDXDpvrWn271FBPyYE5V3u3LOASEFYutQT1yOAJCudWLGB8q4VEmFQ0HzEKXh2hfdnAB6hUiX-57JTTMiVorkf83Ko8psF27ddweXFAcQNXVvyIaWI0jrwFujRfs7EWZRMt9vuyJ9h7qjUTC8p7JvPTN-P2SthWtfo-TqWhs6LwoSlyv4ozVngQRYvoJJNhNsb3gH8ymqTiwzHyxhm6Zdjb-qtMrgOpOBrc2xObGxdDuC85lHQzC-Dp6dam148QNE6p5o3tBWo0tXWe3CMHrUtwokqZuwgpWhuNmYQj6zsr7y_WmMuC6bXCeuhOFiJinb0h-Dfdfkfz5Unak5ZAL-yp8G0SjLL60WYyaz0IJEWLwDvsfbGy8KUTFL7vjGnqiquynXiKDJkH1Sh-_PxNkn3s8zpDYgcNVtQjKacoPgRuAnsdqrVlANwyqLKTAtVu4nXnI2O_ZvnuuXth17ms_tHDVDsTCOENEgB04DpSY52VyxPtWCxMF0plRhd7Qpu2JbJo8Y3WWF4L2sM13xsM8yq7DVPx0owjE_eGVjNK5IAl5CL01N3QhM2X4OBAvbdHSxqoh6_BQ_-OdTwnRk8SVnHqGCLRy62lLJIxpf1XXjWZA_slIz4LlgdulpjBBWpC6Mpcf5GQwmMHcdb4aZeNXkoJX4ldtClWTGafQkUWAiEkuj2_zlQw6Le-cq35-EUu-DIbAec1tNj8iBP1Px-6M6QLttn5x2pn5Gygb8Qng80ay6Z8_XFOiOmJmgqas-ach2TqRwHCWuqkZGMrB_Cfent-ytQ55cehMo0TfHwHCpnz4ODiUOcVp35VaULleg1jpt-HvZmf4vYS90e8SJn1skkgNNIkNA&sai=AMfl-YTmPKLNwaFyJgr_-5d8FjAAdHf6FLIYwwVw2hKLpb047DLt6R3OLoYZyS-ndBTNNKN1w4T_z3RpCOzvXpuO1-kivGC3mAZUICIW95gWROiijUxDyD0hbXeXHW9DZMLu8jw--DX2R8LfQPE&sig=Cg0ArKJSzPHHZQIWDceOEAE&cid=CAQSOwDq26N95CZGov9IEhxDyKAkJrt7UvsYqdbHf9W0Hi4QcO2PH_ibUQqCBDTW7zEagcN4G6eWZ9P9-j9bGAEgDg&id=lidar2&mcvt=1007&p=1110,436,1200,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4269102928&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667852417104&rpt=634&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B988 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Nov 2022 20:20:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame B988 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed8555c0204c25de7313ed8db9dd332309bf5c2809b6d37513f440de6040ffd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 20:20:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Nov 2022 12:29:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58091
Connection
keep-alive
Content-Length
9885
Expires
Tue, 08 Nov 2022 12:28:30 GMT
khaos.jpg
token.rubiconproject.com/ Frame B988 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Nov 2022 20:20:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=themediagrid&gdpr=&gdpr_consent=
Date
Mon, 07 Nov 2022 20:20:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm
us-u.openx.net/w/1.0/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1667852419407
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7658201123
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7658201123
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Nov 2022 20:20:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 20:20:19 GMT
etag
RX37ef8bc640544aa09884f0b112b5b5e5003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7658201123
cache-control
no-store, no-cache, must-revalidate
expires
0
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0858220403190b51880f5d1d&expiration=[EXPIRATION]&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0858220403190b51880f5d1d&expiration=[EXPIRATION]&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0858220403190b51880f5d1d&expiration=[EXPIRATION]&gdpr=0
date
Mon, 07 Nov 2022 20:20:19 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B988
