simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.capitalone.global/
Effective URL:
https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Submission: On December 29 via api (December 29th 2021, 2:22:16 am UTC) from US — Scanned from DE

Summary HTTP 329 Redirects Behaviour Indicators

Summary

This website contacted 69 IPs in 11 countries across 67 domains to perform 329 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2021. Valid for: a year.

This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	72.52.178.23 72.52.178.23	32244 (LIQUIDWEB) (LIQUIDWEB)
9	45.79.244.12 45.79.244.12	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3030::6815:631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	50.16.243.51 50.16.243.51	14618 (AMAZON-AES) (AMAZON-AES)
25	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
26	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
1	169.63.109.126 169.63.109.126	36351 (SOFTLAYER) (SOFTLAYER)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.247.120.79 34.247.120.79	16509 (AMAZON-02) (AMAZON-02)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
12	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
8	18.195.1.147 18.195.1.147	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
21	143.204.98.43 143.204.98.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	54.82.234.18 54.82.234.18	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	18.215.24.252 18.215.24.252	14618 (AMAZON-AES) (AMAZON-AES)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.7.205 51.89.7.205	16276 (OVH) (OVH)
1	3.95.140.237 3.95.140.237	14618 (AMAZON-AES) (AMAZON-AES)
1	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	54.204.0.108 54.204.0.108	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
42	2606:4700:303... 2606:4700:3039::6815:c080	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
11	18.203.96.5 18.203.96.5	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 22	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
3 3	18.185.209.98 18.185.209.98	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.161.230 18.198.161.230	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
4 4	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
2 2	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	199.187.193.177 199.187.193.177	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1	52.2.183.88 52.2.183.88	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
4	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.125.196.46 3.125.196.46	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
5	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
12 12	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
3 3	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
3	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
3 3	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
3	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
17	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
329	69

2 72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

www.capitalone.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com

simcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:631 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.243.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-243-51.compute-1.amazonaws.com

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com

in-appadvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.120.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-120-79.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.195.1.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 143.204.98.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-43.fra50.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.82.234.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-234-18.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.24.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-24-252.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.205 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p28.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.95.140.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-140-237.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.0.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-0-108.compute-1.amazonaws.com

timber.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:3039::6815:c080 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.117 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.209.98 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-98.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.161.230 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-161-230.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.235 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.251.14.14 (United States) 4 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.183.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-183-88.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.164 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.196.46 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-196-46.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 84.200.5.215 (Germany) 12 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.62.19 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.85.162 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	495 KB
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com	274 KB
34	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	173 KB
26	adform.net 4 redirects c1.adform.net track.adform.net s1.adform.net	179 KB
25	akamaized.net img-s-msn-com.akamaized.net	202 KB
21	cloudfront.net d29xw9s9x32j3w.cloudfront.net	258 KB
14	yahoo.com 2 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	3 KB
11	mediamathtag.com s.update.mediamathtag.com	52 KB
10	sendtonews.com embed.sendtonews.com player.sendtonews.com s2l.sendtonews.com timber.sendtonews.com	105 KB
9	simcast.com simcast.com	102 KB
8	sharethrough.com btlr.sharethrough.com	873 B
8	cloudflare.com cdnjs.cloudflare.com	169 KB
6	blau.de 3 redirects partner.blau.de portal.blau.de	6 KB
6	o2online.de 3 redirects partner.o2online.de portal.o2online.de	6 KB
6	lead-alliance.net 6 redirects www.lead-alliance.net	4 KB
6	telefonica-partner.de 6 redirects www.telefonica-partner.de	2 KB
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	11 KB
5	redintelligence.net hal9000.redintelligence.net hal90002.redintelligence.net	6 KB
5	mathtag.com 1 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	4 KB
5	google.com adservice.google.com www.google.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	3 KB
4	googletagservices.com www.googletagservices.com	147 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
3	awin1.com www.awin1.com	2 KB
3	de17a.com 3 redirects d5p.de17a.com	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	2mdn.net s0.2mdn.net	17 KB
3	adsrvr.org match.adsrvr.org	1 KB
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	320 KB
2	3lift.com 2 redirects eb2.3lift.com	943 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com	752 B
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	gstatic.com fonts.gstatic.com	88 KB
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	754 B
2	dotomi.com web.hb.ad.cpe.dotomi.com dclk-match.dotomi.com	249 B
2	adnxs.com prebid.adnxs.com ib.adnxs.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	google.de adservice.google.de	914 B
2	capitalone.global www.capitalone.global	3 KB
1	contentspread.net cdn.contentspread.net	1 KB
1	advertising.com sync.adaptv.advertising.com	14 B
1	simpli.fi 1 redirects um.simpli.fi	709 B
1	smartadserver.com ssbsync.smartadserver.com	75 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	580 B
1	1rx.io 1 redirects sync.1rx.io	695 B
1	quantserve.com cms.quantserve.com	463 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	resonate.com cdn.resonate.com	169 B
1	crwdcntrl.net id.crwdcntrl.net	333 B
1	liadm.com idx.liadm.com	432 B
1	id5-sync.com id5-sync.com	529 B
1	rlcdn.com api.rlcdn.com	324 B
1	rkdms.com id.sv.rkdms.com	163 B
1	indexww.com js-sec.indexww.com	13 KB
1	media.net prebid.media.net	847 B
1	a-mo.net prebid.a-mo.net	342 B
1	360yield.com ice.360yield.com	458 B
1	onetag-sys.com onetag-sys.com	358 B
1	in-appadvertising.com in-appadvertising.com	547 B
1	googleadservices.com partner.googleadservices.com	444 B
1	hbwrapper.com cat.hbwrapper.com	256 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	adapex.io cdn.adapex.io	130 KB
1	jquery.com code.jquery.com	30 KB
0	parklogic.com Failed parking2.parklogic.com Failed
329	67

	Domain	Requested by
25	img-s-msn-com.akamaized.net	simcast.com
22	cm.g.doubleclick.net	1 redirects b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
21	d29xw9s9x32j3w.cloudfront.net	player.sendtonews.com simcast.com cdnjs.cloudflare.com
18	assets.ad4m.at	as.ad4m.at
17	s1.adform.net	track.adform.net s1.adform.net www.capitalone.global
16	pagead2.googlesyndication.com	simcast.com pagead2.googlesyndication.com tpc.googlesyndication.com srcdoc b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com www.googletagservices.com
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com as.ad4m.at ad4m.at
12	c2shb.ssp.yahoo.com	cdn.adapex.io
11	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
9	simcast.com	www.capitalone.global simcast.com code.jquery.com
8	btlr.sharethrough.com	cdn.adapex.io
8	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net www.capitalone.global
8	cdnjs.cloudflare.com	simcast.com player.sendtonews.com s1.adform.net
6	www.lead-alliance.net	6 redirects
6	www.telefonica-partner.de	6 redirects
5	track.adform.net	hal90002.redintelligence.net s1.adform.net
5	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	hal90002.redintelligence.net	hal9000.redintelligence.net hal90002.redintelligence.net
4	ap.lijit.com	4 redirects
4	c1.adform.net	4 redirects
4	www.googletagservices.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
4	s2l.sendtonews.com	simcast.com
3	www.awin1.com	as.ad4m.at
3	portal.blau.de	as.ad4m.at
3	partner.blau.de	3 redirects
3	portal.o2online.de	as.ad4m.at
3	partner.o2online.de	3 redirects
3	static-de.ad4mat.net	as.ad4m.at
3	d5p.de17a.com	3 redirects
3	x.bidswitch.net	3 redirects
3	tags.mathtag.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com tags.mathtag.com
3	prod-rtb.ad4mat.net	www.capitalone.global
3	s0.2mdn.net	imasdk.googleapis.com b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
3	match.adsrvr.org	js-sec.indexww.com b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
2	pubads.g.doubleclick.net	player.sendtonews.com imasdk.googleapis.com
2	eb2.3lift.com	2 redirects
2	pm.w55c.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	timber.sendtonews.com	player.sendtonews.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	www.google.com	tpc.googlesyndication.com b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
2	imasdk.googleapis.com	player.sendtonews.com imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.sendtonews.com	embed.sendtonews.com player.sendtonews.com
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	embed.sendtonews.com	simcast.com player.sendtonews.com
2	www.capitalone.global	www.capitalone.global
1	cdn.contentspread.net	hal90002.redintelligence.net
1	sync.adaptv.advertising.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	ssbsync.smartadserver.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	cms.quantserve.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
1	r.turn.com	b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.capitalone.global
1	cdn.resonate.com	player.sendtonews.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	id5-sync.com	cdn.adapex.io
1	api.rlcdn.com	js-sec.indexww.com cdn.adapex.io
1	id.sv.rkdms.com	js-sec.indexww.com
1	fonts.googleapis.com	player.sendtonews.com
1	js-sec.indexww.com	player.sendtonews.com
1	prebid.media.net	cdn.adapex.io
1	ib.adnxs.com	cdn.adapex.io
1	htlb.casalemedia.com	cdn.adapex.io
1	prebid.a-mo.net	cdn.adapex.io
1	ice.360yield.com	cdn.adapex.io
1	web.hb.ad.cpe.dotomi.com	cdn.adapex.io
1	onetag-sys.com	cdn.adapex.io
1	in-appadvertising.com	cdn.adapex.io
1	prebid.adnxs.com	cdn.adapex.io
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cat.hbwrapper.com	cdn.adapex.io
1	www.googletagmanager.com	simcast.com
1	cdn.adapex.io	simcast.com
1	code.jquery.com	simcast.com
0	parking2.parklogic.com Failed	simcast.com
329	93

This site contains no links.

Subject Issuer	Validity	Valid
*.simcast.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-05-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.sendtonews.com Amazon	`2021-06-17` - `2022-07-16`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cat.hbwrapper.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.in-appadvertising.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-29` - `2022-07-30`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.a-mo.net R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.liadm.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
update.mediamathtag.com R3	`2021-12-26` - `2022-03-26`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
contentspread.net R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Frame ID: 18CAD9B970D4A60B6E1C82A891D978A4
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 8F93A150D53A4E4FDBCC76DD75EAC1B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1640744530&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640744530011&bpp=3&bdt=577&idt=71&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3184474297546&frm=20&pv=2&ga_vid=569723748.1640744530&ga_sid=1640744530&ga_hid=762040672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738&oid=2&pvsid=659192164346920&pem=300&tmod=993&ref=http%3A%2F%2Fwww.capitalone.global%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=87
Frame ID: C81D964C4391ED7389CEC05B5EDD350E
Requests: 1 HTTP requests in this frame

Frame: https://player.sendtonews.com/player7/player/65.21.10/player.js
Frame ID: 79D3EB2699D7B33BC5DD654CA60AA97F
Requests: 51 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D5FFF4C97D5088B9A37E30739ADD337
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 127CBBC823C615759A4C1F72CF43AC7D
Requests: 2 HTTP requests in this frame

Frame: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 05B7BBA7146FC43B4ADE2F32BA257BEF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: E9B37E2FA27853DE9EBA05BC0931B5EE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0D0D20CFE2F4EB9612C0ABAB6291CD17
Requests: 1 HTTP requests in this frame

Frame: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EEA712738DDD1BAD5040D23FB7F23DB0
Requests: 10 HTTP requests in this frame

Frame: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F5B8A8BE7C5E96B140FD77DF0351EE6E
Requests: 9 HTTP requests in this frame

Frame: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3576B0719F6B623A20BCC671699CEFEA
Requests: 26 HTTP requests in this frame

Frame: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25FA8D4DD86C20F0425D00FCBAB79367
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k0gnv0wdprc4ekshn3xfacepgnz1czx43m8x7vqtq18kk3bwk2yn96w3tp5r91azjasvqf4edz5s6w6hqwgj5de1da6bqk95mzngpfahmfg895ra8sxzxd44f80gk04979zz2pfafcxk3enybxkde3ycmaaeekq5b6twcfwwj8fvmyn1c1js0qwz9ktg6cey89b0212rfhevyq7fxe9yysvy08e29k31a5mdzjd4rsfn8gwex1xwz62by3f5br1b76tj0hh96pe0h23fcfjmxa6b1mtm4kmm85emk9k2y6v3x2afn5evcect9r4gedgbxb4g486v4jpx7m5vwtgqghvasn831bzakr2ax288761n6d6xzhrs9v623t149k6fekzspnkyd51j54saazqrp4fvmjcf3zyt3c39jg9s2p7jdfe1y1r2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 1262606FC617D03FE3999BC3993A9F56
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 327C9D95FD0A390CF3376C805F9368EF
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gspq733dtkryr3dryh0kkt6a3175kxjhr5gd9t7h6dra4k9dj9cq08tbm53te4haspv857h78sf53nsb8xmssnekys9dmptj66538wq1szd2kg4978xvrycxybmzd2n4vbrn5czznq0x1vp0mqd4kremhr3xff6s6ne49c8kfwaabeec7wh2d8z3gmpz1txdr0tm6xjfa5bxwbtt4k81h03rfhb10azrxpvp1n1ty4snewr5tnzqba9y7jk4pe95f6kyhfjksqq8cvpynta3xwwefx65eeqzyemchq7skp2msm3m4j8vzf6n36ddymf0pxd5jafq1w9an5h8fct3c8ggtxqfw85bwynymvfxwsbzb5y3dz8q28j34t54dqay6f8kn35dbej7cm129e6syyrdkcbrak34ecbyt8m7bh42xbpg5gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: A02FD86F6CC7E1A728CDBEF0B4FEC204
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 227305B6E453B4F8B94BE4D9D40032B9
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hf2h55z25qmrya9yhvm9r3gnqc49q9mxxhn6syfzmy1q0b525wncdqx5m76d8t6ak1pvxxdnzb0jxdfwphz0hm0a3jtgkk64km8vczrvc53ncywnhn7vjz0n1kr8dwxy2k4awjx966gt89hka1ezek45p7rrvkawpybphrt12m438dff6c5mq0vn28xwysw6y300tz7yzndk9abaffxkw1f61bas40p1az4731pjnqvv877wxr8gee2xzaac2pgknf2hw89q13tey29vbtm0bb193v2h55cy80q684g6kkydd3vz9tpr0bnprhm52anc0f4eeqtj3b0434trrhjzdaneyx92dhyn276nc98nmj8b2a9s7a2ckng9knf1ywe4zsrvh8s555qawsh0agrtqtg3w8zj20h5av4xwk21j2x67x1xetg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: 96F8216FEDAD5EEE8D2A8C020C607762
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09B9923E6CF17C7E2663CB9A41C9A0F1
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E882B0FF155BA6E9283CCD919DF959FE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C181C5F8E1A1BD9C14089967798EE0DB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 029283C42EDF5819462375350CFC18E5
Requests: 1 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
Frame ID: 8EE040A1315295E93D54EBA02ED45876
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4DE8F3C2914FA58705D0EC9C1D83D420
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Frame ID: FF396FC1F6492EF2903BABA89D20DB16
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Frame ID: A89F3BDC6448BF3372CB45BB85AA4EA3
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Frame ID: D42C68AE8C88B43A3512FED3FF0A5314
Requests: 11 HTTP requests in this frame

Frame: blob://https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/e940f76e-e3e1-451b-b623-a655365b6875
Frame ID: 031B339459A66AA34CC1F1730EB410B1
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: AC5C5B61723D242A607FEC808CE9E134
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10664483/10664483.js?ADFassetID=10664483&bv=258
Frame ID: 8998CEC3955EA89931D266918D6DB7A8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

http://www.capitalone.global/ Page URL
http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBCKyvcVG%2FmODlFfUOc6dj%2F24nR9DdVR... Page URL
https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

329
Requests

88 %
HTTPS

31 %
IPv6

67
Domains

93
Subdomains

69
IPs

11
Countries

2858 kB
Transfer

7298 kB
Size

62
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.capitalone.global/ Page URL
http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBCKyvcVG%2FmODlFfUOc6dj%2F24nR9DdVRqv%2FUV0iFNXFRSa2%2FFC5GdK99MTM179VNoUm5YHCIC13%2BYCOPqKA8h84S7xBSFjPUJHWwv3to8s7SDGAa3XQznnqVl8IBbigi6GGf7OtjdJ2gBPucTwyqJ%2B%2F82DMN96z7cYv9cuqSjV6b6qJidkPpcg2VXLN0R3wtnGI4QCdxJACqsJ2X0GqrTfvU5wVsNZGpbsC%2F0spUKs5ILUC28Bke9CMMhnCpzuoypPfWmzGolCrqtDADi7%2FLPnSvqORdBxtiErHLp605MBd8eYHEJKBFQQI1N1%2FreR7D2l6SEkZ8x8sBWPuf0gfv%2FUnqraqWRyThq%2FS0ZIDl3GT0qYqVJxtnOx%2FB5l2y3%2BktgDKUrA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=utrFlXxYV3cvS3dVYWkvbEtndUZOODRCTlpVMk1pUjFqOVBEc2l6VGpLR01ZUHNKZmJxendyU2V1aWtYaS8yWDdXazlvREZHcGJSU0xkZlBhMFdxMVphdkx2a1hDN2x2MURiT3JSOTA3Qy9jYjZhTEh2WG05akc5U3JRSFFDQXU1NWQ0U3Y1SWZSTVEydDBqd0daSzIyU2tYVE9WSjdtSjVxalFZSnhmMlVZRHFqWGZDdjUrVUVvVE5WUTZLRmJnakdrcjljNUwwM2cwZE1VVnhkWEVJZlhwaVROS1AxSzVtRlc0MEUzSHBIM1NyTEgwPXw&cppv=2

Request Chain 193

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEJ_93Hp8QiTkBOkLR4EU8U&google_cver=1&google_push=AYg5qPJQ_oKIu-hcORvzmui6rfoXuF3LeLRZ0yMF2QzWaJ2YIRjLCbD0PBsXKcz3G9MV5ht9psgFw7gKg1g6IDUMfRMKTGuzqA1- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI2NTQ1MzQ2NzcyMDQ5MTM4Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJ_93Hp8QiTkBOkLR4EU8U&google_cver=1

Request Chain 195

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDj5T1j9LAlhA-BJq83GcTY&google_cver=1&google_push=AYg5qPJbYUdH98TdwBowt7_Rl6u5wjY9keJuJMbOp96528A7ts7YyLYiTzneqCkp5oJdO49fZuT819rbezzf0lbNEdSqrZ3az4PX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k2thy8ZTQQGbTMX6VNePzg&google_push=AYg5qPJbYUdH98TdwBowt7_Rl6u5wjY9keJuJMbOp96528A7ts7YyLYiTzneqCkp5oJdO49fZuT819rbezzf0lbNEdSqrZ3az4PX

Request Chain 197

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAbAoRtNiz9MFVPlHa0J--s&google_cver=1&google_push=AYg5qPIydS0nmqbene8EZgNoJeRbtirNmOQSTeib2frZtmlkq3rr52kTZPvJ693_a58O-upP1viAc94Y8ZH51qof00gxesaf4nPq HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPIydS0nmqbene8EZgNoJeRbtirNmOQSTeib2frZtmlkq3rr52kTZPvJ693_a58O-upP1viAc94Y8ZH51qof00gxesaf4nPq

Request Chain 198

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDALrU-DCDu_mNZx7FKY1xc&google_cver=1&google_push=AYg5qPJdR84dSe1aTQ_UZEmLn1CJwYQjR86-9qIGfldRqZe4r88yp6qtp3dNJscmNzCYwYzH5imHaIHrL5_3K7_LeBYuKV0eXbDm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJdR84dSe1aTQ_UZEmLn1CJwYQjR86-9qIGfldRqZe4r88yp6qtp3dNJscmNzCYwYzH5imHaIHrL5_3K7_LeBYuKV0eXbDm&google_hm=MjMyOTI1Njk1NDgzMDk3NTc1MQ%3D%3D

Request Chain 199

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO1P47xVKaGJ-827waAdyMc&google_cver=1&google_push=AYg5qPKPwoMCac28PRr3_sJPze6ymt4py8xxEIPpMYn4OtEcbG0XX4pJMwIauC4kR5Pene0iowEYTkTNDKbk1Nuo7zE0OQ8pwkgy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRV1hKMVctUi02V1hG&google_push=AYg5qPKPwoMCac28PRr3_sJPze6ymt4py8xxEIPpMYn4OtEcbG0XX4pJMwIauC4kR5Pene0iowEYTkTNDKbk1Nuo7zE0OQ8pwkgy

Request Chain 202

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHLPRZX2Ji4qq3Jb4_jJFD0&google_cver=1&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioKJ0l32iQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHLPRZX2Ji4qq3Jb4_jJFD0&google_cver=1&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioKJ0l32iQ HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e03a240e-6cf2-4883-8f13-f23b87eaffda&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioKJ0l32iQ&google_hm=xsAqzwIqQdWsO6Qq8CGbAg==

Request Chain 203

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDALrU-DCDu_mNZx7FKY1xc&google_cver=1&google_push=AYg5qPK5RUHhW0SQlF6gpm2fMlNKZFRHp4PVii81n2gWjiHsVytTYI8OsmuaCIZp9lifLGRpoucqEpRN02Nx0zejGh6NDJq8uVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5RUHhW0SQlF6gpm2fMlNKZFRHp4PVii81n2gWjiHsVytTYI8OsmuaCIZp9lifLGRpoucqEpRN02Nx0zejGh6NDJq8uVw&google_hm=NDQzOTIyMzk1NzA3MzE0NTk0NA%3D%3D

Request Chain 204

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244dbMQ3wKdOIKPGN5tVM8bE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244dbMQ3wKdOIKPGN5tVM8bE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Njc3ODIwODQ1NjQyODUyOQ&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244dbMQ3wKdOIKPGN5tVM8bE

Request Chain 205

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQEHDI8hILbno HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQEHDI8hILbno&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQEHDI8hILbno&google_hm=cfad048d35a2630809cd9e4b

Request Chain 206

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPOdAIv4xDS7kROlAvmPH6U&google_cver=1&google_push=AYg5qPLfceYUGGIoyNU9xYrwFy5ZHyAYs_MWxSmQTKgDo8NhBBkaIjaF7Kz7EuRaUoHZ09mmR77oCnJ_bNH5KGuPVwb0B1iGSg HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2ae1bebe-d168-46a2-b5bb-57517a112f6c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLfceYUGGIoyNU9xYrwFy5ZHyAYs_MWxSmQTKgDo8NhBBkaIjaF7Kz7EuRaUoHZ09mmR77oCnJ_bNH5KGuPVwb0B1iGSg%26google_hm%3DAyrhvr7RaEaitbtXUXoRL2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfceYUGGIoyNU9xYrwFy5ZHyAYs_MWxSmQTKgDo8NhBBkaIjaF7Kz7EuRaUoHZ09mmR77oCnJ_bNH5KGuPVwb0B1iGSg&google_hm=Ayrhvr7RaEaitbtXUXoRL2w