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3HoduOgkQeGAXByAMl0Rsg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3HoduOgkQeGAXByAMl0Rsg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3HoduOgkQeGAXByAMl0Rsg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 20:20:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GNV2RPFQP8JWJ5JG1NC9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3HoduOgkQeGAXByAMl0Rsg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame B988 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame B988 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B988 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Nov 2022 20:20:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame B988
Redirect Chain
  • https://sync.adotmob.com/cookie/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=%7Bamob_user_id%7D&expires=1
date
Mon, 07 Nov 2022 20:20:19 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tap.php
pixel.rubiconproject.com/ Frame B988
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=10caffe3-fe32-4cc6-b5b7-5fa2c1ff9ca4&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=10caffe3-fe32-4cc6-b5b7-5fa2c1ff9ca4&expires=30
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=10caffe3-fe32-4cc6-b5b7-5fa2c1ff9ca4&expires=30
Date
Mon, 07 Nov 2022 20:20:19 GMT
Connection
keep-alive
X-CI-RTID
59156487-f8ff-4319-9e42-8289f0b23f98
Content-Length
144
Content-Type
text/html; charset=utf-8
CookieSyncRubicon
rtb.adentifi.com/ Frame B988 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.104.239 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-104-239.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 20:20:19 GMT
tap.php
pixel.rubiconproject.com/ Frame B988
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rubicon
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=6010a07e-bb84-4e34-845e-21431c5fe42f
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=6010a07e-bb84-4e34-845e-21431c5fe42f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=21c9831b-1d46-403d-a37d-35f817d18116&user_group=1&ssp=rubicon&bsw_param=6010a07e-bb84-4e34-845e-21431c5fe42f
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=6010a07e-bb84-4e34-845e-21431c5fe42f&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=6010a07e-bb84-4e34-845e-21431c5fe42f&expires=30
Requested by
Host: simcast.com
URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=6010a07e-bb84-4e34-845e-21431c5fe42f&expires=30
Date
Mon, 07 Nov 2022 20:20:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
8p1s3370r3q56r383p5p995r05553360-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		594 KB
596 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8p1s3370r3q56r383p5p995r05553360-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eda4be2e8f3e525226871fe3f617288474103df206556175b7f1028bab8bdc8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 02:41:50 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
65731
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
608744
last-modified
Fri, 04 Nov 2022 20:47:04 GMT
server
AmazonS3
etag
"f43ecd1425c51180172d02e0f5768be7"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
aHSIaCHPa-Gx2d3WtVz1q93X0jJQ1tp3CtMh24wAkQngv76NQRG6ow==
8p1s3370r3q56r383p5p995r05553360-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		636 KB
637 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/8p1s3370r3q56r383p5p995r05553360-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221028/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61f993ebba2c708b9747ae85de95065514c643fd708d204c0d6d4c69c7a91d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 10:34:11 GMT
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
35170
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
650856
last-modified
Fri, 04 Nov 2022 20:47:04 GMT
server
AmazonS3
etag
"b4d2139968118381c693b7e85cda55bc"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
wnNgGBDuYUtQWCuz-BY-ZGopFN-cYC6Qw8yHqLO0b7uOAnzE8ry_Lw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet object| liQ function| myConfirm function| myFunction object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| plBanner function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| Criteo object| gaplugins object| gaData number| __mobxInstanceCount undefined| __mobxGlobals object| headertag object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_98060 object| closure_lm_968469 object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_6 function| sync16589_ua function| sync16589_4 function| sync16589_8 function| sync16589_va function| sync16589_7 function| sync16589_5 function| sync16589_3 function| sync16589_wa function| sync16589_9 function| sync16589_xa function| sync16589_ya function| sync16589_$ function| sync16589_za function| sync16589_Aa function| sync16589_Ba function| sync16589_Ca object| lotame_sync_16589 object| Criteo_identitytag_132 function| setImmediate function| clearImmediate function| __esp_getUID2Async object| __uid2

61 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: n2654h4dcl90e1rt1k4e3cpnjr
simcast.com/ Name: uidinfer
Value: 66824528
simcast.com/ Name: _uc_referrer
Value: http://mj201.xyz/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
embed.sendtonews.com/ Name: AWSALBTGCORS
Value: 5Y1pkuNx/xspzAsMsN+tw/WSdf6BprfzH1QLkfybfPrsHIQ59pQkLXXh0VQLz9I0xeecAFm41EIT5vfBdIw9k/WkPMBfQ0EzHG687+rhxUxo0E+kV2Shfm2pZ3xqHRQCUiur8rEUHtK76Q8v+zShXsoi5woPHTldvvI/D5RmLj7v2BLt9Ik=
embed.sendtonews.com/ Name: AWSALBCORS
Value: bNPMV+l/GDt4tUyK+d5QqEhVV6QJXGB7qJC3gghk7GHoLRUI3QdkJfx0X8S6a+l4NA6hYsmGsx3jzxc3LGnXmC1WkUuqnhUwUkbfM0ZXzHpCGhyiC7yXDsJ1ILN0
simcast.com/ Name: mess
Value: 1
.simcast.com/ Name: __gpi
Value: UID=00000b7e61dbd597:T=1667852414:RT=1667852414:S=ALNI_MbrDrJnQX14VnIVMw6sI4Xh2aL3Kw
.simcast.com/ Name: _ga
Value: GA1.2.1205011640.1667852415
.simcast.com/ Name: _gid
Value: GA1.2.874475672.1667852415
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
simcast.com/ Name: _lr_retry_request
Value: true
simcast.com/ Name: _lr_env_src_ats
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUkVUTpspmtNf45nkzGQ9VBE6EgyJtQz80LAV0FKm03qzP6qcnI-TijrPdu3DJg
.simcast.com/ Name: __gads
Value: ID=6e3b15de9a9471e4:T=1667852414:S=ALNI_Ma1uTo0XyeD8Pa5vvR6_FWvpBRkJA
.simcast.com/ Name: cto_bidid
Value: IKpH919uS0YlMkZ5eHE0UE12R2RWc24yYnhKTk1oTm1yd214akE2OE40JTJCMXElMkZ6eHRoR2poOUZ2VUtMNHdlb1hOYlhmempxaWxjbWZRbDV1OURWakNVaWZuelAlMkJ3JTNEJTNE
.liadm.com/ Name: lidid
Value: 15591506-65a5-435e-9d94-17c3e17f99b5
.criteo.com/ Name: uid
Value: ca0939ef-7990-4f50-a6c5-e9a1a9ae4816
simcast.com/ Name: pbjs_li_nonid
Value: %7B%7D
.simcast.com/ Name: cto_bundle
Value: x6p5RF9wJTJGcVU1Vk5yMm9MbU5UNWduOVR0aEM0MnozTEpYSjFyQkR0JTJCTGpPUnRKMEM0bEVWRWw2UkRFNDJxR2UwZ2JzbDJOJTJCMEpvdnV1dEVrR1MlMkZIUSUyQmRWUENJU2xGZUJHajZYTiUyQlolMkZJZGh3S09MSTBNdGs3dEk1eXozTTFPbGI0eCUyQlFIUW15Ykl5MUJ1OWw2NkdrNFZUNFpBJTNEJTNE
.3lift.com/ Name: tluid
Value: 683794923668417559579
.adsby.bidtheatre.com/ Name: __kuid
Value: d42adcdc-08f5-43f5-a568-604c89973157.437066417
.adfarm1.adition.com/ Name: UserID1