Request Chain 209

https://um.simpli.fi/gp_match?google_gid=CAESEEekCBEv-NdEOE5I2cZDYVA&google_cver=1&google_push=AYg5qPIxosUlN_LWA3-p3Re4brEsJqxOU3LfnaViLNVr1w9TQJSS1-6kB9jE81_UMoTG1Rc9gW4DK1kVldl0eGnHi6yrq808I0Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD4D4F98865842498D62885EFFB93E6C&google_push=AYg5qPIxosUlN_LWA3-p3Re4brEsJqxOU3LfnaViLNVr1w9TQJSS1-6kB9jE81_UMoTG1Rc9gW4DK1kVldl0eGnHi6yrq808I0Y

Request Chain 212

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYShKDdn7n6yPP7byKYv5vJc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYShKDdn7n6yPP7byKYv5vJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5NDc3MzE1NzIxODQ0MjAzMA&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYShKDdn7n6yPP7byKYv5vJc

Request Chain 213

https://d5p.de17a.com/cookies/google?google_gid=CAESEDcGL5O9bFU9KPXs7X0ihY4&google_cver=1&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDcGL5O9bFU9KPXs7X0ihY4&google_cver=1&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw

Request Chain 214

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE&google_cver=1&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE

Request Chain 238

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cver=1&google_push=AYg5qPI27DZk7QIkHpj3rp2iEM4Oqc2Yb2prw_HfBMi1pMktyi1I0jIVZ4JJk19Q4nGQA--pk0jVKlr3dJIE5_GwjS4fkR8h6Y5P HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cver=1&google_push=AYg5qPI27DZk7QIkHpj3rp2iEM4Oqc2Yb2prw_HfBMi1pMktyi1I0jIVZ4JJk19Q4nGQA--pk0jVKlr3dJIE5_GwjS4fkR8h6Y5P HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXVnaGcyYWwxTjJvQnQ1&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cver=1&google_push=AYg5qPI27DZk7QIkHpj3rp2iEM4Oqc2Yb2prw_HfBMi1pMktyi1I0jIVZ4JJk19Q4nGQA--pk0jVKlr3dJIE5_GwjS4fkR8h6Y5P

Request Chain 239

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAbAoRtNiz9MFVPlHa0J--s&google_cver=1&google_push=AYg5qPLtBtFseaE3Mb4pSwfXDxtBjLlwvzwkbNZ8s5elm58tCxm5tK9koeAxno3lMuwUfQHkMiEqTk9NWnDnWstnfZWoW7x0ANw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPLtBtFseaE3Mb4pSwfXDxtBjLlwvzwkbNZ8s5elm58tCxm5tK9koeAxno3lMuwUfQHkMiEqTk9NWnDnWstnfZWoW7x0ANw

Request Chain 240

https://d5p.de17a.com/cookies/google?google_gid=CAESEDcGL5O9bFU9KPXs7X0ihY4&google_cver=1&google_push=AYg5qPKY_Weo6a8q0XNdk3vHRyckKr-bqW0kEiOzcWsRNfNTjLTMNGe4LMLqN-1bvK6kQq3YiKeqlAKZIwu3iOvQDNhGJ3XH_vaX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKY_Weo6a8q0XNdk3vHRyckKr-bqW0kEiOzcWsRNfNTjLTMNGe4LMLqN-1bvK6kQq3YiKeqlAKZIwu3iOvQDNhGJ3XH_vaX

Request Chain 241

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx909vKj_uq4miM HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx909vKj_uq4miM&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx909vKj_uq4miM&google_hm=6c56c6034c4bff536723637d

Request Chain 242

https://onetag-sys.com/sync/i,19/?google_gid=CAESEH4cB9ucs4D_NWAXoKb5Uso&google_cver=1&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs

Request Chain 243

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGQav2xEQ1G4CiTFuoZRfHo&google_cver=1&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK&google_gid=CAESEGQav2xEQ1G4CiTFuoZRfHo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjAyMTY5MzQ4Nzc4MjIzNjc1Nw%3D%3D&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK

Request Chain 256

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&spid=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24

Request Chain 259

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122903221261038960047X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960047X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663

Request Chain 266

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122903221261038960039X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2021122903221261038960039X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960039X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24

Request Chain 269

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752

Request Chain 276

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122903221261038960041X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&spid=2021122903221261038960041X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960041X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24

Request Chain 279

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122903221261038960045X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960045X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752

329 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
www.capitalone.global/ 2 KB
2 KB 1304ms
1269ms Document
text/html 72.52.178.23
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.capitalone.global/
Protocol: HTTP/1.1
Server: 72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 29 Dec 2021 02:22:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bouncy.php
www.capitalone.global/page/ 709 B
993 B 127ms
127ms Document
text/html 72.52.178.23
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBCKyvcVG%2FmODlFfUOc6dj%2F24nR9DdVRqv%2FUV0iFNXFRSa2%2FFC5GdK99MTM179VNoUm5YHCIC13%2BYCOPqKA8h84S7xBSFjPUJHWwv3to8s7SDGAa3XQznnqVl8IBbigi6GGf7OtjdJ2gBPucTwyqJ%2B%2F82DMN96z7cYv9cuqSjV6b6qJidkPpcg2VXLN0R3wtnGI4QCdxJACqsJ2X0GqrTfvU5wVsNZGpbsC%2F0spUKs5ILUC28Bke9CMMhnCpzuoypPfWmzGolCrqtDADi7%2FLPnSvqORdBxtiErHLp605MBd8eYHEJKBFQQI1N1%2FreR7D2l6SEkZ8x8sBWPuf0gfv%2FUnqraqWRyThq%2FS0ZIDl3GT0qYqVJxtnOx%2FB5l2y3%2BktgDKUrA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: HTTP/1.1
Server: 72.52.178.23 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.capitalone.global/

Response headers

Date: Wed, 29 Dec 2021 02:22:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request / Show response
simcast.com/ 37 KB
7 KB 787ms
513ms Document
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/page/bouncy.php?&bpae=GbhOd6cGY01%2Fj3NkWBCKyvcVG%2FmODlFfUOc6dj%2F24nR9DdVRqv%2FUV0iFNXFRSa2%2FFC5GdK99MTM179VNoUm5YHCIC13%2BYCOPqKA8h84S7xBSFjPUJHWwv3to8s7SDGAa3XQznnqVl8IBbigi6GGf7OtjdJ2gBPucTwyqJ%2B%2F82DMN96z7cYv9cuqSjV6b6qJidkPpcg2VXLN0R3wtnGI4QCdxJACqsJ2X0GqrTfvU5wVsNZGpbsC%2F0spUKs5ILUC28Bke9CMMhnCpzuoypPfWmzGolCrqtDADi7%2FLPnSvqORdBxtiErHLp605MBd8eYHEJKBFQQI1N1%2FreR7D2l6SEkZ8x8sBWPuf0gfv%2FUnqraqWRyThq%2FS0ZIDl3GT0qYqVJxtnOx%2FB5l2y3%2BktgDKUrA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8cf37740ea7a6511968fcae2844fef8245b2c7975841059a7c1a32c7b3f8f0d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.capitalone.global/

Response headers

date: Wed, 29 Dec 2021 02:22:08 GMT
server: Apache/2.4.38 (Debian)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
upgrade: h2
connection: Upgrade
vary: Accept-Encoding
content-encoding: gzip
content-length: 7099
content-type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 77ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1640744529.dop207.ml1.t,1640744529.cds216.ml1.hn,1640744529.cds019.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK html.css
simcast.com/templates/simcast/css/ 20 KB
4 KB 332ms
113ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/css/html.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 00:43:56 GMT
server: Apache/2.4.38 (Debian)
etag: "5101-5d2abe6bdeb00-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 4273

GET
H/1.1 200
OK all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 55 KB
12 KB 338ms
114ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 21:31:18 GMT
server: Apache/2.4.38 (Debian)
etag: "daa3-5d2a935d4d580-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 12209

GET
H/1.1 200
OK lib.js Show response
simcast.com/templates/simcast/js/ 856 B
787 B 339ms
114ms Script
application/javascript 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/templates/simcast/js/lib.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 03:31:19 GMT
server: Apache/2.4.38 (Debian)
etag: "358-5d39fa3726fc0-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: application/javascript
content-length: 459

GET
H2 200 aaw.smc.js Show response
cdn.adapex.io/hb/ 477 KB
130 KB 88ms
36ms Script
application/javascript 2606:4700:3030::6815:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.smc.js
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71351b729bfc7c206bd80a001801bca3317ed54a28830dce9903cca1cc1e4490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50761
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 21 Dec 2021 07:51:08 GMT
server: cloudflare
etag: W/"61c1876c-774da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2x7xJGqldmCLj7VgvdmBy0lqtpFlLBrlIKHsGw5ZU0LIC5uP5m49OTK2Ktv7VEnWvsjYjmCF7iDvTIl2W7H3PjRWcNauTDnhjZjxacUWdizGKL8k%2F0LWO6ZvFxwTCfrowqas0HnGWNahvei"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 6c4f8f1d6c9c83a0-MXP
expires: Wed, 29 Dec 2021 07:56:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 54ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7445dd21e8b35707dc9ab3743ae40717522c7fa6c6b0c4c175e4408a30874843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51753
x-xss-protection: 0
server: cafe
etag: 1241415355052401607
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 02:22:09 GMT

GET enhance.js
parking2.parklogic.com/page/ 0
0

GET
H/1.1 200
OK simcastlogo_35y.png
simcast.com/templates/simcast/images/ 1 KB
2 KB 330ms
110ms Image
image/png 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
last-modified: Thu, 09 Dec 2021 00:46:50 GMT
server: Apache/2.4.38 (Debian)
etag: "527-5d2abf11cf280"
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: image/png
content-length: 1319

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 61ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3136595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1399
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yak2ybIjNrqM1ZI%2FQT%2FcZz1UUOTqI3uTut818Gs1OXu9bqUdeBNR2f5i188BFlxpx6Pb8C81Cax6r9AQT0UE1rw9%2FqQF42mm5waE%2B%2B3joumiQ6i%2FDyTBPU%2FybLTq0Uj%2F52emtRVkR9ljIUwysrm2JFCk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f1f7e1f83a3-MXP
expires: Mon, 19 Dec 2022 02:22:09 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 22ms
21ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1666061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1541
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmI5PzKIscaH3hzerpC%2BDijW8fmHMeyaAKPVZVJ2uF%2F6cdtvXHk6kI%2FJamWXIHODfW6eq1PqxLODCmDytW%2Ff8i6idkgaazHjnfk1U1Y8GnEemJDMKymRen7YtnLdhoEheggebJpAFXYF98truVndpP29"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f1f9e3683a3-MXP
expires: Mon, 19 Dec 2022 02:22:09 GMT

GET
H/1.1 200
OK modal.css
simcast.com/widgets/modal/ 992 B
666 B 338ms
111ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/modal/modal.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:52:56 GMT
server: Apache/2.4.38 (Debian)
etag: "3e0-5d2ab305a0600-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 352

GET
H/1.1 200
OK embedcode.js Show response
embed.sendtonews.com/player3/ 81 KB
26 KB 410ms
109ms Script
application/javascript 50.16.243.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.243.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-243-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 26300
Expires: Wed, 29 Dec 2021 03:22:10 GMT

GET
H2 200 AASdx0M.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
4 KB 48ms
14ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdx0M.img?h=100&w=100&x=400&y=225&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd831b23a498a8bc13c8cf45345143fe6da0220205b4878a41da301c197aae79

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 23:49:03 GMT
x-datacenter: northeu
x-source-length: 65096
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422829
x-activityid: ab37652b-636f-4887-8a5b-5eef3f7be34d
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdx0M?h=100&w=100&x=400&y=225&m=5
content-length: 3713
expires: Sun, 02 Jan 2022 23:49:18 GMT

GET
H2 200 AA7zvAd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 404 B
781 B 40ms
7ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA7zvAd.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ca1e3bc44a3d6d0a2612d88ff8b2f2638101ab8277577ba3649252ae13bf02ca

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AA7zvAd
date: Wed, 29 Dec 2021 02:22:09 GMT
x-source-length: 404
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA7zvAd
x-activityid: fc9a6ddb-9228-4f68-92de-1116c4d31e85
last-modified: Sat, 25 Dec 2021 04:01:59 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 404
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=92416
timing-allow-origin: *
expires: Thu, 30 Dec 2021 04:02:25 GMT

GET
H2 200 AASdoEA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 5 KB
5 KB 46ms
13ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdoEA.img?h=100&w=100&x=512&y=384&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f07fd1a4107fd7ddee91157b66e63c2d46679add1494ae8a0f691d23df2a8a1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 19:36:34 GMT
x-datacenter: northeu
x-source-length: 131573
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=407663
x-activityid: f11ebe0a-5717-49c1-93f7-3bc619512562
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdoEA?h=100&w=100&x=512&y=384&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 4633
expires: Sun, 02 Jan 2022 19:36:32 GMT

GET
H2 200 AAHxwMU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 41ms
8ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AAHxwMU
date: Wed, 29 Dec 2021 02:22:09 GMT
x-source-length: 19380
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAHxwMU
x-activityid: 988e3937-b874-4287-9854-f5c188c02648
last-modified: Tue, 28 Dec 2021 08:28:00 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 19380
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=367577
timing-allow-origin: *
expires: Sun, 02 Jan 2022 08:28:26 GMT

GET
H2 200 AASdurl.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 49ms
16ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdurl.img?h=100&w=100&x=212.5&y=165.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

643d3ac680e0cad33b2e08bda0c4391da8fbf27ce34cfdec252caf9ed9893278

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 22:21:20 GMT
x-datacenter: northeu
x-source-length: 38717
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=417592
x-activityid: 32f65937-99cc-441f-92f6-5c90bbb9b2a2
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdurl?h=100&w=100&x=212.5&y=165.5&m=5
content-length: 3224
expires: Sun, 02 Jan 2022 22:22:01 GMT

GET
H2 200 AASd2yC.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 4 KB
5 KB 15ms
13ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASd2yC.img?h=100&w=100&x=350&y=239&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

403bfcefd23cdd6c98afe957a4d3edca96fff54c9a3116b3c234d0a278153405

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 15:08:17 GMT
x-datacenter: northeu
x-source-length: 53650
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=391493
x-activityid: 8d09adf8-0ffd-4382-af81-7acd6252a619
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASd2yC?h=100&w=100&x=350&y=239&m=5
content-length: 4563
expires: Sun, 02 Jan 2022 15:07:02 GMT

GET
H2 200 BB10ea2p.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
1 KB 19ms
17ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10ea2p.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Sat, 25 Dec 2021 21:57:31 GMT
x-datacenter: northeu
x-source-length: 1105
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=156850
x-activityid: cfe43f55-568b-47c9-b162-d8724478dd82
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10ea2p
content-length: 1105
expires: Thu, 30 Dec 2021 21:56:19 GMT

GET
H2 200 AAScdt7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 5 KB
5 KB 24ms
21ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAScdt7.img?h=100&w=100&x=960&y=540&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c87d9899a2b238343a8668b906efe925856db9e8696cd54756e1e4ce27b45ac5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Wed, 29 Dec 2021 00:18:12 GMT
x-datacenter: northeu
x-source-length: 208992
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=424518
x-activityid: da1168f3-4cea-44b8-a3d2-7d46073c5b01
content-location: https://img.s-msn.com/tenant/amp/entityid/AAScdt7?h=100&w=100&x=960&y=540&m=5
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 4731
expires: Mon, 03 Jan 2022 00:17:27 GMT

GET
H2 200 AAzjSw3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 18ms
15ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 17:51:39 GMT
x-datacenter: northeu
x-source-length: 3247
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=401375
x-activityid: 9fe5b18d-3b00-470e-83ae-0f9a40ce68b3
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzjSw3
content-length: 3247
expires: Sun, 02 Jan 2022 17:51:44 GMT

GET
H2 200 AASdcnu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 51 KB
51 KB 19ms
17ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdcnu.img?h=500&w=1000&x=475&y=475&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c02c7881d98d1e23d8e054c77e528980397b86186652a0f2491ea354f20726af

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 19:25:33 GMT
x-datacenter: northeu
x-source-length: 97430
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=406893
x-activityid: 381d7886-09b1-48d7-a37d-5d12d2150494
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdcnu?h=500&w=1000&x=475&y=475&m=2
content-length: 51953
expires: Sun, 02 Jan 2022 19:23:42 GMT

GET
H2 200 AASdoEA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 41ms
39ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdoEA.img?h=70&w=95&x=512&y=384&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

81b940f0df74ace0700459e9b8e84a4c01152503c2ec56ff756e01ebd657b216

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 19:37:32 GMT
x-datacenter: northeu
x-source-length: 131573
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=407771
x-activityid: f024d4d3-baf5-47f4-87fe-52c611b8a653
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdoEA?h=70&w=95&x=512&y=384&m=5
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 3501
expires: Sun, 02 Jan 2022 19:38:20 GMT

GET
H2 200 AASd4qt.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 24ms
22ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASd4qt.img?h=70&w=95&x=512&y=383.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

230665fcd98b4466f8850c2068dc9bf686e74cc63f3d6fd4b64086b434e58817

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 16:39:32 GMT
x-datacenter: northeu
x-source-length: 109447
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=397037
x-activityid: 37ae0d46-6868-4fc6-bb57-0e131f87f74b
content-location: https://img.s-msn.com/tenant/amp/entityid/AASd4qt?h=70&w=95&x=512&y=383.5&m=5
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 3014
expires: Sun, 02 Jan 2022 16:39:26 GMT

GET
H2 200 AAS8Sm4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
4 KB 29ms
27ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAS8Sm4.img?h=70&w=95&x=470&y=264.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db83a88ebf56f0a6c00280a0b4a99a6e387d363336872d49f61a2702792fafc3

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 18:07:34 GMT
x-datacenter: northeu
x-source-length: 126298
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=402326
x-activityid: cb336d55-9073-4089-ab75-7b002ebb012f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAS8Sm4?h=70&w=95&x=470&y=264.5&m=5
content-length: 3257
expires: Sun, 02 Jan 2022 18:07:35 GMT

GET
H2 200 BBMQmHU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 321 B
646 B 25ms
22ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBMQmHU.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d18a18eb8f2b492c1494557caff4047e403c7312782e664b6517479e5bb2e47

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 21:45:25 GMT
x-datacenter: northeu
x-source-length: 321
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=415339
x-activityid: 50d6cc08-9de6-41e0-8d46-8d0f816e83c4
content-location: https://img.s-msn.com/tenant/amp/entityid/BBMQmHU
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 321
expires: Sun, 02 Jan 2022 21:44:28 GMT

GET
H2 200 AASclQv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
3 KB 18ms
16ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASclQv.img?h=70&w=95&x=643&y=257&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ebb77cacd95fc3d1bf650d0ce9496c7db4b6b78c2756f83b308717cb8928d34

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Wed, 29 Dec 2021 00:18:16 GMT
x-datacenter: northeu
x-source-length: 138142
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=424647
x-activityid: b1154ff6-97b3-4e64-8fe2-379bc719e2f0
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASclQv?h=70&w=95&x=643&y=257&m=5
content-length: 2425
expires: Mon, 03 Jan 2022 00:19:36 GMT

GET
H2 200 AAScYe2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 36ms
34ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAScYe2.img?h=70&w=95&x=400&y=266.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c505f848eea72383c5f604fbcef1ead2073097f5e13adbf286531c6b76d3b43

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 15:07:39 GMT
x-datacenter: northeu
x-source-length: 57169
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=391603
x-activityid: ebf2b623-32db-4b46-9c47-71704da5ec41
content-location: https://img.s-msn.com/tenant/amp/entityid/AAScYe2?h=70&w=95&x=400&y=266.5&m=5
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 2163
expires: Sun, 02 Jan 2022 15:08:52 GMT

GET
H2 200 AASbzUf.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 24ms
22ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASbzUf.img?h=70&w=95&x=600&y=337.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

53cec24da6bd72d8ebf9012e3cd6a4a3935366fbf1ef89be09aff586ded5f543

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 06:15:32 GMT
x-datacenter: northeu
x-source-length: 50815
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=359634
x-activityid: ec107f7b-39ca-4b75-afec-778b8075a4a1
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASbzUf?h=70&w=95&x=600&y=337.5&m=5
content-length: 1810
expires: Sun, 02 Jan 2022 06:16:03 GMT

GET
H2 200 AA3e6zI.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 412 B
735 B 25ms
23ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3e6zI.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd08a87c0d61e7eecc5c1896111ffaa3c716558173bc4ab0b4176d88565f58d6

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 23:27:34 GMT
x-datacenter: northeu
x-source-length: 412
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=421525
x-activityid: 99af379e-ba4a-4b31-9496-c50284275a74
content-location: https://img.s-msn.com/tenant/amp/entityid/AA3e6zI
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin: *
content-length: 412
expires: Sun, 02 Jan 2022 23:27:34 GMT

GET
H2 200 AASdGw8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 35ms
33ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdGw8.img?h=70&w=95&x=475&y=475&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e8d6c69e6e51b442c4f22bfbb2afa7e45f8df3960418c3dd5f5b39fbbf711df2

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 23:20:31 GMT
x-datacenter: northeu
x-source-length: 55079
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=420987
x-activityid: 9708be61-be41-47b0-8baf-239188532079
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdGw8?h=70&w=95&x=475&y=475&m=5
content-length: 2795
expires: Sun, 02 Jan 2022 23:18:36 GMT

GET
H2 200 BBs47TE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 745 B
1 KB 15ms
13ms Image
image/png 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBs47TE.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abaab2cba237aa106298f6fbba0f540da1e0f943171b14d50e74776696168ec0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Sun, 26 Dec 2021 21:35:12 GMT
x-datacenter: northeu
x-source-length: 745
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=241911
x-activityid: 2ccf88db-e9f8-44b9-85d1-3e30fc1068ed
content-location: https://img.s-msn.com/tenant/amp/entityid/BBs47TE
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 745
expires: Fri, 31 Dec 2021 21:34:00 GMT

GET
H2 200 AASdF6B.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 299ms
297ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdF6B.img?h=70&w=95&x=1024&y=681.5&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

52a832fce3f788a345621975a5a67474047c4f7afec1c33e9ceef81d7e0bdbc1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:10 GMT
last-modified: Wed, 29 Dec 2021 00:49:39 GMT
x-datacenter: northeu
x-source-length: 146783
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=426479
x-activityid: 1facf7c2-714f-4e59-9ebc-54e78b47f4cc
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdF6B?h=70&w=95&x=1024&y=681.5&m=5
content-length: 1734
expires: Mon, 03 Jan 2022 00:50:09 GMT

GET
H2 200 AA42eYr.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 417 B
759 B 16ms
14ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA42eYr.img

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Sun, 26 Dec 2021 21:40:55 GMT
x-datacenter: northeu
x-source-length: 417
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=242390
x-activityid: 184ecdae-ff0f-4afd-a05a-ca01fbb08561
x-resizerversion: 1.0
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-location: https://img.s-msn.com/tenant/amp/entityid/AA42eYr
content-length: 417
expires: Fri, 31 Dec 2021 21:41:59 GMT

GET
H2 200 AAScRPE.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 3 KB
3 KB 25ms
23ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAScRPE.img?h=70&w=95&x=359&y=291&m=5

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c83d51b9e1de9fb753dcbca9ed03c76cc8541a321c696201809ab741d3c2b3d7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Tue, 28 Dec 2021 20:38:57 GMT
x-datacenter: northeu
x-source-length: 95933
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=411400
x-activityid: 39273da3-7cd6-4e6a-9a26-d73981282450
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAScRPE?h=70&w=95&x=359&y=291&m=5
content-length: 3032
expires: Sun, 02 Jan 2022 20:38:49 GMT