Value: 7163371585583970457
.ads.avads.net/ Name: av-mid
Value: 0ab49fca-41dc-44f9-9972-17516060a1e9
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.bidswitch.net/ Name: tuuid
Value: 6010a07e-bb84-4e34-845e-21431c5fe42f
.bidswitch.net/ Name: c
Value: 1667852417
.bidswitch.net/ Name: tuuid_lu
Value: 1667852417
.media.net/ Name: visitor-id
Value: 3108540171492641000V10
.media.net/ Name: data-g
Value: CAESED7gRwnYZFCe-sV9P5j85bI~~3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EBC2B4E3-3190-4D8A-96DF-293EF2731C1F
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2logQAGX4RCuwAO
.simpli.fi/ Name: suid
Value: 277A72B4EF4540EABB197973C60BF197
.blismedia.com/ Name: b
Value: 636968810A5A50BB725D8863BLIS
.yieldmo.com/ Name: yieldmo_id
Value: g30df802728636ff136f%7C1667852417559%7C0%7C
ads.avct.cloud/ Name: uuid
Value: 9ec557c1-cac4-47be-92dc-1c7e7eed1eca
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.tribalfusion.com/ Name: ANON_ID
Value: a2nseFP3rT6CiAyPrWjwlTbQIAWUT7cpLWPTy6ZaG4EpYJiPnX1Wd5ZbhiTT9LeHM5al2juYypqUOgJBxRKULL
.zemanta.com/ Name: zuid
Value: wQJegssAvJcxdxacM9GE
.c.appier.net/ Name: _auid
Value: ni1xBLIADXC0YBbigWhpYw
.c.appier.net/ Name: _gu
Value: CAESEEmUiffPmdqb220G05Fi94Y
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-37ef8bc6-4054-4aa0-9884-f0b112b5b5e5-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.casalemedia.com/ Name: CMID
Value: Y2logxj.0ibyAEfIEyelTQAA
.casalemedia.com/ Name: CMPS
Value: 1219
.casalemedia.com/ Name: CMPRO
Value: 1219
.adotmob.com/ Name: uid
Value: 0858220403190b51880f5d1d
.adotmob.com/ Name: uuid
Value: 0858220403190b51880f5d1d
.adotmob.com/ Name: partners
Value: IX%3A1667852419629
.casalemedia.com/ Name: CMTS
Value: 1143
.amazon-adsystem.com/ Name: ad-id
Value: Ay1mVH1o40ZnkOUTVrY40HQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ipredictive.com/ Name: cu
Value: 10caffe3-fe32-4cc6-b5b7-5fa2c1ff9ca4|1667852419821
pool.admedo.com/ Name: tuuid
Value: 21c9831b-1d46-403d-a37d-35f817d18116
pool.admedo.com/ Name: c
Value: 1667852419
pool.admedo.com/ Name: tuuid_lu
Value: 1667852419

13 Console Messages

Source Level URL
Text
javascript error URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://simcast.com/?d=mj201.xyz&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d2046f93c7ff4f1c485b8b3d3d1d75d.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.avads.net
ads.avct.cloud
ads.eu.criteo.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cat.nl.eu.criteo.com
cc.adingo.jp
cdn.adapex.io
cdn.id5-sync.com
cdn.resonate.com
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
code.jquery.com
cs.emxdgt.com
cs.media.net
csm.eu.criteo.net
d15kdpgjg3unno.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
image6.pubmatic.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mj201.xyz
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
player.sendtonews.com
pool.admedo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
prod.uidapi.com
pubads.g.doubleclick.net
rtb.adentifi.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure-gl.imrworldwide.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simcast.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.inmobi.com
sync.ipredictive.com
tags.crwdcntrl.net
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
prebid.smilewanted.com
104.18.12.242
104.18.13.76
104.18.18.126
104.18.19.126
108.138.4.10
108.138.7.125
13.32.106.197