GET
H2 200 AAScdt7.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 40 KB
40 KB 30ms
28ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAScdt7.img?h=300&w=400&x=960&y=540&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f71fab405c322b63d09532c007eb7bb5f95b40dbfd7ee16d8968e0365e57ad23

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Wed, 29 Dec 2021 00:22:08 GMT
x-datacenter: northeu
x-source-length: 208992
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=424835
x-activityid: 3950cb6e-1455-4350-925c-cad1381b99b7
content-location: https://img.s-msn.com/tenant/amp/entityid/AAScdt7?h=300&w=400&x=960&y=540&m=2
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 40652
expires: Mon, 03 Jan 2022 00:22:44 GMT

GET
H2 200 AASdF9L.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 34 KB
34 KB 28ms
26ms Image
image/jpeg 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AASdF9L.img?h=300&w=400&x=1024&y=601&m=2

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3d0837637a8bfc56ac3d88234a9c3c24c4187d7930766d23005d35c6c380687

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
last-modified: Wed, 29 Dec 2021 01:08:53 GMT
x-datacenter: northeu
x-source-length: 483096
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427614
x-activityid: b56deca2-015e-4251-9eb5-241072321c60
content-location: https://img.s-msn.com/tenant/amp/entityid/AASdF9L?h=300&w=400&x=1024&y=601&m=2
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 34477
expires: Mon, 03 Jan 2022 01:09:03 GMT

GET
H/1.1 200
OK gdpr.css
simcast.com/widgets/gdpr/ 799 B
665 B 323ms
109ms Stylesheet
text/css 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/gdpr/gdpr.css
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 23:52:06 GMT
server: Apache/2.4.38 (Debian)
etag: "31f-5d2ab2d5f1580-gzip"
vary: Accept-Encoding
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: text/css
content-length: 351

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 44ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f603879e7c6d9f3648cc4b33ba22c59bb564dc81dbff743b46811012755c3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36168
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 02:22:09 GMT

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
256 B 300ms
96ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Wed, 29 Dec 2021 02:22:10 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 62ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1085 / 662 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Dec 2021 02:22:09 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 74 KB
74 KB 374ms
210ms Font
font/woff2 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
last-modified: Wed, 08 Dec 2021 21:32:06 GMT
server: Apache/2.4.38 (Debian)
etag: "126b0-5d2a938b14180"
upgrade: h2
connection: Upgrade
accept-ranges: bytes
content-type: font/woff2
content-length: 75440

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 45ms
31ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 63 B
92 B 30ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5857138def6703a65c3b907b9d85c15c3ed7d2a4025fbd006a32e0e010e09863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 32ms
31ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9565037823771164&plah=simcast.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 8F93 11 KB
5 KB 38ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 18:37:20 GMT
expires: Tue, 11 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 27890
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
444 B 29ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9565037823771164&plah=simcast.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

babe18c9b93dc8e60e8912029d44039a3a362d924ea3dae6ad188cb899c63233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=simcast.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C81D 603 B
68 B 44ms
29ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1640744530&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640744530011&bpp=3&bdt=577&idt=71&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3184474297546&frm=20&pv=2&ga_vid=569723748.1640744530&ga_sid=1640744530&ga_hid=762040672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738&oid=2&pvsid=659192164346920&pem=300&tmod=993&ref=http%3A%2F%2Fwww.capitalone.global%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=87

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Dec 2021 02:22:10 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Dec 2021 02:22:10 GMT
cache-control: private

GET
H2 200 / Show response
player.sendtonews.com/version/ 208 B
567 B 152ms
8ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/version/?jsonp
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: ba1d4c816a3afc381c8b2883571e8cbdc8c982ccba7e977072722c881b69b40d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:13:05 GMT
content-encoding: gzip
server: Apache
age: 545
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600, no-cache="set-cookie"
x-amz-cf-pop: FRA50-C1
content-length: 180
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: 1P0DMOfj4ihh5IUWwQlOA7T_QAbauQEAjvnwdcIqRfe6wT8Q_f8lVA==
expires: Wed, 29 Dec 2021 02:23:05 GMT

GET
H/1.1 200
OK ajaxjs.php Show response
simcast.com/widgets/ms/ 4 B
363 B 120ms
120ms XHR
text/html 45.79.244.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding
upgrade: h2
cache-control: no-store, no-cache, must-revalidate
connection: Upgrade
content-type: text/html; charset=UTF-8
content-length: 24
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4864
date: Wed, 29 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 03:01:06 GMT

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 292 B
647 B 201ms
139ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 565caf30b379abe6d892f5e5d008d59904ffebd106ec3db17a8d0bba8f3da78a

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:10 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

GET
H/1.1 200
OK bidRequest Show response
in-appadvertising.com/api/ 55 B
547 B 404ms
100ms XHR
application/javascript 169.63.109.126
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://in-appadvertising.com/api/bidRequest?bidId=27cc6fecb297de6&pubId=30557&sectionId=10399&vers=5.17.0&url=https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 7e.6d.3fa9.ip4.static.sl-reverse.com
Software: nginx/1.16.1 /
Resource Hash: 9fde44648a2da545faa9b4a19cf7495e9bf69cbc93008a80853392388cdcba12

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:10 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: https://simcast.com
Cache-control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 38ms
9ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://simcast.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
145 B 70ms
15ms XHR
text/plain 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

GET
H2 200 hb Show response
ice.360yield.com/ 245 B
458 B 119ms
35ms XHR
application/json 34.247.120.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2296de7c2fd6a9563%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22447af0e6-887e-4efc-a37f-8836c87aa918%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223926c056f561694%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597743%2C%22tid%22%3A%22d6591976-20cd-435b-813b-9098b08d4434%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2240a39b37128cd96%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597746%2C%22tid%22%3A%22d008d9f0-9dda-4faa-b990-7ebbe2fa6ef1%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%5D%7D%7D%2C%7B%22id%22%3A%22411c088532a74ca%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597745%2C%22tid%22%3A%229d05f898-f2c0-495f-aedb-c16d379df857%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%2242b3250c196dc3e%22%2C%22bidfloor%22%3A0.0125%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22597747%2C%22tid%22%3A%22b90b05e4-9fcd-4260-acc0-12d8f2ff630c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.120.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-120-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fc913f8d510a79cf5704e72dffed45129f8271397f5a36e9e3e2a357b25da2db

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 245
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
342 B 329ms
108ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin, Accept-Encoding

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
328 B 127ms
90ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2248847296c2e74de%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22496e3cc0450118e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2253c3113418e23db%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22320x100%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2257d943926e73bca%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22sid%22%3A%22300x100%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2259603639bd8e879%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff8c03a20b1f604b3b58f0fb1607bdd160d14ae08ed33f93537f1a7b3947b6eb

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://simcast.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Wed, 29 Dec 2021 02:22:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 495 B
1 KB 162ms
128ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1f28c9b7d46128ffee61885ff56fc15869e7743ec90459beab6fed5fd0d35207

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:10 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 43cd7104-ac62-45c8-9510-c3773c781ea3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://simcast.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 495
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 116ms
70ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0c81e90009&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 20b1263f087f4349521e2bd6f985ad5819c62112e29c33d1d84fa5e802150ee8

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
65ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a9698e5017c7c7ef8927f0d2e49000c&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f65b07e212770adff375332cdc24c50978f60efc0c6f1a76c80e3a6a1edb2eb8

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 105ms
59ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969958017c7c9d2d8a9e224dbe0036&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: bb32e045c4f5428fdda4cd127e93ea8b15db182696daf4b45d07e42471a31ef5

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 117ms
71ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969449017c7c9d384d9e23a1c90033&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2e0599afb990b9ad5856ea86689574aa88dd3c5aa00c9217a84b2756577504d3

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 108ms
62ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0eea6c000c&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c0ffd3333176c58baeea4ecefc1b2621f2ac518b5464c3574718f118a4a8fb29

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
288 B 104ms
59ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0f3c9f000d&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 56fe6ea34d18797d462b51ffbc517d842f478caddbabcf92518886e3738d4e64

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
66ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969449017c7c9d384d9e2b7eab0038&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ec7ec1dbb2f155c539eb06d1b71d56daf6e8c5c96f6837a59820b3a4ba8c773a

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 119ms
74ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969958017c7c9d2d8a9e2be84b003e&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 8c152fdda98c98071b42d2c8901c4e9519bce31383fbd6b804228595de4f3d27

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 109ms
64ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969449017c7c9d384d9e2dd206003b&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 149c88938701c4183cb848bfb56531d65452605032db9964b84371da75528969

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 124ms
79ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a9698e5017c7c7ef8927f0e2b5a000d&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 852a0ca0ba1aa90aa9876a0fd6063f5ca6917867cebc73ba552f96751850f8c0

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 118ms
74ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a96909f017c7c7efcea7f0e8629000b&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: aa7958c4adc7eaad62f356df0bfbd4f59fbf1d9a9fb21c4f7a44fb483641fec6

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
67ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698e5017c7c7ef8927f0afda20008&pos=8a969564017c7c7f00a47f0f85bc0008&cmd=bid&secure=1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 02fe6e1e5f7de89832bfd4129a6a795d63ffed5880d7c06c89a5fdcea27eff95

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
847 B 196ms
165ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 05ae3f380aa84525366b83840c571e6220159409c2bbb5e977bd13089b2cf758

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 55ms
20ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 84ms
50ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 108ms
74ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 105ms
71ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 114ms
81ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
110 B 53ms
19ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 58ms
25ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
109 B 58ms
25ms XHR
text/plain 18.195.1.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.1.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-1-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:10 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 player.js Show response
player.sendtonews.com/player7/player/65.21.10/ Frame 79D3 240 KB
72 KB 41ms
11ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: e8ba6c25e1483b376da5f911cb5a9cda1cf892b3e3b6a6d193e564636343bf47

Request headers

Referer: https://simcast.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:12:59 GMT
content-encoding: gzip
age: 551
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 23:19:56 GMT
server: Apache
etag: "3bfc5-5d2aaba559f00-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control: max-age=3600, no-cache="set-cookie"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: AjnYTI8oXqRRQEcnQ6-GJ2BmEkYGHGz_7EZzbnKAUYScV_NSmGZxvA==
expires: Wed, 29 Dec 2021 03:12:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 32ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=762040672&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Fwww.capitalone.global%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1119023097&gjid=1506059055&cid=569723748.1640744530&tid=UA-205158314-1&_gid=42181990.1640744531&_r=1&gtm=2ouc10&z=187796434

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
21ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7b3af446f914b11016ea91a816561361ff91860da8153754d1c29f78f9446e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8539
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H/1.1 200
OK 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ Frame 79D3 39 KB
13 KB 67ms
21ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Dec 2021 02:15:33 GMT
Server: Apache
ETag: "9049cb-9a4f-5d43f833d1485"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3206
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13270
Expires: Wed, 29 Dec 2021 03:15:36 GMT

GET
H/1.1 200
OK data_read.php Show response
embed.sendtonews.com/player4/ Frame 79D3 28 KB
5 KB 501ms
208ms XHR
text/html 50.16.243.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=nwGaOfKgkJogNfcU&instance=391592&version=65.21.10&age=211229&ESG_key=eKVKXbhX&type=float&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.243.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-243-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 65cd067f41e38e4300c22d89c320beeeaf18cb1fc11f17a8dff395fec11dd8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 4141
Expires: Wed, 29 Dec 2021 02:22:12 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 79D3 375 KB
124 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126523
x-xss-protection: 0
expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H3 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 79D3 524 KB
122 KB 25ms
24ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1664390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 123688
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-8304e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hhk8rA8IWYkkhkUKH5d6FdVtY2Z2G7mLBiF%2Fju8SExxCmlI2on6RmugPS1LNWVvOUW0c1XlQurLshfIwNCSyOxPr20pFiWMv%2FZgMcxx4rVIwOYQaUFGXFNrV6RQ6Gg2qhU7MoR2p5FWx6rCju8y5Pn4p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f24cb0b59a1-MXP
expires: Mon, 19 Dec 2022 02:22:10 GMT

GET
H3 200 iscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ Frame 79D3 32 KB
8 KB 74ms
73ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4614020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7559
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-80dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsuPA4tkPbdnGBUROnNip1dA64E47aydXGqMeYfz%2BvsIw3n8oKG5cKBh7NbTR3xS2iJGkwP%2B5QVNKQEChVhmxPmdj9J3Svmq2ZRheiZBxpjpYmR%2BXj3lcu%2BEvq0VBMllGQynIYabcRdHaEWOK3nrjx5X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f24cb0c59a1-MXP
expires: Mon, 19 Dec 2022 02:22:10 GMT

GET
H2 200 comScore.gt.min.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 79D3 335 KB
59 KB 40ms
10ms Script
application/javascript 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 15:42:48 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 23:25:25 GMT
server: AmazonS3
age: 38363
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZGtdaZcKvG71ZEzT_C5wuzTZQYf_53nW3er3xB-miXRP64dRdp6Q5A==

GET
H2 200 prebid.js Show response
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/ Frame 79D3 230 KB
73 KB 49ms
19ms Script
application/javascript 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/4.13.0/prebid.js
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 15:26:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 16:52:33 GMT
server: AmazonS3
age: 76558
etag: W/"0d9ef44ff3701f373f18205e7e1bc16a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oNPXhS4_pNGfMqG3a6tSrYRcBZmRRB_0td3L3R3U65IHnwRG1Lz6Lw==

GET
H2 200 css
fonts.googleapis.com/ Frame 79D3 5 KB
1 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 00:26:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 02:22:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H3 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/ Frame 79D3 39 KB
10 KB 74ms
73ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video-js.min.css

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2243208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9062
timing-allow-origin: *
last-modified: Tue, 26 Jan 2021 19:48:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6010721a-9c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqjGPkK1E%2FUWhudB3yenNrU5yT8kg5EnvzizmgmKyC6UqsOI%2BuTZOu%2B60pZEw%2B0OcTlMmd9ZxeHUko1%2BZl%2F8uVxXzEoqzPteNMAFzVxLGotgbLOH%2FVKHF3e7muiCpUAgjSNL%2FNq5dp4Fis6rwNiBYZ88"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f24cb0d59a1-MXP
expires: Mon, 19 Dec 2022 02:22:10 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 79D3 26 B
187 B 305ms
99ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=nwGaOfKgkJogNfcU&instance=391592&version=65.21.10&age=211229&cmd=PRE_INIT&key=eKVKXbhX&order=1&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&canonical=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D5F 13 KB
5 KB 27ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 28 Dec 2021 23:53:53 GMT
expires: Wed, 28 Dec 2022 23:53:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 127C 783 B
1 KB 49ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2c8db35582e4a7c3691904aa8c693c0be22e9f3fb0d29d151d9b53583b46c12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rvWZAm0nicuqJajwefxKUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 29 Dec 2021 02:22:10 GMT
date: Wed, 29 Dec 2021 02:22:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rvWZAm0nicuqJajwefxKUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ Frame 79D3 2 B
163 B 340ms
122ms XHR
application/json 18.215.24.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.24.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-24-252.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://simcast.com
date: Wed, 29 Dec 2021 02:22:11 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 79D3 109 B
540 B 108ms
34ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 4bba0046c96a9a31a7b96e5a3e9f65d06c3ea6fd655c37dc1a7e559a9a7496dc

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 28 Jan 2022 02:22:10 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 79D3 44 B
324 B 41ms
17ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 29 Dec 2021 02:22:10 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://simcast.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
BLOB 200
OK 5d0e4f6b-56cb-4abd-81f6-763079d6508c
https://simcast.com/ Frame 79D3 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/5d0e4f6b-56cb-4abd-81f6-763079d6508c
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 127C 0
0 30ms
30ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=659192164346920&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D5F 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 19:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 19:13:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=659192164346920&bg=!BgWlBUHNAAZKWFskSlg7ACkAdvg8Wr33x_BlUD1Z7d9KXnZDtGpFXWtaN4uWhebbYfWbQZkOrMX3hAIAAABVUgAAAApoAQcKAD66pXhmcw8InfmTOiQQDvtpQnjpCTrGAdPftJqk4KG7rEqJPzSrzYCPPmg6M7gb45kalw46Pp0uWnbp_LImkpkCs3sHnplBScSVKYEOgIVOZd_GuaCn5a9ThlC4jOi9gz4pVqIvVaKSXUREwgguqfLH5BwBegQhNgePvSQ2Ee-ZgnQaNiqjUBdXu_uLBS2HbN9bg3gi83dFFchrZg4Lkzgn1RDxee78ZQM1qP0bhGB3vvqWTdSPKXTyhhayOwgJtBgiXecMDL7kK3S9Juj2zOITccJW2hvw6m54wElEinpPM6-DKwFbKlaV0xRgTu96kGHQgfXTUFO3gN8xlpa2IXMyuLtCWvMKNMXuJIkxUjKVJ8ntUhGhfVcCHMuEoZqZ60gYLeAJpr6DiJ8Ktv5lNBMK0uZ0x64MMO5x5MyuVJLBd8E0v4tZoPi5Uwkm_bKL3-5UjZZLTi3oSQYPcVe41HP3A3-Ndk0bFzZ0wPpbwQafvUIOOkq4-iiY1jyEAO8ljH-8rIdzIXgsK-3FkhZU65jJ6sb0ae_6e7t8OSHSqBl3gSZGi2RsbL4suyAaHTYRRZYMs2C8I7CRLf6olwnYHiPZTgGZ28Wv7H5Q6opDBYn5h7UCY8n36GEktB8G4r0P-8kISP459RV4Our2IVTK9g8UuTDEZQ50dPqIy7PdWdV2VAJg208IT9OE6jkz1U4Q-Ph_f0p8sspQofhNnPiLnwJmUUN--CQBvuM7Uz7w1qZbbpCagzrAuJN-AAOlykpeszkJwT9q2r5pc25OmVZMW2TC0iltCkXI1AcKZCmPC21OpO2STzliWvhgI2T2MAzladKFWcVwLGDHtLDGf5ht6hzQId7MkVwR2Vfrm2PkcUkWAQIxHeC3d9KVg9MdnMBTxwQmBKLAiWkbifOFhDdGRlikc9aO8e0O_N7WpKfj9BsZ3k6-AkKUE2_MhHiz9fE-FxV69kiAgD1NNXaY7QFU5Yn5m6QHYLmodkx-eKsEqCOBpQWQsEY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 43ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://simcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://simcast.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1407
date: Wed, 29 Dec 2021 02:22:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=utrFlXxYV3cvS3dVYWkvbEtndUZOODRCTlpVMk1pUjFqOVBEc2l6VGpLR01ZUHNKZmJxendyU2V1aWtYaS8yWDdXazlvREZHcGJSU0xkZlBhMFdxMVphdkx2a1hDN2x2MURiT3JSOTA3Qy9jYjZhTEh2WG05akc5U3JRSF...

350 B
616 B

50ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=utrFlXxYV3cvS3dVYWkvbEtndUZOODRCTlpVMk1pUjFqOVBEc2l6VGpLR01ZUHNKZmJxendyU2V1aWtYaS8yWDdXazlvREZHcGJSU0xkZlBhMFdxMVphdkx2a1hDN2x2MURiT3JSOTA3Qy9jYjZhTEh2WG05akc5U3JRSFFDQXU1NWQ0U3Y1SWZSTVEydDBqd0daSzIyU2tYVE9WSjdtSjVxalFZSnhmMlVZRHFqWGZDdjUrVUVvVE5WUTZLRmJnakdrcjljNUwwM2cwZE1VVnhkWEVJZlhwaVROS1AxSzVtRlc0MEUzSHBIM1NyTEgwPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1fcbb8438c7471975167853e31c3247d6c1b951ec1ec34b89e16184a0dd76577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2564
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:10 GMT
location: https://mug.criteo.com/sid?cpp=utrFlXxYV3cvS3dVYWkvbEtndUZOODRCTlpVMk1pUjFqOVBEc2l6VGpLR01ZUHNKZmJxendyU2V1aWtYaS8yWDdXazlvREZHcGJSU0xkZlBhMFdxMVphdkx2a1hDN2x2MURiT3JSOTA3Qy9jYjZhTEh2WG05akc5U3JRSFFDQXU1NWQ0U3Y1SWZSTVEydDBqd0daSzIyU2tYVE9WSjdtSjVxalFZSnhmMlVZRHFqWGZDdjUrVUVvVE5WUTZLRmJnakdrcjljNUwwM2cwZE1VVnhkWEVJZlhwaVROS1AxSzVtRlc0MEUzSHBIM1NyTEgwPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2461
content-length: 482
expires: 0

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 213 B
529 B 40ms
8ms XHR
application/json 51.89.7.205
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p28.id5-sync.com

Software

Resource Hash

0ec469f71480e26bd1945b897beefc5170de24c4d0b2f392f4d947533ac61f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Wed, 29 Dec 2021 02:22:10 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 204
No Content any Show response
idx.liadm.com/idex/prebid/ 0
432 B 413ms
98ms XHR
text/plain 3.95.140.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.95.140.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-95-140-237.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://simcast.com
Date: Wed, 29 Dec 2021 02:22:10 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: da776c7d017f016c
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
333 B 118ms
46ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f75286524d4339d345be0ab0d24554611d40b54a7e705c9c9844ebf707f4292c

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://simcast.com
cache-control: no-cache
x-server: 10.45.18.72
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
19 KB 339ms
339ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=659192164346920&correlator=1283308601849073&output=ldjh&impl=fifs&eid=44756716&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211229&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D200%26wrap_l%3D1300%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D500%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D700%26waae%3D400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&cookie=ID%3Db2f471f2820452ad-22612fd910cd0024%3AT%3D1640744530%3ART%3D1640744530%3AS%3DALNI_Mah4Md67E7FJnSKF-uf0m1A5mTIkA&bc=31&abxe=1&lmt=1640744531&dt=1640744531005&dlt=1640744529434&idt=624&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C791%2C1230%2C0&adys=80%2C948%2C175%2C1371&adks=1635088977%2C1152201870%2C181822351%2C279805050&ucis=1%7C2%7C3%7C4&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Fwww.capitalone.global%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C417x0%7C339x0%7C1600x1371&msz=1600x0%7C417x0%7C339x0%7C728x0&ga_vid=569723748.1640744530&ga_sid=1640744530&ga_hid=762040672&ga_fc=true&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9bca01ed7e9dc635393934fb1fb6cce56e2d0aa194aaa601db58c29385c419d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19663
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 05B7 6 KB
4 KB 68ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 02:22:11 GMT
expires: Thu, 29 Dec 2022 02:22:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 75ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 988
date: Wed, 29 Dec 2021 02:22:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 79D3 0
426 B 68ms
20ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://simcast.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://simcast.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Wed, 29 Dec 2021 02:22:11 GMT

GET 0.js
player.sendtonews.com/bidderFiles/ Frame 79D3 0
0

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/200302733/ Frame 79D3 0
169 B 80ms
24ms Script
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 6c4f8f285c3c3ff5-CDG
date: Wed, 29 Dec 2021 02:22:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 79D3 44 KB
44 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 7657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 00:14:34 GMT