139.162.84.221
142.250.186.66
147.75.85.234
151.101.194.49
159.65.197.210
162.19.138.83
169.63.109.126
174.137.133.49
178.250.2.146
178.250.2.148
18.156.195.47
18.66.147.73
18.66.97.62
18.66.97.8
185.183.112.155
185.64.189.112
185.64.189.115
185.80.39.216
185.89.208.11
185.89.210.20
185.94.180.123
192.241.157.60
20.127.253.7
2001:4860:4802:34::178
2001:4de0:ac18::1:a:3b
213.19.147.45
23.205.235.133
23.206.210.112
23.35.228.23
23.35.229.56
23.35.237.56
2600:3c02::f03c:92ff:fe2d:3e71
2600:9000:223c:f000:1e:a43d:b640:93a1
2600:9000:2490:b600:11:b309:9100:21
2606:4700:10::6816:3556
2606:4700::6810:84e5
2606:4700::6811:190e
2606:4700::6812:18ad
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::24
2a02:2638::3
2a02:26f0:3500:16::215:14a0
2a02:fa8:8806:20::2100
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.131.167.203
3.227.132.135
3.33.220.150
3.75.3.113
34.107.148.139
34.120.133.55
34.149.50.64
34.200.185.2
34.208.243.53
34.230.93.42
34.243.37.252
34.247.15.44
34.253.58.124
34.96.105.8
35.156.99.162
35.170.230.14
35.204.74.118
35.205.207.25
35.210.53.219
35.213.117.18
35.244.159.8
45.79.244.12
51.89.9.252
52.28.148.185
52.28.211.5
52.57.80.202
52.59.9.89
52.69.93.39
54.164.104.239
54.164.239.233
54.210.175.101
54.239.38.253
69.173.144.139
70.42.32.127
72.52.179.174
76.223.111.18
85.114.159.93
99.81.203.9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03ac12ec5262548068212c1454bbf4ed4f047a69bc9ab3e43a41020c37d74d62
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aedac10cb6f36176a2974f3b29a0bd8fbc032d213beea4c9052a129dd0685f2
0af68c6af8a6b0c2d1a3c16f34059673c7282d8fcc50129771cf9b47d165a9eb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d826f035d9f30308152ebbdbf4bbb9d39daea110db319dab082719e9280045c
0f9b3a6d3b1999740de9a3e05650e8ca6f8912057b8cb16f7d6ec1c0bf27989b
11497aed23bafd3a335d0b62bff61942a082871f1fb1ca20ee2af272172c27eb
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
1428c8eedcfed0a5fd6f1fafa7cde078aee0462790367adf3106137d73595dee
1557f447ef6ad45b6dfa532a19cf1be8ac95b37f6617dd5ed6b73d6ca81519d8
18615e6fe15f5ea3a5587ae7bd99e76edd7a9cf76401de7d68055980ec4d267f
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1e212dbf387f623e2be7338b85bcbfa15fce26aac18ffd0af2aa47a1c13f36e1
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22f0b4fd60de384916b6b6d9b8d3057e6d57ad772774cb8a37a5dcc68114cdec
23acc4967fbfb464cd7aff561d361a0ba4fe6fe88dfd234a3afd15c8e2c6ca7c
2669e60bc4f9e28e101746299ad1d5ec2513c1e342b45981a9d520decd00484e
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2ab40c5fe2880affbd34359f60731a2b9578e8dbd9357ee5c636c79b40d48f9c
2d4b5265290f07ac5d1eeef2adebfe61856ecfd45a42b67db302c619e5bc0216
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
370e754410e0188f95bfc212b8926ee1d34be1852c488ce583a3c4ce5d4020a3
3710879a6e21dd4ca3ac14bcc643ea05a78ff32fc3128e1f00b5f3dcd160f5e4
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38972bc5834aa6852a6f25abf751f363f74f1cd3129bce78df4758eb4fee46df
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412fdd2c371a2aa42756c6a0dd154016a76e81275d0ed2c4117ed0c5e5c6b921
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
536be96e84e45f99f9a61e23db8898c193b475f5947b4f996e863f50e332a03f
5447109bc32ae1f6babd89c35de89dd12c9941aee79430cf8a7f016c12aecbd8
54ad0305e8d521e1ac443082838e8f0426572f97aa232d6082ded025b0c8f33e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5aa484c9024e97359c9c94217638b6086c1d55adbab145a9e5a9ecf1a300d89b