GET
H2 200 1-56o64r73022o536onp6qp1qpsr869110.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 8ms
8ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-56o64r73022o536onp6qp1qpsr869110.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:26:25 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:23:04 GMT
server: AmazonS3
age: 64547
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: I3d8thf6ZeMrpAcuo5M7lAndZ37k-6nHx4863yyFoJqx-LDwkpS2sQ==

GET
H2 200 1-0s4r4r7q52rs3qs1n2o8188q942o274p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 9ms
8ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-0s4r4r7q52rs3qs1n2o8188q942o274p.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:26:25 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:22:04 GMT
server: AmazonS3
age: 64547
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: lp0xlgAlcamp2_krCE4QZNHrkhxo3gtlVzvI_l8R8-3hG9nKC5jWWw==

GET
H2 200 1-0073o5r9o992q88sqr3n918n74872492.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 9ms
8ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-0073o5r9o992q88sqr3n918n74872492.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:22:37 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:21:04 GMT
server: AmazonS3
age: 64775
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: 9wvocjMsSwvwNk9LYFcF5WADkkF-Vnwu5oSmyhtdqabGRJNGizEi6Q==

GET
H2 200 1-006qno69pnrpo1sr5r75prs7soso6s49.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 9ms
9ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-006qno69pnrpo1sr5r75prs7soso6s49.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:20:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:20:06 GMT
server: AmazonS3
age: 64877
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: sbBbXlgOhwdy9yWWv74oSvPc-AX2nccbm3kRnWMjiFdf_RBPeffKbA==

GET
H2 200 1-qo60q0n4q6qrn4664805s1q6or95rr6r.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 10ms
10ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-qo60q0n4q6qrn4664805s1q6or95rr6r.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:26:25 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:19:03 GMT
server: AmazonS3
age: 64547
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: tLspsuVXC1lheIqcsETWQuEPqvL-xa5T6Sm4TXx5Bxb4ruWbcHGd9Q==

GET
H2 200 1-98no0q37p4ops1o6q09qnpo9q8o4r1o5.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 11ms
10ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-98no0q37p4ops1o6q09qnpo9q8o4r1o5.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:18:45 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:18:04 GMT
server: AmazonS3
age: 65007
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: fTHmZfJ3VXHRGXPipsYZ_G9fRDBFy56yNvtkPwIAjZGirJ0m5r1mMA==

GET
H2 200 1-pr84p2nr40066qs898sppss2qp941722.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 11ms
10ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-pr84p2nr40066qs898sppss2qp941722.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:18:45 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:17:04 GMT
server: AmazonS3
age: 65007
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: FvugqedEnsoqe6smi-k1nfVIVbdE5bz4XcGfqUEVPXj-9k1SXmM3pw==

GET
H2 200 1-3r383sq981q9p2r885r2p327644856pr.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 11ms
11ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-3r383sq981q9p2r885r2p327644856pr.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:26:25 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:16:04 GMT
server: AmazonS3
age: 64547
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: Xny2aC5uF4kKlS2bxfBXXNakswHnKe3S-aO2yFQOhPC0CtEdprZKEQ==

GET
H2 200 1-s6p0r50r02q52759n52q7n0035389317.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 11ms
11ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-s6p0r50r02q52759n52q7n0035389317.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:15:15 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:15:04 GMT
server: AmazonS3
age: 65217
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: fLJh9iIoiK8F6Nxxcnpasa8rLlXrnZElcu4KQy88elPOxiWVavpvKw==

GET
H2 200 1-8n0np04roo98nn43s080p62772344q1r.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/ Frame 79D3 1002 B
1 KB 11ms
11ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/SM/1-8n0np04roo98nn43s080p62772344q1r.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:14:38 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:14:04 GMT
server: AmazonS3
age: 65254
etag: "118e6843bc72d8d27541c563f21a1825"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1002
x-amz-cf-id: n8121aXZHkDmQLSWS6iGcJzLp26RH9RjIpISJjWvWZgxrbyQRbd7EA==

GET
DATA 200
OK truncated
/ Frame 79D3 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 79D3 44 KB
44 KB 25ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://simcast.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 7657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 00:14:34 GMT

GET
H3 200 bridge3.493.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E9B3 598 KB
194 KB 22ms
7ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198942
date: Wed, 22 Dec 2021 04:54:22 GMT
expires: Thu, 22 Dec 2022 04:54:22 GMT
last-modified: Wed, 15 Dec 2021 20:12:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 595669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 79D3 0
253 B 604ms
294ms XHR
text/html 54.204.0.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=0&USR_ID=214391592&ST_usrKey=nwGaOfKgkJogNfcU&SM_ID=0&C_ID=12018&C_companyName=Adapex&version=650210100&sC_ID=0&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-0-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Wed, 29 Dec 2021 02:22:12 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 79D3 26 B
186 B 98ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=nwGaOfKgkJogNfcU&instance=214391592&version=65.21.10&age=211229&cmd=GET&key=eKVKXbhX&c_id=12018&seq=0&order=2&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&playerCfg=FL&canonical=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 1-56o64r73022o536onp6qp1qpsr869110.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 79D3 14 KB
14 KB 8ms
7ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/1-56o64r73022o536onp6qp1qpsr869110.jpg
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33ca5e7810d91b923571ae0a67e59cfd3013d6338a05619b8e64d32c5cdb3cb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:26:31 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:23:04 GMT
server: AmazonS3
age: 64541
etag: "c527220299d6d6057e581e2191bc093b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 14007
x-amz-cf-id: FIOezALkEeAbSqPa8BFwFpjZQrsgnYqg9ZrfBrxWGWCCLGoam5uR0A==

GET
H/1.1 200
OK data_stn_l.php Show response
timber.sendtonews.com/timber/ Frame 79D3 0
253 B 442ms
142ms XHR
text/html 54.204.0.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=SypMW8fLfa&USR_ID=214391592&ST_usrKey=nwGaOfKgkJogNfcU&SM_ID=1697128&C_ID=12018&C_companyName=Adapex&version=650210100&sC_ID=8539&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by: Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.0.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-0-108.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 0
Expires: Wed, 29 Dec 2021 02:22:12 GMT

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 79D3 44 KB
17 KB 65ms
15ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Dec 2021 02:22:11 GMT

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 79D3 26 B
186 B 100ms
99ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=nwGaOfKgkJogNfcU&instance=214391592&version=65.21.10&age=211229&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&EXTREF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&playerCfg=FL&sC_ID=8539&sm_id=1697128&load=1&status=LVFNLNIY&ac_id=2008
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 79D3 1 KB
1 KB 8ms
7ms Image
image/png 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 13:15:04 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 47228
etag: "cb93bb50e5d021cc38de445a672c18a2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: FY-PMiDY-M7p7lKNSQt48TfR1faVx7bzz4lUdEYSPzK1tpVxFuUl0A==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 79D3 322 B
639 B 8ms
7ms Image
image/png 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 13:15:04 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 47228
etag: "311cf2edc46e82f2a6911332b7db54e1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 322
x-amz-cf-id: _4P28TB4Q2j-IGtKErDKRkuIIkhOkXWth6L4yi4pTq9U0B1FbMKElQ==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 79D3 832 B
1 KB 8ms
8ms Image
image/png 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:15:01 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 4031
etag: "8be584e844dabfe22970a0cb943c047e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: BXmur9Y4ZIksRFpjoniRRAFGtlLI2_qCn_LEbZFfqB-WRnGA5VZ_9w==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ Frame 79D3 773 B
1 KB 8ms
8ms Image
image/png 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:35:29 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
age: 20803
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 773
x-amz-cf-id: _4GwzmkB97cbtTkb4_j7xWVtU3qQWUbLR7YdgC0raFsSu-t_GAfq_A==

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0D0D 37 KB
13 KB 8ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 29 Dec 2021 02:56:35 GMT

GET
H3 200 container.html Show response
b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EEA7 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 02:22:11 GMT
expires: Thu, 29 Dec 2022 02:22:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F5B8 6 KB
3 KB 18ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 02:22:11 GMT
expires: Thu, 29 Dec 2022 02:22:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3576 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 02:22:11 GMT
expires: Thu, 29 Dec 2022 02:22:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25FA 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 29 Dec 2021 02:22:11 GMT
expires: Thu, 29 Dec 2022 02:22:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F5B8 0
0 49ms
48ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpqNNU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEmgJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4f6EhejfDjvydvPcVwOEQZiL_C4s8dsFPkyNySGY1R3UnOG9Oeo_gBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=-J6FVHznPtw&uach_m=[UACH]&cid=CAQSPACNIrLMkSDuHoKBEGlgJazUrzc1cZOWkJ8-U-F1u0RxaoXT3zcRJlgJWQypGPeCYDYPZQy6JdvCzNu2dRgB
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F5B8 0
0 692ms
657ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jhaq5nsntgvwmvc95kp8svscede823gyaekt9dss6m3t05k0whshxp5w0q2mqzq246y11ey6tv1psqj8r3866rzsmgg8p8381a4z5se8gcqyytmrds125e62hnz0s2fvmdzzsyccgc5h5exykfs3qc5wrmd7nw4d46x49scz8bjpp549mxhbv4h2xpszy3qpbyx9r6d5d1nvdrt2dsyy29ay5m5f6r8hkvyxhh3w7rx7jzs83x2t075vxw87yce47d4qbj8bfj0815cs1cwx5zg3zqbkyv8m1nd7f59b01d0ajms10thepqzj90cehjx1pafw6xcsz5n94sa047qtfnd50m8rn9wfe2qwkpppaz06d5e420b86qmyd1xyqx2g86r1wvavpewgg5k634zcsmryyt2&b=YcvGUwABICUKiwVUAArZcL1rmYQC2fQkuqotYQ
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 02:22:12 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1262 2 KB
1 KB 55ms
21ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k0gnv0wdprc4ekshn3xfacepgnz1czx43m8x7vqtq18kk3bwk2yn96w3tp5r91azjasvqf4edz5s6w6hqwgj5de1da6bqk95mzngpfahmfg895ra8sxzxd44f80gk04979zz2pfafcxk3enybxkde3ycmaaeekq5b6twcfwwj8fvmyn1c1js0qwz9ktg6cey89b0212rfhevyq7fxe9yysvy08e29k31a5mdzjd4rsfn8gwex1xwz62by3f5br1b76tj0hh96pe0h23fcfjmxa6b1mtm4kmm85emk9k2y6v3x2afn5evcect9r4gedgbxb4g486v4jpx7m5vwtgqghvasn831bzakr2ax288761n6d6xzhrs9v623t149k6fekzspnkyd51j54saazqrp4fvmjcf3zyt3c39jg9s2p7jdfe1y1r2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d15ad3fa7be3b11103c21763d6c3d143bf08358c41a6efa79a42c782a97fe2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4f8f29bcb14df4-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F5B8 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 02:12:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 327C 1 KB
749 B 8ms
8ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 05:53:44 GMT
expires: Wed, 29 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73707
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5B8 119 KB
37 KB 70ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Dec 2021 02:22:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F5B8 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 01:40:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F5B8 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Dec 2022 14:56:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EEA7 0
0 48ms
47ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9pIeU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEmQJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI8gN2zRWaM5of9JHHj41IvyHJtdHte8xjbj3m7WHJM5aO9Rk6ZHyOAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=FRvaRQtlBcM&uach_m=[UACH]&cid=CAQSPACNIrLMkSDuHoKBEGlgJazUrzc1cZOWkJ8-U-F1u0RxaoXT3zcRJlgJWQypGPeCYDYPZQy6JdvCzNu2dRgB
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EEA7 0
0 687ms
656ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hkt07kb32m56341aaq9ge1w9n0cfhnbqn8497sxmetr1xczvxfscyfvjgtmtnbmpzdeb6p30khhadgd36025mtsrm7yk30ttshf69mbvzxvrej6get78znsa1ra5wt7jrnxfhvkgqeje8awd4sy2jf0hxmhdmbzapatajygn3r8gtgjyf4b612kv0krpmqy4412fjvvfpq0v42rh71eyjyagqwhyz8zkraftgs9gnskmj697qhk4fcwtk4avdxrhq9n0t3nkeep35612cxbd4gdw7cxx3qx8txzhjdw1cdq6y0vxr2yjxdwk7tqqfkqxjj3w2gsrq6prdgxxq7p6z6h4rw3hqncjwftgwss8t3tf93ngandc15y1s7njyggfmr2f7k0ssp75y86atrfte59rr5pa&b=YcvGUwABICQKiwVUAArZcDMX3vNDkC57XztGew
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 02:22:12 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A02F 2 KB
1 KB 50ms
20ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gspq733dtkryr3dryh0kkt6a3175kxjhr5gd9t7h6dra4k9dj9cq08tbm53te4haspv857h78sf53nsb8xmssnekys9dmptj66538wq1szd2kg4978xvrycxybmzd2n4vbrn5czznq0x1vp0mqd4kremhr3xff6s6ne49c8kfwaabeec7wh2d8z3gmpz1txdr0tm6xjfa5bxwbtt4k81h03rfhb10azrxpvp1n1ty4snewr5tnzqba9y7jk4pe95f6kyhfjksqq8cvpynta3xwwefx65eeqzyemchq7skp2msm3m4j8vzf6n36ddymf0pxd5jafq1w9an5h8fct3c8ggtxqfw85bwynymvfxwsbzb5y3dz8q28j34t54dqay6f8kn35dbej7cm129e6syyrdkcbrak34ecbyt8m7bh42xbpg5gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e991daa241c74f0cb0663e6e9f6ac012097ba8fc630a3814444ba0f412ca74e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4f8f29ccb44df4-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EEA7 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 02:12:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2273 1 KB
749 B 11ms
10ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 05:53:44 GMT
expires: Wed, 29 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73707
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEA7 119 KB
37 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Dec 2021 02:22:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EEA7 15 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 01:40:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EEA7 0
0 33ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuFQ8xOD_m8W874GxpYDyY_AFCl5eUvvAWGki3NPG7nFsWUpjmRYP9jRPi4DEEOKGSNpUBnL6c_xYGojpqj6NcP9vKOw
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EEA7 22 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Dec 2022 14:56:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3576 0
0 52ms
47ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3lwHU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBJ4CT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKCewKIBLbaA9hy-m46tMMVZfRlICDobgOXnlMojA_iJbjDOoJ2XPeAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=gPnwsFWmi7s&uach_m=[UACH]&cid=CAQSPACNIrLMkSDuHoKBEGlgJazUrzc1cZOWkJ8-U-F1u0RxaoXT3zcRJlgJWQypGPeCYDYPZQy6JdvCzNu2dRgB&tpd=AGWhJmuNd47XNaBmA4cIa2R6T5JyLCkfDEbYIjLciMwxlnpyfV8cYGixbLMSuAobaiFpIKv4NbH1_Kdd7KSXU4JAd71-Ct2Np7hZ1L7CXglPkR5414lSCLFoLM2pBLOYXtJ-IZX19MKcwugaA7Qx7uiN16pSqKFfE4Gmb1nzgBwiaD2AbuRbAkjh8OtUymqWmFMxUaabLF_C2C4ALPxBqWlBPGIR9U0CwXAJqN55HmFu5W2zOaLiqw-jO4RG01x9HRR-XiB_pMBbp8M0JjqzI06VeIA4oCuBh78LhU-zGWC0GIAYrdQxye3m7jilPnOUyneeshR6-5hRJk0Nr9tLPz3e_pGu8lxA4fu4Bjcyyba3Ik4zOGbsBkEOP79tfUyviR6px_T5XBEwthBW5IVwR0iCpCBKy9UZ4vOTVlBvuSyf3ds1kSFxwt1KeGfCaRSJz3Gw2C5smuTogWfYpCkgMHJ3YxHYxJVrW0KTWRQx6YXIga2MpV8TBs4TimGCY_rMlM4HWToMKfQjc1eZTFv49O5MzsifUUomTvMU6UlGlSUMRqjDgW7dsxPbw03jXwlzg2cv3Ne4F7YS9FkD1-k9zV98z0qbWfCq0x9DSFXRLtYuipBdrioM3p4069HKqnf8d5jR1QSG6Y8FUXAz-SAAEaxZLIh4CnnvXW6Cbmhwqd2xCGomgji3eDObmgdoL2czp326oEsIJgZjs3lj3qza421FbRUht8Oq1qZ2DhO1cTkzFcuVRkPYSLC3lYZ3nObrHRL2LCZPWA_pK3hjeQzoRuU98Bqwv6PpisFhwzUo2SvRQ8uuJ6gNjPNyXqs8FnHoT166_9-S2fqiH7lhJZ3x4raDk2xCEbV7OaNrlgSAQwDDGGzoNSIn-JJEybUF1U-qfJo1XEl00xXSCJp6rKebyCMOHLXcxu3BHXhzy9MzyWGD8yWtMp7gBnt8fO5p4u52EnNrZltDelmYa0dJK1b95mcVBVm6fIv9CiKr4LiEsFfP9UKtZh2R_VEF4LjixlMoreXwJklKvxOE01C43xQXNTmDbJfmPTYeMUlqPRz6cHHEi3REleZ1Ro311WvrP5SjikOX1_iRhId1o-k_S_h-y01IuVM
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3576 3 KB
2 KB 56ms
16ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJZME5UTm1NV1V0TTJJNE5pMWpaak0yTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczODk5OTcyMzA5MjExODA0MDQvOTY5MDAzMS85OTU1OTkzLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUQk4td1RKYWlVbUJ0NXFuM20weXJOVS8xLzQvMC8wLzE3MzQ5NDUvMzExODk5NTIwMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczODk5OTcyMzA5MjExODA0MDQvenJoLzAvOTY0Ni8zNi85OTkvMjU4LzE4NS4yMzIuMjMuMC8wLjAwMC8xNjQwNzQ0NTMxLzE2NDA3NTcxMzEvNC9wdWItMTA2Mjk3Mjg2MTU1MzMwMy8/44aFXT-LFVVnB3jLZxkZjad-QZY&nodeid=363&group=zrh&auctionid=7389997230921180404&shardkey=7389997230921180404&sid=9955993&cid=9690031&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 2a3452ffa6a08762bf982091ac7fbf5614b8fb333faff970026df3c12093535e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1640744531
Last-Modified: Wed, 29 Dec 2021 02:22:11 GMT
Server: MMBD/3.210.4
x-mm-latency: 2 (3)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x70, zrh-bidder-x50
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3576 2 KB
1 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 02:12:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3576 119 KB
37 KB 74ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Dec 2021 02:22:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3576 15 KB
6 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 01:40:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3576 22 KB
7 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Dec 2022 14:56:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 25FA 0
0 53ms
48ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJpJrU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEpgJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGGPg61gX4X8RzpKzN6yD9EWiJ-5TO5EuGisb7N5dW_gi4mHcCSUTgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=ef0WCyjGh4M&uach_m=[UACH]&cid=CAQSPACNIrLMkSDuHoKBEGlgJazUrzc1cZOWkJ8-U-F1u0RxaoXT3zcRJlgJWQypGPeCYDYPZQy6JdvCzNu2dRgB
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 25FA 0
0 32ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jqbfe4wbfa4zxc71nk5myzaj18s5h32vcr4ymeryz1v31k2gz2rd05a2x6swd048ztfmyyxddtmmqzst0ksxszxwttckpe4hs509fymqw7r9x8cxf8213qbfww6e3n5nahanmmzk8w0c9mm6pqsm7r0t0n5575hjbxxpmskebrkyzpvnbqz96ftx7wkqh0r0rqq1qgcjhjkamf0w287qzg6sewm20w6r7xwkf0njjctskkysvkkc2q9530xf8930h84y33hzfbvpqyhym9etxyhwhnd246hgp1mcrgnkxv4qvkvw347hwrw747dvr67hmevgcfh3yaazs92cmjd0qpx34nnqgs9m7p4j544rfystbznymd58aafxd5xb7t7wzh18qb19xx40v2xhxmx7ykxraqvy&b=YcvGUwABICcKiwVUAArZcIGcVuU_rd5Q6KnjJA
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 96F8 2 KB
3 KB 36ms
19ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hf2h55z25qmrya9yhvm9r3gnqc49q9mxxhn6syfzmy1q0b525wncdqx5m76d8t6ak1pvxxdnzb0jxdfwphz0hm0a3jtgkk64km8vczrvc53ncywnhn7vjz0n1kr8dwxy2k4awjx966gt89hka1ezek45p7rrvkawpybphrt12m438dff6c5mq0vn28xwysw6y300tz7yzndk9abaffxkw1f61bas40p1az4731pjnqvv877wxr8gee2xzaac2pgknf2hw89q13tey29vbtm0bb193v2h55cy80q684g6kkydd3vz9tpr0bnprhm52anc0f4eeqtj3b0434trrhjzdaneyx92dhyn276nc98nmj8b2a9s7a2ckng9knf1ywe4zsrvh8s555qawsh0agrtqtg3w8zj20h5av4xwk21j2x67x1xetg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%26client%3Dca-pub-1062972861553303%26adurl%3D

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a6b67f0b077700e47f151bc6bfc6a46629a426a265b4b013f2d769c873d6c1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4f8f29ccb24df4-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 25FA 2 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 02:12:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 09B9 1 KB
749 B 12ms
11ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 05:53:44 GMT
expires: Wed, 29 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73707
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25FA 119 KB
37 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Dec 2021 02:22:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 25FA 15 KB
6 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 01:40:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 25FA 22 KB
7 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Dec 2022 14:56:59 GMT