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f993ebba2c708b9747ae85de95065514c643fd708d204c0d6d4c69c7a91d83
637fc3c7b23162358e279e79d8d8ec83d930d1b163d14fd54d0c8e766e92b73e
63bc51e13b7a75b9181829108d2553d355ace231defdc12da8ad18c98d4c8b49
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6685e3ed864ede86b9bd555090afb447da7b84753faf9aa61bad2d5a6464f046
67057b11e437aafa4a1cd6b4383a46fa7c10f9765584813337a8610d1468480f
673331fa28b43839aa9d9c52e519677100d7f8cdd940d3f9171e24d7fccf279d
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b944904280f7d4a8b434220ad22547c123e72c98fa78ea2b0ffa5e59d9c3fd9
6d5c9a8d991f36f692580aac0f32025b291df77c0f8e4fe7a1346b84d6db57fb
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
71d49d865114d9bb25bfdfc0272b738cdfd771749b21360ce5fb40eee3b4d986
71ebddf359d51fcfb42066c45be12a76736146fccbfa51f8c01747a225c3a3f6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729d503cfda581195945a1b0510f6d1353013a1b32856a763b90d373aacd71e0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76a46ce3b818b8bba4380adb639cd88d51c32e86e53b29482c2f8a00649f9171
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c83ecce660044516c704cda6c1adb24f1b4792b69679c29b481650d62ffbb82
804dae52483ebec2efb413048fb7e47f32a258fbb671bcbd0699258a97c9f976
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
830dcecaa61dd0303ffec5e884a80cea59152271bcb3179ca1ea93b91f45aaad
84498164a91e08f53e2ea5e8240452b0871643a928278b94b94f7793ac3ecc9d
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87744b9137b297c54f0ad2dbfd9b7b1cafee7a147a327bb28287052ee59c9bbe
87756355c9c06dbff07ca70a57a7d5c7b1764ba03b62d445e5a4e549971359e7
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
8b51d267052c057abc8437f28c7e7907234f6ac7fd21f2a53649b391698ffbea
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ec981ebb3e387154f180ee2b2132c587213d876bb75bd2fc730e1af8597e195
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94ae96a533fa880623827ca98a2fb20714f235d48b39f2900697b85d490b139f
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98c10cf8e11b0684b24dbe35aedaeffa730ce8dbddc2107ed21103b17ce42770
9a58c070ee1966df1b427dc551883587e4dee3525d727121412e816c734a892a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5fa761ba024f252dbb252611630bf622e64e2312acc77d184fc05f2ab7ed4d
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e3534d987a90a565c0b7e86c571fa8d6d2f3cebfa4540ed2fddecd8a4647560
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a346e52cf4f2cd51a0159dba53407cf42b37c5b085f838748b782f4a00177b13
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a69777504794cf84c8b5f8ffad7e1933136446e9f2f452ebed24a72c7d4d38c5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7e8227efd35d01dc33f80ade6cf28dafbde7e35ad8c0c203b85fc11d2232152
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a93494db2c3dd46aa79768d6fbff99b2b8a7cfdae4ea4593a7b58659535ef8f5
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab6132d9085c4aa9c2f9d468f79c6992a7b5e20c860a9dfc7b9f14c5bb8ac0b3
adbe941a66b1fc0b0858f6e3fb85fbd6af7e25ea616b3f34a80a0868fdb302ad
ae4ccf188fe617dc8cf23f94dc2c81750f7a1896ff465c54333c358b19714d16
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b11ef585be993e093c615916bc711fe48c27e0df2ff616306b11bb79e8e4e886
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b349eff0567902579e8727caf7a9f73c86689f314009846cb82dea09f6b59faa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4769badaf916f59187f087555560d25bc8f7963ec6b66c6047f7d19aa923069
b94a89259ef175b881195823edba0134e626911f4dc3baaac1bece619eff6bb9
baf52a7b535a94319154306eeacd83e6fb1ee60257abcc608214a025d871e8bd
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2321f73e6bab7bcd053a752ad40f1bfb33ada59f6d23516dcdfec62c6116cd9
c4710d2d86157e62fa6527c9a689b0130c0798dd3e163cb993ffd90af9e42ab8
c5d7a468a55091c51c959117ce5c3f18514d3b99c77bc1112fd2918ff717bfb7
c5d9359c8864976bf5b15a6cb03467f239fdfa098f7eeea09ca1b96e99df7a77
c6bc59f44e24e22caa74b10ed80241a95067ac087249eaa2d06d4319d6b5fbbf
c7536c331887036d81b5f7763e462d6227ff50a3fcab3586de88edc9e0b1a297
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
c99498ba7bcd24d53bfbc6f62212c7d74762b60950ab40c6fc59194d04a479bb
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
caf0393daded642def1c7ab0921675fd4ba1ee0990f1fa6c46fc8d5dc6c7bea1
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
cdfb74bcd49b10dbb2a18f5ba627cbcfc27b3e5d7b6e6391abccb1accc69399d
cfd204e64ee1abf0e661f19fbabf6ea45a62c721a01db32dc3a7bb20d8257130
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1a582bbe0579cf662200e4b48d0f6f294e673caf4fbfd9aa86e44211ac9bef4
d4133630f5743f968871f0c3cefe69caed1e90fb2d4b49b53a94aaeb58995667
d50690c03c4137664e27398b61617b2f9cb6e23f5c8a6972e099ae743fa4d24f
d6ab275db17b02fb4b6c0d4f5ea0a6d1f85d204df353285ca5e990e8344d7652
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423
d8c392f8bc86d949f9eb29f44503d225b3914fde5d46fd43f8369af0f0e41295
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
dabe4ce7ed2551898ccc81aaef053928382047aa148234c0a7c8247189012ef1
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de4588adcf09d44d32f0aba538717ccf6930fe2f01f727a799b8b96eeef5b08a
df0058c3af6569aacf1c15401e9607ac797013d89d45876c86c817cd426d2793
e13bddb4c9b1b4be546d52e5418251ffc6dc9f1f26b49fc6b4aed5ca7adadee9
e2f0f53ed81ca4b4e032b568e8630bd54c94f5fc3cd75de61c731c2a7716c6a8
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e35a8f69bf211ed6d8ac69515a5cc50065a4131d7c93249164f3d48fa695e60d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45d13ca7e69af031f470855d125c93f8ab8f95999a6c269b52ad8656ecb8d53
e5785651ac5965eeff4f1e09a26cf45ec8e11fa48ea7eb54cac890ec7476fa54
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e94d83dd860763fa662738c3a26121ca1cddfeb45a45a0a99c053b408052aa4f
ea5bfe8d3f07e7e6bc856b373bed2212ed68374fdf3d62f509920583feeca317
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ecdd26adcc4a8c8b6164c4da1adcf9bae9018e1cafdcb9f8c5b80cb488b6d625
ed8555c0204c25de7313ed8db9dd332309bf5c2809b6d37513f440de6040ffd8
eda4be2e8f3e525226871fe3f617288474103df206556175b7f1028bab8bdc8a
ee27f14763d43d487a50b9add28fd997856dfbe9dca9855d1c633e1801b677cf
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef84ae85aa4b2bdfa8c54df1dfa159a49706e728ebeeafa3d0b7094c6c2a890c
f052b238ec7aa4a7ef6e5e12101c9388cd5c6006913b71f90d5c17cc7fbb9fc8
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9
f472dc1e44eced6b8848b5d5714e3be7aa7eb36b8fe0513b85969e08eb31cdfe
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f61d1cb7a8e321842851a29cb5f9f9ce7da00c1c273dfe8fc6c9976a672cf17e
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f8dbc2d5612573014af1406039e69f1f5fb7762820efe4c0550d700dcbd7da6e
fc74f839570eab7fa7bd18ba8f09880e5a44e75ff511309f0bf59eae34cf27c4