GET
H/1.1 200
OK r0rzfbhsf7cr Show response
hal9000.redintelligence.net/zone/ Frame 3576 10 KB
4 KB 49ms
16ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/r0rzfbhsf7cr?subid=&gdpr=1&gdpr_consent=li&rnd=7389997230921180404&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7389997230921180404%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_cid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D%26redirect%3D
Requested by: Host: www.capitalone.global
URL: http://www.capitalone.global/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a6f76bdf43d56995b0a28cf2ec66b41bd61d0e92c46e72e6795603e4c3ff86d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3398
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3576 49 B
329 B 41ms
14ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7389997230921180404&node_id=363&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJZME5UTm1NV1V0TTJJNE5pMWpaak0yTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczODk5OTcyMzA5MjExODA0MDQvOTY5MDAzMS85OTU1OTkzLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUQk4td1RKYWlVbUJ0NXFuM20weXJOVS8xLzQvMC8wLzE3MzQ5NDUvMzExODk5NTIwMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczODk5OTcyMzA5MjExODA0MDQvenJoLzAvOTY0Ni8zNi85OTkvMjU4LzE4NS4yMzIuMjMuMC8wLjAwMC8xNjQwNzQ0NTMxLzE2NDA3NTcxMzEvNC9wdWItMTA2Mjk3Mjg2MTU1MzMwMy8/44aFXT-LFVVnB3jLZxkZjad-QZY&nodeid=363&group=zrh&auctionid=7389997230921180404&shardkey=7389997230921180404&sid=9955993&cid=9690031&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x72, zrh-bidder-x50
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 3576 7 KB
3 KB 162ms
30ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//simcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&ap=&ti=7389997230921180404&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&sr=4&de=43003&si=984468692&dm=300x250&ac=1040879&cr=9690031&ai=215543&c1=9955993&r1=185.232.23.0&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJZME5UTm1NV1V0TTJJNE5pMWpaak0yTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczODk5OTcyMzA5MjExODA0MDQvOTY5MDAzMS85OTU1OTkzLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUQk4td1RKYWlVbUJ0NXFuM20weXJOVS8xLzQvMC8wLzE3MzQ5NDUvMzExODk5NTIwMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczODk5OTcyMzA5MjExODA0MDQvenJoLzAvOTY0Ni8zNi85OTkvMjU4LzE4NS4yMzIuMjMuMC8wLjAwMC8xNjQwNzQ0NTMxLzE2NDA3NTcxMzEvNC9wdWItMTA2Mjk3Mjg2MTU1MzMwMy8/44aFXT-LFVVnB3jLZxkZjad-QZY&nodeid=363&group=zrh&auctionid=7389997230921180404&shardkey=7389997230921180404&sid=9955993&cid=9690031&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cd6c8f0810a8f8fa531ecfa92db6ef5fa77f39e0cf1c91bc461bde32d48ae8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2955
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3576 43 B
404 B 104ms
38ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7389997230921180404&v3=1040879&v4=9955993&v5=9690031&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJZME5UTm1NV1V0TTJJNE5pMWpaak0yTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczODk5OTcyMzA5MjExODA0MDQvOTY5MDAzMS85OTU1OTkzLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUQk4td1RKYWlVbUJ0NXFuM20weXJOVS8xLzQvMC8wLzE3MzQ5NDUvMzExODk5NTIwMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczODk5OTcyMzA5MjExODA0MDQvenJoLzAvOTY0Ni8zNi85OTkvMjU4LzE4NS4yMzIuMjMuMC8wLjAwMC8xNjQwNzQ0NTMxLzE2NDA3NTcxMzEvNC9wdWItMTA2Mjk3Mjg2MTU1MzMwMy8/44aFXT-LFVVnB3jLZxkZjad-QZY&nodeid=363&group=zrh&auctionid=7389997230921180404&shardkey=7389997230921180404&sid=9955993&cid=9690031&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3576 49 B
329 B 44ms
16ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7389997230921180404&st=9955993&time=1640744531&nodeid=363
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTjJZME5UTm1NV1V0TTJJNE5pMWpaak0yTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczODk5OTcyMzA5MjExODA0MDQvOTY5MDAzMS85OTU1OTkzLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUQk4td1RKYWlVbUJ0NXFuM20weXJOVS8xLzQvMC8wLzE3MzQ5NDUvMzExODk5NTIwMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczODk5OTcyMzA5MjExODA0MDQvenJoLzAvOTY0Ni8zNi85OTkvMjU4LzE4NS4yMzIuMjMuMC8wLjAwMC8xNjQwNzQ0NTMxLzE2NDA3NTcxMzEvNC9wdWItMTA2Mjk3Mjg2MTU1MzMwMy8/44aFXT-LFVVnB3jLZxkZjad-QZY&nodeid=363&group=zrh&auctionid=7389997230921180404&shardkey=7389997230921180404&sid=9955993&cid=9690031&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x22, zrh-bidder-x50
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 96F8 81 KB
11 KB 56ms
32ms Stylesheet
text/css 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hf2h55z25qmrya9yhvm9r3gnqc49q9mxxhn6syfzmy1q0b525wncdqx5m76d8t6ak1pvxxdnzb0jxdfwphz0hm0a3jtgkk64km8vczrvc53ncywnhn7vjz0n1kr8dwxy2k4awjx966gt89hka1ezek45p7rrvkawpybphrt12m438dff6c5mq0vn28xwysw6y300tz7yzndk9abaffxkw1f61bas40p1az4731pjnqvv877wxr8gee2xzaac2pgknf2hw89q13tey29vbtm0bb193v2h55cy80q684g6kkydd3vz9tpr0bnprhm52anc0f4eeqtj3b0434trrhjzdaneyx92dhyn276nc98nmj8b2a9s7a2ckng9knf1ywe4zsrvh8s555qawsh0agrtqtg3w8zj20h5av4xwk21j2x67x1xetg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hf2h55z25qmrya9yhvm9r3gnqc49q9mxxhn6syfzmy1q0b525wncdqx5m76d8t6ak1pvxxdnzb0jxdfwphz0hm0a3jtgkk64km8vczrvc53ncywnhn7vjz0n1kr8dwxy2k4awjx966gt89hka1ezek45p7rrvkawpybphrt12m438dff6c5mq0vn28xwysw6y300tz7yzndk9abaffxkw1f61bas40p1az4731pjnqvv877wxr8gee2xzaac2pgknf2hw89q13tey29vbtm0bb193v2h55cy80q684g6kkydd3vz9tpr0bnprhm52anc0f4eeqtj3b0434trrhjzdaneyx92dhyn276nc98nmj8b2a9s7a2ckng9knf1ywe4zsrvh8s555qawsh0agrtqtg3w8zj20h5av4xwk21j2x67x1xetg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1159028
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4f8f2a5d2f83ba-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 96F8 36 KB
13 KB 23ms
14ms Script
application/javascript 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hf2h55z25qmrya9yhvm9r3gnqc49q9mxxhn6syfzmy1q0b525wncdqx5m76d8t6ak1pvxxdnzb0jxdfwphz0hm0a3jtgkk64km8vczrvc53ncywnhn7vjz0n1kr8dwxy2k4awjx966gt89hka1ezek45p7rrvkawpybphrt12m438dff6c5mq0vn28xwysw6y300tz7yzndk9abaffxkw1f61bas40p1az4731pjnqvv877wxr8gee2xzaac2pgknf2hw89q13tey29vbtm0bb193v2h55cy80q684g6kkydd3vz9tpr0bnprhm52anc0f4eeqtj3b0434trrhjzdaneyx92dhyn276nc98nmj8b2a9s7a2ckng9knf1ywe4zsrvh8s555qawsh0agrtqtg3w8zj20h5av4xwk21j2x67x1xetg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17640
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Hj4d3TrhML%2FJb9TGT9OOUJcV%2BUZQNvmcdalD4Cew60rTYlg7IUTiYT%2BI2%2BGu3%2FPA2Iwl0zQgeLP2JcDan5m1%2B%2FlBXsXJFAUDJ%2Bul8of7pSIBDNJohlaVLLBHY3xqa6dMtpX8oI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Tue, 28 Dec 2021 21:28:11 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c4f8f2a3d034df4-FRA
cf-bgj: minify

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 1262 81 KB
11 KB 65ms
42ms Stylesheet
text/css 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k0gnv0wdprc4ekshn3xfacepgnz1czx43m8x7vqtq18kk3bwk2yn96w3tp5r91azjasvqf4edz5s6w6hqwgj5de1da6bqk95mzngpfahmfg895ra8sxzxd44f80gk04979zz2pfafcxk3enybxkde3ycmaaeekq5b6twcfwwj8fvmyn1c1js0qwz9ktg6cey89b0212rfhevyq7fxe9yysvy08e29k31a5mdzjd4rsfn8gwex1xwz62by3f5br1b76tj0hh96pe0h23fcfjmxa6b1mtm4kmm85emk9k2y6v3x2afn5evcect9r4gedgbxb4g486v4jpx7m5vwtgqghvasn831bzakr2ax288761n6d6xzhrs9v623t149k6fekzspnkyd51j54saazqrp4fvmjcf3zyt3c39jg9s2p7jdfe1y1r2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k0gnv0wdprc4ekshn3xfacepgnz1czx43m8x7vqtq18kk3bwk2yn96w3tp5r91azjasvqf4edz5s6w6hqwgj5de1da6bqk95mzngpfahmfg895ra8sxzxd44f80gk04979zz2pfafcxk3enybxkde3ycmaaeekq5b6twcfwwj8fvmyn1c1js0qwz9ktg6cey89b0212rfhevyq7fxe9yysvy08e29k31a5mdzjd4rsfn8gwex1xwz62by3f5br1b76tj0hh96pe0h23fcfjmxa6b1mtm4kmm85emk9k2y6v3x2afn5evcect9r4gedgbxb4g486v4jpx7m5vwtgqghvasn831bzakr2ax288761n6d6xzhrs9v623t149k6fekzspnkyd51j54saazqrp4fvmjcf3zyt3c39jg9s2p7jdfe1y1r2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1159028
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4f8f2a5d2e83ba-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1262 36 KB
12 KB 26ms
17ms Script
application/javascript 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k0gnv0wdprc4ekshn3xfacepgnz1czx43m8x7vqtq18kk3bwk2yn96w3tp5r91azjasvqf4edz5s6w6hqwgj5de1da6bqk95mzngpfahmfg895ra8sxzxd44f80gk04979zz2pfafcxk3enybxkde3ycmaaeekq5b6twcfwwj8fvmyn1c1js0qwz9ktg6cey89b0212rfhevyq7fxe9yysvy08e29k31a5mdzjd4rsfn8gwex1xwz62by3f5br1b76tj0hh96pe0h23fcfjmxa6b1mtm4kmm85emk9k2y6v3x2afn5evcect9r4gedgbxb4g486v4jpx7m5vwtgqghvasn831bzakr2ax288761n6d6xzhrs9v623t149k6fekzspnkyd51j54saazqrp4fvmjcf3zyt3c39jg9s2p7jdfe1y1r2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17640
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbZo11NJOlRu0OIBOVs4SycZMUEzkDVImDCjnUQ4%2FeK%2FdJiiAe3iZNmxF0r6bAXhkgKlzwmvzIrP%2BGGaSfCqpOOED8Rs76HW567%2FAFvXU%2BZjm8jn4AtziHdGzhYCa9JKauLBMKI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Tue, 28 Dec 2021 21:28:11 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c4f8f2a3d024df4-FRA
cf-bgj: minify

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A02F 81 KB
11 KB 48ms
26ms Stylesheet
text/css 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gspq733dtkryr3dryh0kkt6a3175kxjhr5gd9t7h6dra4k9dj9cq08tbm53te4haspv857h78sf53nsb8xmssnekys9dmptj66538wq1szd2kg4978xvrycxybmzd2n4vbrn5czznq0x1vp0mqd4kremhr3xff6s6ne49c8kfwaabeec7wh2d8z3gmpz1txdr0tm6xjfa5bxwbtt4k81h03rfhb10azrxpvp1n1ty4snewr5tnzqba9y7jk4pe95f6kyhfjksqq8cvpynta3xwwefx65eeqzyemchq7skp2msm3m4j8vzf6n36ddymf0pxd5jafq1w9an5h8fct3c8ggtxqfw85bwynymvfxwsbzb5y3dz8q28j34t54dqay6f8kn35dbej7cm129e6syyrdkcbrak34ecbyt8m7bh42xbpg5gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%26client%3Dca-pub-1062972861553303%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gspq733dtkryr3dryh0kkt6a3175kxjhr5gd9t7h6dra4k9dj9cq08tbm53te4haspv857h78sf53nsb8xmssnekys9dmptj66538wq1szd2kg4978xvrycxybmzd2n4vbrn5czznq0x1vp0mqd4kremhr3xff6s6ne49c8kfwaabeec7wh2d8z3gmpz1txdr0tm6xjfa5bxwbtt4k81h03rfhb10azrxpvp1n1ty4snewr5tnzqba9y7jk4pe95f6kyhfjksqq8cvpynta3xwwefx65eeqzyemchq7skp2msm3m4j8vzf6n36ddymf0pxd5jafq1w9an5h8fct3c8ggtxqfw85bwynymvfxwsbzb5y3dz8q28j34t54dqay6f8kn35dbej7cm129e6syyrdkcbrak34ecbyt8m7bh42xbpg5gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%26client%3Dca-pub-1062972861553303%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1159028
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4f8f2a5d2d83ba-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A02F 36 KB
12 KB 25ms
17ms Script
application/javascript 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gspq733dtkryr3dryh0kkt6a3175kxjhr5gd9t7h6dra4k9dj9cq08tbm53te4haspv857h78sf53nsb8xmssnekys9dmptj66538wq1szd2kg4978xvrycxybmzd2n4vbrn5czznq0x1vp0mqd4kremhr3xff6s6ne49c8kfwaabeec7wh2d8z3gmpz1txdr0tm6xjfa5bxwbtt4k81h03rfhb10azrxpvp1n1ty4snewr5tnzqba9y7jk4pe95f6kyhfjksqq8cvpynta3xwwefx65eeqzyemchq7skp2msm3m4j8vzf6n36ddymf0pxd5jafq1w9an5h8fct3c8ggtxqfw85bwynymvfxwsbzb5y3dz8q28j34t54dqay6f8kn35dbej7cm129e6syyrdkcbrak34ecbyt8m7bh42xbpg5gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17640
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUkUMSMixdxl9OfXHO%2BunuL93lEPbl%2B1rA48sfQD7KchOUle1jjjoh52LL3s9IWYAte2vxI0xLltVr3dpSF%2BzW2CW23lpCQQHNs3cs4bWPT0IO%2Ft28a340Uyr3pQQhqmfxzYybw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Tue, 28 Dec 2021 21:28:11 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c4f8f2a3d004df4-FRA
cf-bgj: minify

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 327C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEJ_93Hp8QiTkBOkLR4EU8U&google_cver=1&google_push=AYg5qPJQ_oKIu-hcORvzmui6rfoXuF3LeLRZ0yMF2QzWaJ2YIRjLCbD0PBsXKcz3G9MV5ht9psgFw7gKg1g6IDUMfRMKTGuzqA1-
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI2NTQ1MzQ2NzcyMDQ5MTM4Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJ_93Hp8QiTkBOkLR4EU8U&google_cver=1

43 B
407 B

29ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJ_93Hp8QiTkBOkLR4EU8U&google_cver=1
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJ_93Hp8QiTkBOkLR4EU8U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 327C 0
104 B 122ms
58ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOOTVx8pE4ett1IFY_zOcoQ&google_cver=1&google_push=AYg5qPIbAkwo-gGN9X3OKakqGO-tEmMXL-oMfaTJh6tPNFPSyYWmLGnnsaSlH84K43t9lQlKgUfQm2Q8yPG91JF3rLjvmd7mOsoY
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 327C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDj5T1j9LAlhA-BJq83GcTY&google_cver=1&google_push=AYg5qPJbYUdH98TdwBowt7_Rl6u5wjY9keJuJMbOp96528A7ts7YyLYiTzneqCkp5oJdO49fZuT819rbezzf0lbN...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k2thy8ZTQQGbTMX6VNePzg&google_push=AYg5qPJbYUdH98TdwBowt7_Rl6u5wjY9keJuJMbOp96528A7ts7YyLYiTzneqCkp5oJdO49fZuT819rbezzf0lbNEdSqrZ3a...

170 B
188 B

20ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k2thy8ZTQQGbTMX6VNePzg&google_push=AYg5qPJbYUdH98TdwBowt7_Rl6u5wjY9keJuJMbOp96528A7ts7YyLYiTzneqCkp5oJdO49fZuT819rbezzf0lbNEdSqrZ3az4PX

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k2thy8ZTQQGbTMX6VNePzg&google_push=AYg5qPJbYUdH98TdwBowt7_Rl6u5wjY9keJuJMbOp96528A7ts7YyLYiTzneqCkp5oJdO49fZuT819rbezzf0lbNEdSqrZ3az4PX
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 29 Dec 2021 02:22:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 327C 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEma9wrMWrBqRO0_gaWq6-s&google_cver=1&google_push=AYg5qPL2ZzQojZLVeqZR7g2UBqutXHlLmHEnZoPMNuGWGvG4pQWvb81alZ7hZ3xkyqvLRuA6PMpZo_plL5Br97hF68jFqdDNTUI
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 327C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAbAoRtNiz9MFVPlHa0J--s&google_cver=1&google_push=AYg5qPIydS0nmqbene8EZgNoJeRbtirNmOQSTeib2frZtmlkq3rr52kTZPvJ693_a58O-upP1viAc94Y8ZH51qof...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPIydS0nmqbene8EZgNoJeRbtirNmOQSTeib2frZtmlkq3rr52kTZPvJ693_a58O-upP1viAc94Y8ZH51qof00gxesaf4nPq

170 B
188 B

32ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPIydS0nmqbene8EZgNoJeRbtirNmOQSTeib2frZtmlkq3rr52kTZPvJ693_a58O-upP1viAc94Y8ZH51qof00gxesaf4nPq

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPIydS0nmqbene8EZgNoJeRbtirNmOQSTeib2frZtmlkq3rr52kTZPvJ693_a58O-upP1viAc94Y8ZH51qof00gxesaf4nPq
x-host: tde-deliveryengine-production-584bdf445-l8f9n
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 327C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDALrU-DCDu_mNZx7FKY1xc&google_cver=1&google_push=AYg5qPJdR84dSe1aTQ_UZEmLn1CJwYQjR86-9qIGfldRqZe4r88yp6qtp3dNJscmNzCYwYzH5imHaIHrL5_3K7_LeBYuKV0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJdR84dSe1aTQ_UZEmLn1CJwYQjR86-9qIGfldRqZe4r88yp6qtp3dNJscmNzCYwYzH5imHaIHrL5_3K7_LeBYuKV0eXbDm&google_hm=MjMyOTI1Njk1NDgzMDk3NT...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJdR84dSe1aTQ_UZEmLn1CJwYQjR86-9qIGfldRqZe4r88yp6qtp3dNJscmNzCYwYzH5imHaIHrL5_3K7_LeBYuKV0eXbDm&google_hm=MjMyOTI1Njk1NDgzMDk3NTc1MQ%3D%3D

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Dec 2021 02:22:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJdR84dSe1aTQ_UZEmLn1CJwYQjR86-9qIGfldRqZe4r88yp6qtp3dNJscmNzCYwYzH5imHaIHrL5_3K7_LeBYuKV0eXbDm&google_hm=MjMyOTI1Njk1NDgzMDk3NTc1MQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 327C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO1P47xVKaGJ-827waAdyMc&google_cver=1&google_push=AYg5qPKPwoMCac28PRr3_sJPze6ymt4py8xxEIPpMYn4OtEcbG0XX4pJMwIauC4kR5Pene0iowE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRV1hKMVctUi02V1hG&google_push=AYg5qPKPwoMCac28PRr3_sJPze6ymt4py8xxEIPpMYn4OtEcbG0XX4pJMwIauC4kR5Pene0iowEYTkTNDKbk1Nuo7zE0OQ8pwkgy

170 B
188 B

21ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRV1hKMVctUi02V1hG&google_push=AYg5qPKPwoMCac28PRr3_sJPze6ymt4py8xxEIPpMYn4OtEcbG0XX4pJMwIauC4kR5Pene0iowEYTkTNDKbk1Nuo7zE0OQ8pwkgy

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRV1hKMVctUi02V1hG&google_push=AYg5qPKPwoMCac28PRr3_sJPze6ymt4py8xxEIPpMYn4OtEcbG0XX4pJMwIauC4kR5Pene0iowEYTkTNDKbk1Nuo7zE0OQ8pwkgy
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 327C 0
223 B 37ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhZX1g7LlPXCpX592bMEDwJxAwapkvt188tyZ-yNm_uaQe3MsTQp7i7jYdfdxDqm6OJfPU

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2273 35 B
463 B 41ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDe2bOLMbr2R3kga8WQOono&google_cver=1&google_push=AYg5qPILnbd5vOI3FfLTLIoIMwsX6GI6Ygbv9evZrGyGPL1AIHg1-MlaPKBkOrp8Ql_N0pyMuJpXAv53PGSkWgbwEDrihPGZ0g

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2273
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHLPRZX2Ji4qq3Jb4_jJFD0&google_cver=1&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioK...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHLPRZX2Ji4qq3Jb4_jJFD0&google_cver=1&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1x...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e03a240e-6cf2-4883-8f13-f23b87eaffda&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioKJ0l32iQ&google_hm=xsAqzwIqQdWsO6Qq8CGbAg==

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioKJ0l32iQ&google_hm=xsAqzwIqQdWsO6Qq8CGbAg==

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL93SLSvyuPhGTat3z2aE56UM5TLHJnDFv065-NSn-MMvG_67o3QUOSEJifv90ixZOklPJhIn7VwpND1xvkOioKJ0l32iQ&google_hm=xsAqzwIqQdWsO6Qq8CGbAg==
Date: Wed, 29 Dec 2021 02:22:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2273
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDALrU-DCDu_mNZx7FKY1xc&google_cver=1&google_push=AYg5qPK5RUHhW0SQlF6gpm2fMlNKZFRHp4PVii81n2gWjiHsVytTYI8OsmuaCIZp9lifLGRpoucqEpRN02Nx0zejGh6NDJq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5RUHhW0SQlF6gpm2fMlNKZFRHp4PVii81n2gWjiHsVytTYI8OsmuaCIZp9lifLGRpoucqEpRN02Nx0zejGh6NDJq8uVw&google_hm=NDQzOTIyMzk1NzA3MzE0NTk...

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5RUHhW0SQlF6gpm2fMlNKZFRHp4PVii81n2gWjiHsVytTYI8OsmuaCIZp9lifLGRpoucqEpRN02Nx0zejGh6NDJq8uVw&google_hm=NDQzOTIyMzk1NzA3MzE0NTk0NA%3D%3D

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Dec 2021 02:22:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK5RUHhW0SQlF6gpm2fMlNKZFRHp4PVii81n2gWjiHsVytTYI8OsmuaCIZp9lifLGRpoucqEpRN02Nx0zejGh6NDJq8uVw&google_hm=NDQzOTIyMzk1NzA3MzE0NTk0NA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2273
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244db...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Njc3ODIwODQ1NjQyODUyOQ&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244...

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Njc3ODIwODQ1NjQyODUyOQ&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244dbMQ3wKdOIKPGN5tVM8bE

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ4Njc3ODIwODQ1NjQyODUyOQ&google_push=AYg5qPLOsa5C9qxu_S76zyUTEKHpZJsUkLs4oLfrKJdfmGS6OawkvAVX8vfIfsVWSAxFt0DZobj244dbMQ3wKdOIKPGN5tVM8bE
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2273
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQE...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQE...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQEHDI8hILbno&google_hm=cfad048d35a2630809cd9e4b

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQEHDI8hILbno&google_hm=cfad048d35a2630809cd9e4b

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJQY4-qykv-tFHWLT8GKWD_h2XY7IAqzTZg8XCT-ZOzr9uBg3W6gUS33lN3Ii-4evNatjY1_mzGnbNXd9RQEHDI8hILbno&google_hm=cfad048d35a2630809cd9e4b
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2273
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-2ae1bebe-d168-46a2-b5bb-57517a112f6c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLfceYUGGIoyNU9xYrwF...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfceYUGGIoyNU9xYrwFy5ZHyAYs_MWxSmQTKgDo8NhBBkaIjaF7Kz7EuRaUoHZ09mmR77oCnJ_bNH5KGuPVwb0B1iGSg&google_hm=Ayrhvr7RaEaitbtXUXoRL2w

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfceYUGGIoyNU9xYrwFy5ZHyAYs_MWxSmQTKgDo8NhBBkaIjaF7Kz7EuRaUoHZ09mmR77oCnJ_bNH5KGuPVwb0B1iGSg&google_hm=Ayrhvr7RaEaitbtXUXoRL2w

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfceYUGGIoyNU9xYrwFy5ZHyAYs_MWxSmQTKgDo8NhBBkaIjaF7Kz7EuRaUoHZ09mmR77oCnJ_bNH5KGuPVwb0B1iGSg&google_hm=Ayrhvr7RaEaitbtXUXoRL2w
date: Wed, 29 Dec 2021 02:22:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2ae1bebed16846a2b5bb57517a112f6c003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 2273 0
75 B 445ms
122ms Image
text/plain 199.187.193.177
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENwydIXJnT6OJiB5osg66VE&google_cver=1&google_push=AYg5qPIPy-FQCJV_6EcdGj09Xy79jrvDTvsSgpA75Tmoa87ZGdD-FSui9xR8dwWPH1TpXa34ofOzAjBPsspIOSGk2KMkjpQJxg
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2273 0
40 B 34ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INzcsmNWe0kx-pMo1J14gJRg-SjUDQOhSiyA49I4_dyvWccEcBTRVjXYNqRG8bFQyaI4m5

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEekCBEv-NdEOE5I2cZDYVA&google_cver=1&google_push=AYg5qPIxosUlN_LWA3-p3Re4brEsJqxOU3LfnaViLNVr1w9TQJSS1-6kB9jE81_UMoTG1Rc9gW4DK1kVldl0eGnHi6yrq808I0Y
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD4D4F98865842498D62885EFFB93E6C&google_push=AYg5qPIxosUlN_LWA3-p3Re4brEsJqxOU3LfnaViLNVr1w9TQJSS1-6kB9jE81_UMoTG1Rc9gW4DK1kVldl0eGn...

170 B
188 B

18ms
18ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD4D4F98865842498D62885EFFB93E6C&google_push=AYg5qPIxosUlN_LWA3-p3Re4brEsJqxOU3LfnaViLNVr1w9TQJSS1-6kB9jE81_UMoTG1Rc9gW4DK1kVldl0eGnHi6yrq808I0Y

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Dec 2021 02:22:11 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD4D4F98865842498D62885EFFB93E6C&google_push=AYg5qPIxosUlN_LWA3-p3Re4brEsJqxOU3LfnaViLNVr1w9TQJSS1-6kB9jE81_UMoTG1Rc9gW4DK1kVldl0eGnHi6yrq808I0Y
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 28 Dec 2021 02:22:11 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 09B9 70 B
264 B 33ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEma9wrMWrBqRO0_gaWq6-s&google_cver=1&google_push=AYg5qPLFaw68yLrnQX5Th7JcnkfEdU12zKeKUFhV1TguMCzTH7JNTnlSBAKUQp9p_epztlWgY5VHC6HMR3p2T2P31JsbrnhDXw
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame 09B9 14 B
14 B 434ms
98ms Image
text/plain 52.2.183.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEIkCSJ3xRAr2_QzzYFDVnsY&google_cver=1&google_push=AYg5qPKvWl93fzn7iIBSCuuvrV3LjBR98N-GGMvVC0SwuvRPeYdLtAUWw61P-7pvzrRuvA-CaGkjFEtP_znr3fmgFZusb8k7gdI
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.183.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-183-88.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYShK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBnv1B8BfoAN2PaOQlGq31U&google_cver=1&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5NDc3MzE1NzIxODQ0MjAzMA&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYS...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5NDc3MzE1NzIxODQ0MjAzMA&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYShKDdn7n6yPP7byKYv5vJc

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI5NDc3MzE1NzIxODQ0MjAzMA&google_push=AYg5qPIyUVXjnARFOqACVySllVKDLAPrYxNIWr8lPp2rD11lce-OHJjrwcNwP9DuNlXRIHX2sT9gYShKDdn7n6yPP7byKYv5vJc
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDcGL5O9bFU9KPXs7X0ihY4&google_cver=1&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDcGL5O9bFU9KPXs7X0ihY4&google_cver=1&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw

170 B
188 B

27ms
24ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI2rAH-ZifUX-4Mra--VqzvXaYtvC_LDJhlfJJsgvCaTTj7BQzPqAPEXlvNR5RjbibQNh5DAJmi2bCsxrBVAjWd-WuyAw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET

pixel
cm.g.doubleclick.net/ Frame 09B9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3...

0
0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 09B9 43 B
65 B 32ms
16ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMnoc_uKwNsXzkkTfjT-fQw&google_cver=1&google_push=AYg5qPLlNZ63pQ-Sxg3TB8NOlKgVGKedcWxOAnbxdWEjYHfIjfBnsHbIHtUCQEuScz4hgRT9zJ0jIyHWhl4dcYVNceRP-GiwGQ0-

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Dec 2021 02:22:11 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 09B9 0
40 B 16ms
14ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCvTG2z4nZ7xnlkazVNQc2eRtwDoKcPVf4N8T9j4xdUQYdGYegtM6Dx0am8jZ9aIU-2_XCMw

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame EEA7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc33992fb42ff89836b096554aab4fd99d9ff1e346bd611287170b03055b75c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request.php Show response
hal90002.redintelligence.net/ Frame 3576 610 B
771 B 88ms
51ms Script
application/x-javascript 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=4322c298c3&subid=&uid=1f242cda65176cd8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7389997230921180404%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_cid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=479065608466&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/r0rzfbhsf7cr?subid=&gdpr=1&gdpr_consent=li&rnd=7389997230921180404&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7389997230921180404%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_cid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 7af72cef01de1923107fe4821b99442c3ddb17940c731a3c83be2b263db69833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 68769800018932003891610011823002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 328
Expires: Wed, 29 Dec 2021 02:22:11 +0100

GET
DATA 200
OK truncated
/ Frame F5B8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741f4c6ed536e6c241d846518594f1b2b39444949494d791f6f883c540491135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25FA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69612ec981d4837739844a088f4930f6ece4a3354cf823ad974d6b7dd6729573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A02F 3 KB
4 KB 70ms
23ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17502132
x-guploader-uploadid: ABg5-UxSjUjrRZn0Qh0o7bl53fEaHcVGOMgniw-BD1hW-i7497grr2ADHPnjcztxMTwRF-eAuQva7DgEToW9nRlk5Ok
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMTIcJkZFaSLQ8ZriUfQS4mOJO6SyElcHBFygAYWW5vQ8MYNvasewA8EQDoJttmBUsXvWwu1a5jQEkaMb8F9ZL6A7euhlz%2FedpSwT1s%2FPP2q%2BfRf66GNDsSIiafIzkxuQg8UV9Q%2B1UGYHPUhf8epYzgE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6c4f8f2b395ee8ff-MXP
expires: Thu, 09 Jun 2022 12:39:07 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 96F8 3 KB
3 KB 69ms
24ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17502132
x-guploader-uploadid: ABg5-UxSjUjrRZn0Qh0o7bl53fEaHcVGOMgniw-BD1hW-i7497grr2ADHPnjcztxMTwRF-eAuQva7DgEToW9nRlk5Ok
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHmgjMtr9oIolPThijt1FuWpzxV3%2FbPnBiD1JQlarxh7uK7yrcOaijIe%2Bxpj0Vi2Km7INUWclewWAogy4t3P5Jl8EmsMCnmAPkq9GKDshB7y6kFLYqnre1M%2FSKKzbKT6ZJrHpnr5T9WuS3CFC6Q8l7jd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6c4f8f2b3960e8ff-MXP
expires: Thu, 09 Jun 2022 12:39:07 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1262 3 KB
3 KB 68ms
24ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17502132
x-guploader-uploadid: ABg5-UxSjUjrRZn0Qh0o7bl53fEaHcVGOMgniw-BD1hW-i7497grr2ADHPnjcztxMTwRF-eAuQva7DgEToW9nRlk5Ok
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3IlY2glDyO7tAYFdn5j2P2rcbKugDcg54NhIFc4OmuAC6wBHf1P8SZmEv%2FHoF9aTCzL4VOS%2Fzuj850lU2l8i0Qou8oybnGl3FO9qLPDCbGpJseKsUXnSQeKp%2Bh5xJSp3XRuMBN00ZxSZFQ9t%2BCb2IRq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6c4f8f2b3961e8ff-MXP
expires: Thu, 09 Jun 2022 12:39:07 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame E882 2 KB
2 KB 24ms
24ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Wed, 29 Dec 2021 03:22:11 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2247346
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1ZK7F2StbYtasWRgpAYy01l4B45v3WJ%2BsWZU1%2FWit6o%2BJ%2F1v76LIxiF6rBmby003HGOZRh6Sai5IwpxCWhhvQjeFzk5OqN%2FtiBGVNClquo%2F0tIKcnmYunpzLQo8%2FMdctmKJbmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c4f8f2afe0083ba-MXP
content-encoding: br

GET
H3 200 frame.html Show response
ad4m.at/ Frame C181 2 KB
2 KB 24ms
24ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Wed, 29 Dec 2021 03:22:11 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2247346
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGmaf2fw3%2BE2EfuQLTgInbArW2rnJnfiISMkCWsY2IM%2FDwOJcArzOnLtChQSlL6%2FAlW7HOOK8niTTH6rmTMJa%2BcU9C8toDViO9YEGZedFdU9%2BJHEGA%2BqfYjChC2RKQ9jItxCo1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c4f8f2afe0183ba-MXP
content-encoding: br

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0292 2 KB
2 KB 24ms
23ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Wed, 29 Dec 2021 03:22:11 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2247346
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnaDHEzfv%2Bev%2BPYhVl6eyP5J35bTYESA7Ly5jaiI3QeIUrfITnd49KPi%2BEXfSls6DzmTrWasdEd6h7KOUmwTTnss8kB6uFT2pKkwpAcTvgu%2Bo5JThuHSPIZuU9W7DDuoyDksKmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c4f8f2afe0483ba-MXP
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame A02F 2 KB
2 KB 38ms
36ms XHR
text/plain 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b80b6b2d992693fa00ef2ade320d14a78bbfee49f092e3c212e64a49ed3269f1

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c4f8f2b9f328bed-FRA
date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwXmd%2FZ5ydQUb5ijPiGWCG7ulhp4y1lufngb%2Foln7%2BrATio2L%2FkltBqIw499FYG9ryctVMHi4DYzt9KHgg5QS%2FEDisaeOUDih1aK1YQcOBpZ3wgHCeuB8OQeoLfWEwlKKOIl1Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-9z0n

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
36ms Preflight
text/plain 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-9z0n
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Vue%2BJz0R1YhmDNdUBOzA8m%2FI5DEN3mAuqklaGtbAOMESgH2NeJ9HCP5XZT6TkyKMcVzZZnK%2FKptiUoEbLGf5mMe5kbKgbZ2b1GWR1gWdZvMFWFgYVwcVloDWzQxdCrXbzC5kjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c4f8f2b5ee48bed-FRA

POST
H3 200 rs Show response
ad4m.at/ Frame 96F8 2 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93940d0c47c970f5e8d3a6151c12d97e0a1f4ef62067a597adcfd7d420cb88a9

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c4f8f2b9f358bed-FRA
date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UR5R%2FPd7oY2g36W6eWTAOUW9ioC9brmDDGdzjIOgih8Fu8trRvf98vmXrciFaVVvQhBubjSey8A3MpFqza5GkU1%2BKmsz5BaqniEEk3C5SoOsMrnDuCcE6y78ZE%2BNayxW%2BPFTCFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-9z0n

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
36ms Preflight
text/plain 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-9z0n
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j45MDj0rMH80lZUpWpa4mlBgGlqFOet7BcjGCljFdg2VFL2lHHzo6YaJVakPajIItQujJM9N2aE85OuEnURWbeF03xbcjahztg%2BT7%2FMPLdQolfZm9SdQApkI6u%2Fct5Jn5Fcz34U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c4f8f2b5ee18bed-FRA

POST
H3 200 rs Show response
ad4m.at/ Frame 1262 2 KB
2 KB 31ms
30ms XHR
text/plain 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 133445f2edd0fd81ac2f6186ae3f805952018b87cda47a9696f87c7d6090e1be

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c4f8f2b9f2d8bed-FRA
date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pyO9N%2FlccrSElAxBdkvtmIsBG4aMEdOEVKuxS7VfguMXP7gDIH71bRITokaZwojuI9FKSOxRsVZG5pkvcjQTXmsJbutOJjk5BUv0KfoPvy1sylysX%2F4SA6xD6PL7mHTrbCSeJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-9z0n

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame 8EE0 4 KB
2 KB 40ms
16ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=4322c298c3&subid=&uid=1f242cda65176cd8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7389997230921180404%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_cid%3D936b61cb-c653-4101-9b4c-c5fa54d78fce%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCwn_pU8bLYabABNSKrATwsquoA8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBKECT9C3YSbH-xfMNfdObRLjzq2BUWY1uQSK5Wvs0pKJUwXfAxOgDn1eaEcOpChM0JWlz9SZSYNmuuk-gH2jONJFUGGrLtphRXRJbQr1IEfiKkIIrZFyxkYHtPveqpt3qqSd4k5kVg3_LVcFnm58YSOrj4sgLmL4KtkrKwosk8vP8lAaXfr29NPT2sr2DA0_p-9o3nHZApmxOjS9V8jBNwEOdGQIDNaNTnS_PaStqP1KwPHZwDo6EXheqHRd7VOhWSgkY9RTBVozCNL0qLgG3kgyLuDF49CyV5n-8i4bu6Wvk_nCBkXVWjKZ3EA3LQI7wSV8TDyT1B54zKDcwoOTgQok8ZEa0yV1cGqpYA1CtDA1mARaVIqM-VmXQihgOSGQsC5xwOAEAYAGjrOGxcf-qfKqAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2XQV0o7bWRiG8oyl16qW7JOcHA7Q%2526client%253Dca-pub-1062972861553303%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=479065608466&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: b146539f8541a3490c032afc05fd4402ba3a910067d87133f1c10e95c30bec6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 29 Dec 2021 02:22:11 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1541
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4DE8 1 KB
749 B 7ms
6ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Dec 2021 05:53:44 GMT
expires: Wed, 29 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 73707
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
36ms Preflight
text/plain 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-9z0n
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4XTJ5cMkShZpP3gRNi0%2BJapLP9L%2FQNg5FIlTjE22T5ioJvlF%2Fsb0Qyff0c6DhlpdWWQ3ZLhvBoch3Q6578fIx3isAGXgxsFXKcQBjnJxL3yUoHKzatAAlIt4zjVQyZfR2OR4gw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c4f8f2b5ede8bed-FRA

GET
DATA 200
OK truncated
/ Frame 3576 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b6dd52dabcd9296705a43db06595eb7c88d4bbf21c53fab2b7e763df5276f07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 121ms
30ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?oz_pl=1&dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//simcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&ap=&ti=7389997230921180404&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&sr=4&de=43003&si=984468692&dm=300x250&ac=1040879&cr=9690031&ai=215543&c1=9955993&r1=185.232.23.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.43.1/ Frame 3576 154 KB
48 KB 33ms
33ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.43.1/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//simcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&ap=&ti=7389997230921180404&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&sr=4&de=43003&si=984468692&dm=300x250&ac=1040879&cr=9690031&ai=215543&c1=9955993&r1=185.232.23.0&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bfa12779f481d024004ac40f96aa837e671f2b6362ca6b3b84f6edf061825e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48454
Expires: Fri, 05 Sep 2053 17:27:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DE8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELcYyBiSNf7f825j_ESlL14&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXVnaGcyYWwxTjJvQnQ1&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cver=1&google_push=AYg5qPI27DZk7QIkHpj3rp2iEM4Oqc2Yb2prw_HfBMi1pMk...

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXVnaGcyYWwxTjJvQnQ1&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cver=1&google_push=AYg5qPI27DZk7QIkHpj3rp2iEM4Oqc2Yb2prw_HfBMi1pMktyi1I0jIVZ4JJk19Q4nGQA--pk0jVKlr3dJIE5_GwjS4fkR8h6Y5P

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TXVnaGcyYWwxTjJvQnQ1&google_gid=CAESELcYyBiSNf7f825j_ESlL14&google_cver=1&google_push=AYg5qPI27DZk7QIkHpj3rp2iEM4Oqc2Yb2prw_HfBMi1pMktyi1I0jIVZ4JJk19Q4nGQA--pk0jVKlr3dJIE5_GwjS4fkR8h6Y5P
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DE8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAbAoRtNiz9MFVPlHa0J--s&google_cver=1&google_push=AYg5qPLtBtFseaE3Mb4pSwfXDxtBjLlwvzwkbNZ8s5elm58tCxm5tK9koeAxno3lMuwUfQHkMiEqTk9NWnDnWstn...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPLtBtFseaE3Mb4pSwfXDxtBjLlwvzwkbNZ8s5elm58tCxm5tK9koeAxno3lMuwUfQHkMiEqTk9NWnDnWstnfZWoW7x0ANw

170 B
188 B

19ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPLtBtFseaE3Mb4pSwfXDxtBjLlwvzwkbNZ8s5elm58tCxm5tK9koeAxno3lMuwUfQHkMiEqTk9NWnDnWstnfZWoW7x0ANw

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JPVpb9phTVuJ7ItAmWsdSw2&google_push=AYg5qPLtBtFseaE3Mb4pSwfXDxtBjLlwvzwkbNZ8s5elm58tCxm5tK9koeAxno3lMuwUfQHkMiEqTk9NWnDnWstnfZWoW7x0ANw
x-host: tde-deliveryengine-production-584bdf445-wq6ft
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DE8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDcGL5O9bFU9KPXs7X0ihY4&google_cver=1&google_push=AYg5qPKY_Weo6a8q0XNdk3vHRyckKr-bqW0kEiOzcWsRNfNTjLTMNGe4LMLqN-1bvK6kQq3YiKeqlAKZIwu3iOvQDNhGJ3X...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKY_Weo6a8q0XNdk3vHRyckKr-bqW0kEiOzcWsRNfNTjLTMNGe4LMLqN-1bvK6kQq3YiKeqlAKZIwu3iOvQDNhGJ3XH_vaX

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKY_Weo6a8q0XNdk3vHRyckKr-bqW0kEiOzcWsRNfNTjLTMNGe4LMLqN-1bvK6kQq3YiKeqlAKZIwu3iOvQDNhGJ3XH_vaX

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKY_Weo6a8q0XNdk3vHRyckKr-bqW0kEiOzcWsRNfNTjLTMNGe4LMLqN-1bvK6kQq3YiKeqlAKZIwu3iOvQDNhGJ3XH_vaX
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DE8
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx90...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENovBFDPLNxjluMtsz-MTUM&google_cver=1&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx90...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx909vKj_uq4miM&google_hm=6c56c6034c4bff536723637d

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx909vKj_uq4miM&google_hm=6c56c6034c4bff536723637d

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKIeOR-0td1QmreykeyahJdxEYHIgd1UimEMTHAwL7gw1xLmIk2rPJU--5X1hiJ_mE-FK4Va-KNXv3Z_Rx909vKj_uq4miM&google_hm=6c56c6034c4bff536723637d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame 4DE8
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEH4cB9ucs4D_NWAXoKb5Uso&google_cver=1&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4DE8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGQav2xEQ1G4CiTFuoZRfHo&google_cver=1&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjAyMTY5MzQ4Nzc4MjIzNjc1Nw%3D%3D&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCV...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjAyMTY5MzQ4Nzc4MjIzNjc1Nw%3D%3D&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjAyMTY5MzQ4Nzc4MjIzNjc1Nw%3D%3D&google_push=AYg5qPLUcgIS461hrkoxVnNANIFX4ArG3emT_q0KewlvylV22NJSvff8JvCVtaWhIu8yCvkTO6GSsl90fhW4Wm3hZLZQDexe_7SK
date: Wed, 29 Dec 2021 02:22:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4DE8 43 B
65 B 19ms
16ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMnoc_uKwNsXzkkTfjT-fQw&google_cver=1&google_push=AYg5qPKvc7buHM5eq0rJZuU1ld2-Fs7pkNDEw2-NeZBceBHu9g0MeFfpd8IwG3W3cg8H9odKWiV5-Bl1_rWqk3xXaKuGlFfcILu1

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Dec 2021 02:22:11 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4DE8 0
12 B 18ms
16ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMOhaf1yNwQjB_-H9RhjI2miENjDh-qpmNcuE_ZWYqneBljqkpFTHTkpL7md0ubV1GdKd1UA

Requested by

Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 8EE0 764 B
875 B 126ms
19ms Script
text/javascript 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51990278;gdpr=1;gdpr_consent=li;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fphzkonhubxup4x4%3Ftprde%3D

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

95aa0d5df637205fd80328aca4425fbd70d213dd4890332705cf5fa831c06031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 560
expires: -1

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 8EE0 0
150 B 48ms
13ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=68769800018932003891610011823002&a=677d99ca&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FF39 6 KB
4 KB 41ms
38ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6869fdc4b5b6a3bc7b1d33ce27cf8ba45199a3a2a390b41df5c47495733b979

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k0gnv0wdprc4ekshn3xfacepgnz1czx43m8x7vqtq18kk3bwk2yn96w3tp5r91azjasvqf4edz5s6w6hqwgj5de1da6bqk95mzngpfahmfg895ra8sxzxd44f80gk04979zz2pfafcxk3enybxkde3ycmaaeekq5b6twcfwwj8fvmyn1c1js0qwz9ktg6cey89b0212rfhevyq7fxe9yysvy08e29k31a5mdzjd4rsfn8gwex1xwz62by3f5br1b76tj0hh96pe0h23fcfjmxa6b1mtm4kmm85emk9k2y6v3x2afn5evcect9r4gedgbxb4g486v4jpx7m5vwtgqghvasn831bzakr2ax288761n6d6xzhrs9v623t149k6fekzspnkyd51j54saazqrp4fvmjcf3zyt3c39jg9s2p7jdfe1y1r2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%26client%3Dca-pub-1062972861553303%26adurl%3D

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4f8f2bef0983ba-MXP
content-encoding: br

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A89F 6 KB
4 KB 38ms
38ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c4239c736285f3a317c3ca76210a583b3d477bfc98ac2e4f9590dbc55e245e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hf2h55z25qmrya9yhvm9r3gnqc49q9mxxhn6syfzmy1q0b525wncdqx5m76d8t6ak1pvxxdnzb0jxdfwphz0hm0a3jtgkk64km8vczrvc53ncywnhn7vjz0n1kr8dwxy2k4awjx966gt89hka1ezek45p7rrvkawpybphrt12m438dff6c5mq0vn28xwysw6y300tz7yzndk9abaffxkw1f61bas40p1az4731pjnqvv877wxr8gee2xzaac2pgknf2hw89q13tey29vbtm0bb193v2h55cy80q684g6kkydd3vz9tpr0bnprhm52anc0f4eeqtj3b0434trrhjzdaneyx92dhyn276nc98nmj8b2a9s7a2ckng9knf1ywe4zsrvh8s555qawsh0agrtqtg3w8zj20h5av4xwk21j2x67x1xetg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%26client%3Dca-pub-1062972861553303%26adurl%3D

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4f8f2bef0a83ba-MXP
content-encoding: br

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D42C 6 KB
4 KB 41ms
40ms Document
text/html 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795a291fbf9739488e3d1e0647165e75570c93732db339ad2d42e8baa9a10a3d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gspq733dtkryr3dryh0kkt6a3175kxjhr5gd9t7h6dra4k9dj9cq08tbm53te4haspv857h78sf53nsb8xmssnekys9dmptj66538wq1szd2kg4978xvrycxybmzd2n4vbrn5czznq0x1vp0mqd4kremhr3xff6s6ne49c8kfwaabeec7wh2d8z3gmpz1txdr0tm6xjfa5bxwbtt4k81h03rfhb10azrxpvp1n1ty4snewr5tnzqba9y7jk4pe95f6kyhfjksqq8cvpynta3xwwefx65eeqzyemchq7skp2msm3m4j8vzf6n36ddymf0pxd5jafq1w9an5h8fct3c8ggtxqfw85bwynymvfxwsbzb5y3dz8q28j34t54dqay6f8kn35dbej7cm129e6syyrdkcbrak34ecbyt8m7bh42xbpg5gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%26client%3Dca-pub-1062972861553303%26adurl%3D

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4f8f2bef0c83ba-MXP
content-encoding: br

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 34ms
30ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?oz_pl=1&dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//simcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&ap=&ti=7389997230921180404&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&sr=4&de=43003&si=984468692&dm=300x250&ac=1040879&cr=9690031&ai=215543&c1=9955993&r1=185.232.23.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 45ms
32ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744531866&oz_l=234&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame FF39 81 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1159028
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4f8f2c7f8483ba-MXP
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame FF39 53 KB
54 KB 35ms
25ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695314
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S655EQjFyew2dUpEL9Xqsfp4KQFWgpaCIdBboT8LyZXwi4VkPipMmAkQkvLrtSxPjM9uDanhGTem6%2FafzCS2WRjio5xUpTk9uRTwjE39ne%2BWr%2B8pcGPYAXFLBDnznLwLoYD%2Biy%2FPM1U8hYGC"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6c4f8f2c7f2e4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame FF39 23 KB
23 KB 40ms
36ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1135478
cf-polished: qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid: ADPycdv7vRBQr2QMlXGOu8j5zKVRNqjeCpSJANF3jqhNt--ImucjNTEMjmInHqg5BeHzQYawsQM8qh2aXRKioKMJQf5e931Tlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23154
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVSP%2FMYq5aXTqOXg3J8Fc%2B0wwgvFOtjYM5ixithyJfaK%2F1%2FexzV3nBAIDy0hBUPnIIXDIZOrGmvWLSJs55Nd5TS2QqSCWXLMuq5mAu870fggvHmqj1LgYIbdwBB8F5HrwEoNRAHtIUKwxkuH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639072283176296
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 132437
accept-ranges: bytes
cf-ray: 6c4f8f2c8f414df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame FF39
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7w...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112290322126103896...

43 B
808 B

27ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame FF39 9 KB
10 KB 28ms
24ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695350
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sX6obYKSwLfPwwwX62lDhEMv0VoXjxH9vU2PvjBG6kS5wzTT%2FOV9IGfa%2BqQMhs1XnZGV3DtW476kFJ2Z%2FNfAJEsjlmPGbFPJ%2FKBxJOXZhPz%2FM9hveAATTNPt5%2FNUomtSG%2FF6EMWCuUkIy4eB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6c4f8f2c7f2d4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame FF39 20 KB
21 KB 36ms
33ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695316
cf-polished: qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid: ADPycdvWh0v-ouOP7GcI4aIzCj3p6HaDpM83MBv9L86pOt0HZptREue0D83OTLjQUb3ZnMiD3nkhmE4xzG7Y9-OhJ3vs1Lz5cw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20822
last-modified: Thu, 21 Oct 2021 08:32:12 GMT
server: cloudflare
etag: "40428c92e39f43260a4088364e6203dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCRiAuiMjrkwkHSt90pthY90kxwYVw1saMUs5QN4IRH0ZLa20TS8zIpqTtYFmoacoiUMcNzmA4LkRQcTJx7QXAmo8X92B9rceGB%2B3FK5fMwdt%2B5xQXG3sUkkn3%2BxUsOE8OdNLOsQqI%2BLq6nA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634805132458381
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 109711
accept-ranges: bytes
cf-ray: 6c4f8f2c7f2f4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame FF39
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&g...
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122903221261038960047X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJ...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211229032212610389600...

43 B
791 B

37ms
10ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960047X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960047X117663V1225131106MSoneidQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhVoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame FF39 6 KB
7 KB 20ms
17ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695342
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycdvO2r_Qwsa4pUKVH6tiSd6mtjDv5ZDd5qF-Y1TmjICwmcmV50kEJZ08IJPE7IWiQjhlub6GeW0aFxVGifynNrY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rzg3OzrL5hUUp%2BzTWJNLgTSNzuBRsaY45Lgnkf9YtWkLgLaWf%2FFzxEYhrx1Ip7jJr0hxfw1Ud16gS6Onc5xHjKswsXUUomEmJ6kcknFvDuSF8mJNblX3wDG9S5hNhztbU0uiBvLGm0hhN0ec"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6c4f8f2c7f2b4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame FF39 9 KB
9 KB 38ms
34ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C161594%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2CQgRH4f2rh17YXTxH5HYtGtZZrTDT4T9RhV%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C2xqt6fRQf7dpeuVHWHktwCxx5FWT7TEYcg%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=kvRlw7wJSCYVTro6WqZKayV14tFNB7-e&g=1d48b48ef4179c1bfc2ac05d24a8c4e2%2F7359330874927433490&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531793&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtehgfe866n8f8sbwdr40j5d7cvsxg2rdc5je2gq6jexepzhd0nafk45at24m2ys50z2c0fc6rq5abbwy9jx1z5qc7g6vc7wrh1t3syen4k91z5swjj1cehr0zwywdctz99wa0necf2f1swa4mety842xfgpev6m05zcx61qwqseh0es2h71qrvpz4a201d1echg54n48de6ahgfxtyyv0rwwxpen84qj8q6y1my9bgvecezjqazkzp795sa4zg65jtvged4h5bah3b59jg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7JQhU8bLYaXABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnQJP0P3JTKJfTIhL0U-g7fpI6Cy9afzJWScb5tmLM4ByzKj_qY4023Mi0FMlqnX2Az3ELr2pRtz-cA2YHz8b8D9oUmmJQvqNTOU6JtWb5xfTBBUbzvH_MJVzjBJZLnDrelaYCCueJ9ZmE6rifiGhJsWvWqzAJefNGh2RmU3ZCnRLZr1SOvt9Ym7d1X5MWtB2zGjQkNa20BhlEjFlpDAvar7JxCrKXFQSFh1lbaoRupxXJWh_z_mssZ95_D5UFRT7CkKGzGV0poAK1-k__6KeJD2iFz2RmQybkc-zZMC9-C5bP0hGsUuRIfjSf3ERlaOMqecs2to4PaMA6OA6CbxVO7-DGqiClBvrASY2WNmSE-E72p6hWVk_7bPROkfnKCDgBAGABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3CJiZwP7hVtsWSGE0PEZfliJkyfw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695352
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycducIMB0EQ5nx8OTTKFok5AtJ_dXDoVGriO6_W65_ioNLDNUKHdQMMQCMdoAlPIWN27xpBYz5N9plySv-z8TRH8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXYyff0dZiRaEXUYHtEVn2fR1ox391oTYQ9nfXZIOpllTnO1ZBEonOrlX4I0F8X0tIuY1WbYUou96ebnpNkj2Q5hl9hKL63zOcckdBg7C0ML7%2BTxKNmn%2FTdajOm9Qrg%2B3nxy4YMcAAP2oppJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6c4f8f2c7f3a4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FF39 43 B
702 B 88ms
24ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame A89F 81 KB
11 KB 29ms
29ms Stylesheet
text/css 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1159028
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4f8f2c7f9283ba-MXP
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A89F 53 KB
54 KB 25ms
17ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695314
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLOfJcwnv0xO6%2BHcRYlpf%2FYAyrI0iF4Oib3GpgpQ3Bbc8ciccCO23Uo%2F7%2B%2BLGARX8LMXDrhUHeZ7ciT1svL80ua5yok44n5%2FLbtaecQJZcwDpK4%2FnqJvgUbSuIS%2B2n4mJbf2c5aHeqGRKWVR"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6c4f8f2c7f2c4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame A89F 23 KB
23 KB 44ms
42ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1135478
cf-polished: qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid: ADPycdv7vRBQr2QMlXGOu8j5zKVRNqjeCpSJANF3jqhNt--ImucjNTEMjmInHqg5BeHzQYawsQM8qh2aXRKioKMJQf5e931Tlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23154
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JPLPVruZ59FIDi3Cobx0NbCvN9AhdaUVHhpOkjy%2BuHATbMUNrGn2vD6BNXW5eF03kL3Z8UCbrEYgZg%2FvryBhF7C5dWnJPs%2BterKE6KiHisJQQ5zrcOLmZgIAdLsAngvrjsn%2FfRPIbD9HlTB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639072283176296
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 132437
accept-ranges: bytes
cf-ray: 6c4f8f2c8f404df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame A89F
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122903221261038960039X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112290322126103896...

43 B
808 B

29ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960039X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960039X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame A89F 9 KB
10 KB 36ms
34ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695350
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2k%2FfKEXWgzzat8WTUDv%2BrOb2aROHih3t7lPovP5%2FuNXOvodFLjuZaw8KJ6968hpvJWyBMGVMBTlmcIXFr4b0LJVSv53gtHPHDsRsKvamKG8IVGT%2FKgP2CAvJAUSAPivQXwVhYX9MEpaUzw%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6c4f8f2c7f324df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame A89F 19 KB
19 KB 33ms
31ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695317
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19022
last-modified: Wed, 10 Nov 2021 15:00:52 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIU06meYTw3xlGyuFKk2FFtpUKE45Vmg5KqnObVXfkZz%2Fi7A6q%2BCOANaw1TuFfqCHLjGifywyjSfa3p5P6iMdukGastelLIU5G5FpLZGLO3fdecfZ4W5kqxPJ5oV7xUg5B9wKQ8ky3uWyGk9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636556452656256
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6c4f8f2c7f314df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame A89F
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211229032212610389600...

43 B
790 B

47ms
20ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame A89F 6 KB
7 KB 37ms
35ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695342
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycdvO2r_Qwsa4pUKVH6tiSd6mtjDv5ZDd5qF-Y1TmjICwmcmV50kEJZ08IJPE7IWiQjhlub6GeW0aFxVGifynNrY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ulodig9G6bymaxVMv02C3WXDKjqYNzkCUu5hd2MXF1rTEmWsOzu%2FfJoXNfoceNCJeo6uGkioj41sqbUdK8%2BXbAEnAZcBYABLd1%2BGsBw0ScvM0XsbMpDQJbkxkmBahfF59MeMi12FrvnQ%2F9p"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6c4f8f2c8f424df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame A89F 9 KB
9 KB 44ms
42ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=tBnMzsu_1eIWuX_HjSEKMlidUSPZi4vV&g=4a9c475dfcaa1525538ca261a1b96d30%2F15228152309950182&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdnb1jw6qqxfsw9eqnf2a176mhvf0g5wgkwppebmy6ve21sshx9t1r7v90t17qxyt2bw68nx8efcx3hzqek5zysaeanze11ypfsm713yx107q7eykva05s816fb8pwwynnmw9tk9va5tjs3rsfv89xj3wbajp4vkxhajqpbytqmeqcrqpg0ed3tes2sk0g453e6t2eapnn0p0hrzx3963m1d0xnqyqysc31nzvn0rezxz4jhgjpbyp9tjjvdvnvgg6v3msy13ntjnx2vaa0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVddkU8bLYafABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEqQJP0EwClMrTr5Feoygc-_NCSogcSlCEEXlcpWEQoKwXuIbsSjc_kJKoMKdwYOO0SlUbY0Ftzf4NmrDNrP2ZPWdY11Gcp7fICdE3gd3XlZCBx9YIm9XHCBZjCvauwI2PoTFG-_XMyK2RZ5waDpXk_crbUcBaSDQE3WdKMFXiVXKisDwjrulL1JPQhNerYZOGUL8R9Qs-GshexI1mQ-QyzVPZuL1EdGmZvCiXRyKw9yKBmrq4XlIHWw1T1yOJcj3QIlHZG37mTaY-FGRcPRSusiIIDf08-Mz6cDCYbl4XGLa2LXo1mM7xt2QiLYsvrGyx-mbvM3fyoeX2AcfvzmL75_DGWvobRNIB2IS7I-RbMWlv41Gd8TnEylNbCgSypW_C4CSgTaudCYyEnHPgBAGABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1qvqEwdbhnj6ZSmPwuzjrV1QpzKw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695352
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycducIMB0EQ5nx8OTTKFok5AtJ_dXDoVGriO6_W65_ioNLDNUKHdQMMQCMdoAlPIWN27xpBYz5N9plySv-z8TRH8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyV5D9tENASqEN3NfX0SBHkM3%2B6ajr2m8mvuGULiymtJAMd7fLzDLQrwFm8BfXuGM17%2BCvphTqi15MSdw3wU7uBjtXshlzYmsOmLHcPpGsyTEryYbE53mdRsFM752z9sITHOW9Lt90Eufqz2"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6c4f8f2c8f434df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A89F 43 B
702 B 86ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame D42C 81 KB
11 KB 45ms
44ms Stylesheet
text/css 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1159028
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4f8f2c7f9683ba-MXP
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D42C 53 KB
54 KB 33ms
28ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695314
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ese5GEw%2Bta2LgXVmqMeezRpq90F0EZSWmwfbs2nEYs1rfaLY3%2Bd%2B4bx%2BQtZNKHNjULskO6ELzZN7YcJCjYmNhqxuPM1I%2FbInhEcNEZT6puFmNV%2FJ%2Fr0XhzfpYTSOng7pxkSwFyXH2tpvWcIi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6c4f8f2c7f304df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame D42C 23 KB
23 KB 46ms
44ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1135478
cf-polished: qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid: ADPycdv7vRBQr2QMlXGOu8j5zKVRNqjeCpSJANF3jqhNt--ImucjNTEMjmInHqg5BeHzQYawsQM8qh2aXRKioKMJQf5e931Tlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23154
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf09XT52KB7KYZ%2F9%2FwJj%2BLYPw%2BokvC%2Fj6udtwY9%2FiUHY81gKvKyjnpGxizHc0m8xD%2F%2F0Id3Wml3uZix5ShuPCuZy7ic01ZOmRgbmamRIfjbXtB4sy0pExToA4Fk%2BxGHCs16t4%2Bl2eYjAOFLV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639072283176296
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 132437
accept-ranges: bytes
cf-ray: 6c4f8f2c8f454df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame D42C
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gd...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021122903221261038960041X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXyp...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112290322126103896...

43 B
808 B

33ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960041X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960041X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame D42C 9 KB
10 KB 42ms
41ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695350
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBH6xBJ2vZFmCPxthILjyOHFUEk%2B52x1f3LVlQFw4icpyOCElEuPdvB9F6io5ZKU9WIW8QWVhfZG%2Fxfxvj4EHafVOwXMry50rqTbc20Eb6Dd0pHZ0Fyl%2BGZE1MWFEsF6pbAZwyRtoO%2BtQZgr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6c4f8f2c8f4a4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame D42C 19 KB
19 KB 40ms
39ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695317
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19022
last-modified: Wed, 10 Nov 2021 15:00:52 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bbgw%2Fu%2BPDRHnrF6uUk1IYRatewVy4XaIgZ5Edg8HHySQgVsVpEcWCAGNxFl5BxKlI6QDV1P2Fiudbgd5p9iYEpsPE%2BceaRH6gfgRUsYDoM3hdLkwQ6InzcXE90%2FncuQK9egBf%2BJPK%2FnSNt4Z"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636556452656256
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6c4f8f2c8f484df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame D42C
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&g...
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122903221261038960045X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypO...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211229032212610389600...

43 B
791 B

37ms
9ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960045X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960045X113752V1225131106MSoneidj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9oneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame D42C 6 KB
7 KB 40ms
39ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695342
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycdvO2r_Qwsa4pUKVH6tiSd6mtjDv5ZDd5qF-Y1TmjICwmcmV50kEJZ08IJPE7IWiQjhlub6GeW0aFxVGifynNrY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhIrcUU18V2hSBNMr6Mj1KBZAp5M%2FCBF4O191tMWI4T2IylOZw3Noy8ZVj8%2Bdf%2F0xf21Jj4j%2FBWeCCMqmD0NBXJgVSVUjxqLoojl8sfnYbvDsLLQ5CHRF3yYi2eFFLDblGXoEWdJPyhOru7h"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6c4f8f2c8f4b4df4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame D42C 9 KB
9 KB 17ms
16ms Image
image/webp 2606:4700:3039::6815:c080
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C167497%2C64769&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqx2KSYHEH2t6tRRJUKTzTxJc9%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEApdaPHdHztDCRRBUJT6T8ZsA%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=728&d=90&e=qUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0&g=92366ed1810293e2f08b22ef5ca6b0a3%2F15079609219691086329&i=20774%2C20773%2C27835&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1640744531801&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gxn80x3n0fcd2gj0b264ng9xs3hxyz8ren7c8n1xy2pvpzstqbe8paafjhxy6r71byz7t2v8t6y0vfgfk0eyvtyg9mdyg23tgqf36tsaby2s95e9tmdwppwseeqsnpn1crfhdtmrz6vqf19sack0wtd6hsrw1eaqhtqtr5egr7dvzfeyx7bc4e68vdtzxhrfdsph512a1hdjrfk3qc15skprxcsn9kzk6z0mt4vd7h2fnjvd414ewp93t4w4y0bf8vz9gne5k4876hn8p60%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC5wvXU8bLYaTABNSKrATwsquoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDOgAcKu6N0DyAEJqQK4z-m_AvqyPuACAKgDAaoEnAJP0OOiiLqx4tl6lVNZK-rll-HAPkj6eGUV4-26d1jivICASWHSuGU1cBj5kcpYteOCgUiefkDakofH67gETzDlSZZ9WDJ0lAktI8Gch2eoY7zOlB4pNTYxfQS0VrDdmPvDs0T501CPJxRUldUN0lO38PTGxfPIz1lPxZU05i6QnJcRbKha0ZBWGBJnHkRB8PW248XuP9uRzWqSxYDyFsJ4m6__ypSKQ8ILKw9lUPCPi982_T5WlBjB4XsWp1dbBlW1X-lHn0L5w6EWcisU-3YjcbjA1LHYyTMbjT7eANpLj89RV0vl6FwICvsvWHSKWHcudI9iNU1Djlq-4TfOVO4inRkAJY9Xs92S3utjHCdE5AcnRPeETzkHAIuGBeAEAYAGgoaOsvyw2Zb6AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bdral-cxXvwsWAx0Xe9-3bMc7Qw%252526client%25253Dca-pub-1062972861553303%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Wed, 29 Dec 2021 02:22:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695352
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycducIMB0EQ5nx8OTTKFok5AtJ_dXDoVGriO6_W65_ioNLDNUKHdQMMQCMdoAlPIWN27xpBYz5N9plySv-z8TRH8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPmbCIBasTALGJejsz7nGa6z3lpDGGycxnjcBZ9QAdzsyGqb7xY5G0JVC54gVy2%2BhmDmyKCMrF9Wzisr8dJAxYLc4UO6gQP99kzjvRRzwDZxcXd6GR6LTTLoGHir0NVekOC%2BDPRKjjXQsRM0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Thu, 30 Dec 2021 02:22:11 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6c4f8f2c7f294df4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D42C 43 B
702 B 86ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__asuidqUOQXypOhv4tyA9WcnNYgp_uuxPlzVY0asuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Dec 2021 02:22:11 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 8EE0 33 KB
16 KB 86ms
20ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51990278;gdpr=1;gdpr_consent=li;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fphzkonhubxup4x4%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:11 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 30 Dec 2021 05:23:43 GMT

GET
BLOB 200
OK e940f76e-e3e1-451b-b623-a655365b6875
https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/ Frame 031B 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/e940f76e-e3e1-451b-b623-a655365b6875
Requested by: Host: b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
URL: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 8EE0 3 KB
2 KB 22ms
22ms Script
text/javascript 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=51990278;gdpr=1;gdpr_consent=li;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fphzkonhubxup4x4%3Ftprde%3D;js=1;adfxid=1x;471;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fsimcast.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3fbbcad6c5f08832938d9a9ecf68a7583584226aa80cd6839717a11cdc18923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1848
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 8EE0 43 B
208 B 19ms
18ms Image
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=26&asset=93&sid=276&rid=10528&cid=7537

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Tue, 22 May 2018 12:14:37 GMT
server: nginx
etag: "5b0409ad-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 8EE0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 8EE0 851 B
1 KB 66ms
11ms Script
application/javascript 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 35ms
34ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744532048&oz_l=6258&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 8EE0 90 KB
39 KB 27ms
27ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 30 Dec 2021 05:24:02 GMT

GET
DATA 200
OK truncated Show response
/ Frame AC5C 28 B
28 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

POST
H2 200 /
track.adform.net/csimpr/ Frame 8EE0 35 B
477 B 19ms
19ms Ping
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51990278&csi=ZKvJKE0h4XxtcDt_bns2oT6T9JfuGRLOi7Adx6ZWHcnZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal90002.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal90002.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10664483.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664483/ Frame 8998 3 KB
1 KB 22ms
21ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/10664483.js?ADFassetID=10664483&bv=258

Requested by

Host: www.capitalone.global
URL: http://www.capitalone.global/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

96bcbe3684c1089d731e6e8b4e7a9af69f361e8299c381a1b22268e85131c0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: W/"61b70dce-c8a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 1 KB
885 B 20ms
20ms Stylesheet
text/css 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4879c5ca67a36e3c2c633557a3a3886ab14b5b6490fa9936acf0fd0abe892778

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: W/"61b70dce-567"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 8998 30 KB
13 KB 23ms
22ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 117 B
413 B 23ms
22ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 12 KB
12 KB 24ms
23ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e5595db09650405bd6fe4cd28e4433abbbd694d6faa84292c353930bdad1a4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-2e15"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11797

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 11 KB
11 KB 28ms
27ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e6bcb09b72fe4af0a7025a07592c4d798c853a0bc53443bbfaeeb58dbaee58bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-2b14"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11028

GET
H2 200 banderole.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 11 KB
11 KB 29ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/banderole.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

06731437b93851a20c28a961aa9c1d2f5af314103be71640f74d89fac90d8e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-2b56"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11094

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 4 KB
4 KB 30ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

339b062715f0fa93bd4509bbd3c7ee6ebb3ce63ef1140c0dbf3aa8935b7aaf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-fe3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4067

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 2 KB
3 KB 30ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

49a86c59b86563d06a25ecdf34ff617c6b8dff04a81798418d9dc02c77c51314

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-91f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2335

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 2 KB
2 KB 30ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1bda28610742ab75071b05da88f5c6f2366f25085ff90c4d771b3e7814973198

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-7ef"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2031

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 7 KB
7 KB 32ms
29ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

411c5cad0d24027c726e52a3903531a2c8348c845e6552932c7698e997a81405

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-1a64"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6756

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 4 KB
4 KB 32ms
30ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

77b3b2c53216ee57263fe847e0bd6f28ae2577a25c2ae00ab470dc164c769096

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-108f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4239

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 36 KB
36 KB 35ms
33ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/model.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

46fc99f79ddbf8ae97a2d6d4c95d0d9992abfb8caa993efbfddab0cee7a65f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:37 GMT
server: nginx
etag: "61b70dd1-8e9b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 36507

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 10 KB
10 KB 41ms
39ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a7e55552dd1b8c30e6a33515512cda29a22a628d75d6445e6647f6a9124aac2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: "61b70dce-2755"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 10069

GET
H3 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 8998 38 KB
14 KB 27ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3131559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13669
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ColjHp5hPQvIbcrPozgVAmJs3JQWnH7ax6hKdHt947kZkq8a5G2lN5gNS3XMqmrUCcXGXrOncUD0VZIh85%2BV7zpi9XRjQzBXxx%2BRJuBM4w8hXxC4UL6eCI0kM5I%2FBw%2BHGMhJr6EhOGSptbnlTL%2BupOsa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f2e6c5459a1-MXP
expires: Mon, 19 Dec 2022 02:22:12 GMT

GET
H3 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 8998 5 KB
2 KB 26ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2261295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F5Myb6ZaFs2uDlG5eYymJl8LVu%2FSgKh3XtznnY8tGRMbzNnsAeUjVBh86Nnelcj33ofwTjg2FEovX37OM7tR%2BuR91J7vDIyKG0XHFPgp%2Fdj%2F3bS82hmMi7JxKuQAI0MgR07f3ixfpfI8Vv4RSyp8BgN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f2e6c5559a1-MXP
expires: Mon, 19 Dec 2022 02:22:12 GMT

GET
H3 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 8998 26 KB
9 KB 23ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1673562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8578
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ66Ea%2BYjxo%2FUFUtzsyhF9GY7je1HMrHNSsoyJwdxv%2FRgnhpn5NrRnaSzRJO6mIYxVqB97lPxX3OPV32YyBASGBcxC%2Bplx90YkfV3HY4RhAiZ6MUjtNwSegwxxo7OhvnK75fjR1OJAy7YFYrYdziyv1j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c4f8f2e6c5659a1-MXP
expires: Mon, 19 Dec 2022 02:22:12 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/ Frame 8998 7 KB
1 KB 41ms
40ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664483/bvpath_258/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

88810ce65ee55d7a60e833aa3fce057ba28d3a609f3504d6f66f0f77290d9334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:12 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 09:09:34 GMT
server: nginx
etag: W/"61b70dce-1c0e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 35ms
35ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744532236&oz_l=5930&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 30ms
30ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744532388&oz_l=385&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 39b784ef-c300-4e45-881c-8c8beb12533f
https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/ Frame 3576 773 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/39b784ef-c300-4e45-881c-8c8beb12533f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5aaeab37a6a8698e66682cf5576863ba82b78e6bdf486dd90ba40ed00358856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 773

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 32ms
32ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744532543&oz_l=2891&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:12 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5B8 42 B
64 B 40ms
40ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBNS8Pfm6SQbhxqelenK_lEZKBPZ4QLYOmTW2Bfn14T_Kys8cjhWuMsmgeau0w7efNC-q7X1AivPjWunvX3xoRfw&sig=Cg0ArKJSzM1_5xisofBaEAE&cid=CAASF-RoYDK9H0y0y_4jcoQqUIBRDlgeEs2u&id=lidar2&mcvt=1000&p=1038,850,1288,1150&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&app=0&itpl=20&adk=1152201870&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640744531367&rpt=220&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EEA7 42 B
64 B 40ms
40ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuITKCboA7WODd_RQgIQlLXaUgoS8sovp5irL7jfdtLbtEFY2bZTZ8hhQZ338qBssi82pGoJxvTvaVUr6SP1Ne5fg&sig=Cg0ArKJSzPP5GVVtEo40EAE&cid=CAASF-RoWifu8GlMkw-mCA5mBaq6oJfAXBG1&id=lidar2&mcvt=1001&p=80,436,170,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1635088977&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640744531363&rpt=206&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25FA 42 B
64 B 39ms
39ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9KnZXa-yQ9XQtfyYzs5XR_a6eg_P0GOGtGFwsKWDuHNr-4kc5t9or-OUNIfyWSHpKzPYH0njYqyyPVxHkjDfHfg&sig=Cg0ArKJSzPDqexS6uiM3EAE&cid=CAASF-Rox4HJ9FoDBcALQLyzPh2m1RDimt-p&id=lidar2&mcvt=1003&p=1110,436,1200,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=279805050&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640744531394&rpt=215&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 32ms
32ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744532705&oz_l=1887&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:12 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3576 42 B
64 B 41ms
40ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssC_8h0VuH8ZoQ4Y_uNZDRKNS6OK3saiy9WtUkY8g7T2zgv2hcn5_aTfrfN6Wj4KPnLrgyngnNKhZuUXm6SPZrtWg&sig=Cg0ArKJSzF9F_lzAC4PJEAE&cid=CAASF-RoUgSrms3fAlxbO4R2q8JzdUpBJ9a0&id=lidar2&mcvt=1000&p=265,1250,515,1550&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=181822351&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640744531390&rpt=351&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/ Frame 3576 0
145 B 31ms
30ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AP1sTLAHEeO-fY2J/postback?dm=300x250&pd=avt&ti=7389997230921180404&sr=4&de=43003&ci=619621&dt=6196211556140246740000&ap=&si=984468692&ai=215543&ac=1040879&cr=9690031&c1=9955993&r1=185.232.23.0&di=https%3A%2F%2Fsimcast.com&ui=7f453f1e-3b86-cf36-0000-000000000000&pv=bd91b9de-9b7f-4deb-b3a2-d626e26b3550&pp=pub-1062972861553303&r2=&r3=&sid=AP1sTLAHEeO-fY2J&oz_sc=a5b2d8a26b3b229def1fdb5a&oz_df=1640744532858&oz_l=1050&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Dec 2021 02:22:12 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 8EE0 0
150 B 36ms
12ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=68769800018932003891610011823002&a=677d99ca&vb=v
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=68769800018932003891610011823002&a=54038836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 02:22:12 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8EE0 35 B
477 B 19ms
19ms Ping
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@51990278,416032849312252422,100|1196|0|0|0|0|0|0|0||47|1|||||1|0|0|oAhcJjjqBLvi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal90002.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 02:22:13 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal90002.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 79D3 3 KB
2 KB 62ms
38ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/92056281/simcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https://simcast.com/?d=capitalone.global%26pcid=802%26rid=152%26a=0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=1697128&cust_params=sessionKey=214391592-nwGaOfKgkJogNfcU%26schain=sendtonews.com,VRAfdwVZOg7jMyH8bxgoOA%26content=8539%26placementType=Premium%26embed=eKVKXbhX%26domain=simcast.com%26player_size=large%26player_width=761%26player_height=428%26player_type=float%26version=65.21.10%26player_status=LVFNLNIY%26play_code=2008%26view100=1%26excl_cat=stl_id00110%26rand=9%26devicetype=desktop%26iris_context=undefined

Requested by

Host: player.sendtonews.com
URL: https://player.sendtonews.com/player7/player/65.21.10/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bce8b506578c12690a3fc63424c8331c91bde0a0a29947ae5b27312ba21d7f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 879
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://simcast.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 79D3 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=simcast.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 02:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 1-56o64r73022o536onp6qp1qpsr869110.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ Frame 79D3 14 KB
14 KB 9ms
8ms Image
image/jpeg 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/1-56o64r73022o536onp6qp1qpsr869110.jpg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33ca5e7810d91b923571ae0a67e59cfd3013d6338a05619b8e64d32c5cdb3cb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:26:31 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 27 Dec 2021 08:23:04 GMT
server: AmazonS3
age: 64546
etag: "c527220299d6d6057e581e2191bc093b"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=86400
content-disposition: attachment
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 14007
x-amz-cf-id: 5LXPsOcLY8157Ax3C88PpfkNujsc6C-Iw19V022p-Y6sMK6KpgE7nQ==

GET
H2 200 stn_trk.gif
s2l.sendtonews.com/ Frame 79D3 26 B
186 B 98ms
98ms Image
image/gif 54.82.234.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=nwGaOfKgkJogNfcU&instance=214391592&version=65.21.10&age=211229&ldt=IMA&key=eKVKXbhX&seq=1&order=4&recoveryMethod=SSAI&imaVersion=3.493.0&blocked=false&recovered=false
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.234.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-234-18.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:16 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 02nqo11os038sp45s3o70s60440p22n2playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ Frame 79D3 291 B
832 B 25ms
8ms XHR
application/x-mpegurl 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/02nqo11os038sp45s3o70s60440p22n2playlist.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3740b07b04119d5048fb2774a4405ab2a0f91c34e3129702c043a8254b9a52a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:27:11 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age: 64505
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 291
last-modified: Mon, 27 Dec 2021 08:11:37 GMT
server: AmazonS3
etag: "51f2fb6b0da90043fdb8669a3dc8f8ab"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: R-As_M_kF62Bjbu4sbz6QrzJq-s-PmXYwnC0Tvih74fpoNiZ9K6Qcw==

GET
BLOB 200
OK f4f2851c-6d63-4f79-aadd-6c5dda3a5873
https://simcast.com/ Frame 79D3 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/f4f2851c-6d63-4f79-aadd-6c5dda3a5873
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK 718f109b-e6a5-4420-9124-7cde3b4aaa89
https://simcast.com/ Frame 79D3 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/718f109b-e6a5-4420-9124-7cde3b4aaa89
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK c098900f-ad1c-41f8-9e4c-e1b6790519c5
https://simcast.com/ Frame 79D3 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://simcast.com/c098900f-ad1c-41f8-9e4c-e1b6790519c5
Requested by: Host: simcast.com
URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E9B3 156 B
143 B 111ms
110ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214391592-nwGaOfKgkJogNfcU%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8539%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D65.21.10%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00110%26rand%3D9%26devicetype%3Ddesktop%26iris_context%3Dundefined&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=30000&vrid=1224190&hl=en&cmsid=2460952&vconp=2&video_doc_id=1697128&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.493.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1198108931&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=86E322F6-4DAF-4C03-AFDA-93DF7E441AC8&nel=1&eid=44750604%2C44752711&dlt=1640744530402&idt=1094&dt=1640744536405&cookie=ID%3Db2f471f2820452ad%3AT%3D1640744530%3AS%3DALNI_MbAVV8zZTbzAZ6IAw1adptp8R0gYQ&correlator=2740590655265114&scor=3821128960648250&ged=ve4_td6_tt5_pd6_la6000_er290.20.718.781_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 02nqo11os038sp45s3o70s60440p22n2.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 79D3 213 B
754 B 8ms
8ms XHR
application/x-mpegurl 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/02nqo11os038sp45s3o70s60440p22n2.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 464dfa416819cda87af937ef9bae3056e74e484b72f0db5f9c156512fc6222bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:27:12 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age: 64505
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 213
last-modified: Mon, 27 Dec 2021 08:11:38 GMT
server: AmazonS3
etag: "54b23a0a48e8f8f0e5ad39c9a13c0184"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: YjrwlchOqhfaoyIPOxHzjDu15whn0aJJBz7eJSDfAb3yPkXnX67usw==

GET
H2 200 02nqo11os038sp45s3o70s60440p22n2-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ Frame 79D3 77 KB
78 KB 11ms
11ms XHR
video/mp2t 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/02nqo11os038sp45s3o70s60440p22n2-00001.ts
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2d3c80162fcf39cb3cb592e687f612b29769116b0e7f5c6a3e3353505a1ebe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://simcast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 08:27:12 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age: 64505
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 78960
last-modified: Mon, 27 Dec 2021 08:11:38 GMT
server: AmazonS3
etag: "1eab19a343c6d0fbc9f8cad7e300ac9d"
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Edi7HD3TQpsJcoprm8ulep3Yy8j6Wv5gpbSkgEX9oTRvFcg1o6EoMQ==

GET ads
pubads.g.doubleclick.net/gampad/ Frame E9B3 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: parking2.parklogic.com
URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=capitalone.global

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: player.sendtonews.com
URL: https://player.sendtonews.com/bidderFiles/0.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214391592-nwGaOfKgkJogNfcU%26schain%3Dsendtonews.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D8539%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D65.21.10%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00110%26rand%3D9%26devicetype%3Ddesktop%26iris_context%3Dundefined&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dcapitalone.global%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1224190&hl=en&cmsid=2460952&vconp=2&video_doc_id=1697128&vpa=auto&vpmute=true&kfa=0&tfcd=0&sdkv=h.3.493.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1198108931&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=86E322F6-4DAF-4C03-AFDA-93DF7E441AC8&nel=1&eid=44750604%2C44752711&dlt=1640744530402&idt=1094&dt=1640744536524&cookie=ID%3Db2f471f2820452ad%3AT%3D1640744530%3AS%3DALNI_MbAVV8zZTbzAZ6IAw1adptp8R0gYQ&correlator=2740590655265114&scor=3821128960648250&ged=ve4_td7_tt6_pd7_la7000_er290.20.718.781_vi0.0.1200.1600_vp100_ts1_eb24299

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
simcast.com/	1970-01-19 23:45:45	Name: PHPSESSID Value: bbu51scjn13p803tuoh08d08fr
simcast.com/	1970-01-20 00:28:56	Name: uidinfer Value: 40087650
simcast.com/	1970-01-20 08:31:20	Name: _uc_referrer Value: http://www.capitalone.global/
embed.sendtonews.com/	1970-01-19 23:45:44	Name: AWSELBCORS Value: AB7769910C09524E3F673477D3796BB23C89D09F9B32C0211B388E8F01C728C90F8FFD6D39526649A7A34046C53C69BF23A13465C21D74FB538059D02697B129752C89191F
simcast.com/	1969-12-31 23:59:59	Name: mess Value: 1
simcast.com/	1970-01-20 00:28:56	Name: _pbjs_userid_consent_data Value: 3524755945110770
.simcast.com/	1970-01-20 17:16:56	Name: _ga Value: GA1.2.569723748.1640744530
.simcast.com/	1970-01-19 23:47:10	Name: _gid Value: GA1.2.42181990.1640744531
.simcast.com/	1970-01-19 23:45:44	Name: _gat_gtag_UA_205158314_1 Value: 1
.adnxs.com/	1970-01-20 01:55:20	Name: icu Value: ChgI3uM8EAoYASABKAEw0oyvjgY4AUABSAEQ0oyvjgYYAA..
.adnxs.com/	1970-01-20 01:55:20	Name: uuid2 Value: 8049116667509190
.adsrvr.org/	1970-01-20 08:31:20	Name: TDID Value: 72123097-cbff-4f75-b7bd-8216bbe71638
prebid.a-mo.net/	1970-01-20 08:31:20	Name: __amc Value: 1_1640744530_1640744530
simcast.com/	1970-01-19 23:45:48	Name: _lr_retry_request Value: true
simcast.com/	1970-01-20 00:28:56	Name: _lr_env_src_ats Value: false
.simcast.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1640830931077
simcast.com/	1970-01-20 09:07:20	Name: cto_bundle Value: VgMy5V9lZjNzQkh5RFF6R2Q3dVBOTCUyRlhuajRDakJteVZSbDlBSHFIbWxxeGgxRGtXVEhvWTZvZnlLRzclMkYlMkJ4SG0lMkJMME9xVTdOUklYdWxKdU8zeTFCMmpZNndXUXNxJTJGN1cyS2t4ZURoVTFkV2hicDZwY2d5Z25SWUxuU1Zyc28lMkZpeGxJVA
simcast.com/	1970-01-20 09:07:20	Name: cto_bidid Value: HHTGG19WY2xCTCUyRlY3eEhNVlltdTNuTzVIMzZCc1hvU29iQlRDNlhyVjRRZGhxa0d1WkNJS1lEaDNBcEtJZ240S3g4T01IaVJoTUwzNE1HUkM2ajZBWUZpQ1J3JTNEJTNE
.doubleclick.net/	1970-01-20 09:07:20	Name: IDE Value: AHWqTUlO3pA-kHo7CxI9w9vCY1Iv1oyW1A6vvfP2xrMCQdAUxIBliuE5nEANbzT73ko
.simcast.com/	1970-01-20 09:07:20	Name: __gads Value: ID=b2f471f2820452ad:T=1640744530:S=ALNI_MbAVV8zZTbzAZ6IAw1adptp8R0gYQ
.liadm.com/	1970-01-20 17:16:56	Name: lidid Value: a2a2b798-ce22-4c8d-997a-4dec77712125
simcast.com/	1970-01-19 23:47:10	Name: pbjs_li_nonid Value: %7B%7D
.mathtag.com/	1970-01-20 08:31:20	Name: uuid Value: 936b61cb-c653-4101-9b4c-c5fa54d78fce
.travelaudience.com/	1970-01-20 09:15:58	Name: _tracker Value: %7B%22UUID%22%3A%2224F5696F-DA61-4D5B-89EC-8B40996B1D4B%22%7D
.quantserve.com/	1970-01-20 01:55:20	Name: d Value: EDQBCQGJJYEA
.quantserve.com/	1970-01-20 09:15:58	Name: mc Value: 61cbc653-99d00-cabf8-6fb77
.mathtag.com/	1970-01-20 00:28:56	Name: mt_mop Value: 4:1640744531
.1rx.io/	1970-01-20 08:31:20	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2ae1bebe-d168-46a2-b5bb-57517a112f6c-003%22%7D
.turn.com/	1970-01-20 04:04:56	Name: uid Value: 3265453467720491383
.adform.net/	1970-01-20 00:30:22	Name: C Value: 1
.adform.net/	1970-01-20 01:12:08	Name: uid Value: 6294773157218442030
.simpli.fi/	1970-01-20 08:32:46	Name: suid Value: FD4D4F98865842498D62885EFFB93E6C
.casalemedia.com/	1970-01-20 08:31:20	Name: CMID Value: YcvGU5pb8Gd69qVrasnfaAAA
.casalemedia.com/	1970-01-20 01:55:20	Name: CMPS Value: 5204
.targeting.unrulymedia.com/	1970-01-20 08:31:20	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2ae1bebe-d168-46a2-b5bb-57517a112f6c-003%22%7D
.yahoo.com/	1970-01-20 08:31:42	Name: A3 Value: d=AQABBFPGy2ECEG-a-10k8zBs0-U7FtAGpXkFEgEBAQEXzWHVYQAAAAAA_SMAAA&S=AQAAAhflhwZUstKHn4L7hn1I-8A
.de17a.com/	1970-01-20 08:24:08	Name: guid2 Value: 1.5886390613554170047
.casalemedia.com/	1970-01-20 01:55:20	Name: CMPRO Value: 1150
.casalemedia.com/	1970-01-19 23:47:10	Name: CMST Value: YcvGU2HLxlMA
.bidswitch.net/	1970-01-20 08:31:20	Name: tuuid Value: c6c02acf-022a-41d5-ac3b-a42af0219b02
.bidswitch.net/	1970-01-20 08:31:20	Name: c Value: 1640744531
.bidswitch.net/	1970-01-20 08:31:20	Name: tuuid_lu Value: 1640744531
.3lift.com/	1970-01-20 01:55:20	Name: tluid Value: 6021693487782236757
.w55c.net/	1970-01-20 09:15:58	Name: wfivefivec Value: Mughg2al1N2oBt5
.w55c.net/	1970-01-20 00:28:56	Name: matchgoogle Value: 5
.sportradarserving.com/	1970-01-20 08:31:20	Name: zuuid Value: e03a240e-6cf2-4883-8f13-f23b87eaffda
.sportradarserving.com/	1970-01-20 08:31:20	Name: c Value: 1640744531
.sportradarserving.com/	1970-01-20 08:31:20	Name: zuuid_lu Value: 1640744531
.sportradarserving.com/	1970-01-20 08:31:20	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 08:31:20	Name: zuuid_k_lu Value: 1640744531
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 388274:2629118
.awin1.com/	1970-01-19 23:48:37	Name: awpv19228 Value: 412871\|1640744531\|2176bbd0-684e-11ec-aa5f-2261f8d01a34
.lead-alliance.net/	1970-01-19 23:55:49	Name: ppv1225 Value: 2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0u9a788kfqbi3kup3h1m54sfms
.lead-alliance.net/	1970-01-19 23:55:49	Name: ppv1226 Value: 2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush
.blau.de/	1970-01-19 23:55:49	Name: nscQ486 Value: V
.blau.de/	1970-01-19 23:55:49	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0MDc0NDUzMnZsZWExZGUyMDIxMTIyOTAzMjIxMjYxMDM4OTYwMDQ5WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZDlNMVNNZktNdHhFcFNLSEJIMnQ3dHJycXN3VG1UeFZjZG9uZWlkX19hc3VpZHRCbk16c3VfMWVJV3VYX0hqU0VLTWxpZFVTUFppNHZWYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExMzc1Mg
.o2online.de/	1970-01-19 23:55:49	Name: nscQ485 Value: V
.o2online.de/	1970-01-19 23:55:49	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0MDc0NDUzMnZsZWExZGUyMDIxMTIyOTAzMjIxMjYxMDM4OTYwMDQzWDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZGt2Umx3N3dKU0NZVlRybzZXcVpLYXlWMTR0Rk5CNy1lYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.blau.de/	1970-01-19 23:55:49	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122903221261038960049X113752V1225131106MSoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__asuidtBnMzsu_1eIWuX_HjSEKMlidUSPZi4vVasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752
.o2online.de/	1970-01-19 23:55:49	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122903221261038960043X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuidkvRlw7wJSCYVTro6WqZKayV14tFNB7-easuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&ratenzahlung=24
.lijit.com/	1970-01-20 08:31:20	Name: ljt_reader Value: 6c56c6034c4bff536723637d

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=capitalone.global Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://simcast.com/?d=capitalone.global&pcid=802&rid=152&a=0 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
worker	error	URL: blob:https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/e940f76e-e3e1-451b-b623-a655365b6875 Message: Mixed Content: The page at 'blob:https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/e940f76e-e3e1-451b-b623-a655365b6875' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/e940f76e-e3e1-451b-b623-a655365b6875 Message: Mixed Content: The page at 'blob:https://b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com/e940f76e-e3e1-451b-b623-a655365b6875' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEIkCSJ3xRAr2_QzzYFDVnsY&google_cver=1&google_push=AYg5qPKvWl93fzn7iIBSCuuvrV3LjBR98N-GGMvVC0SwuvRPeYdLtAUWw61P-7pvzrRuvA-CaGkjFEtP_znr3fmgFZusb8k7gdI Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvGU5pb8Gd69qVrasnfaAAABH4AAAAB&google_push=AYg5qPIRwtj-uMtBDw8CG0PkOlHVoi2Wr63_pYHjetaC7QgUlYKxMYJb-n7rupPA_cY6t8wfRI45iDFMbT2DGifvh3lRm_yOxsM&google_cver=1&google_gid=CAESEAIxHHXBiN-TKroGwQJN5ZE Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL44h4PvXRIG9oMSQmn7YtmgpGZa-aW1c67sVeoO45N5GHmf48mbK1JzgurqUDPErhMaM5beQUEaw1oSJZ9RV6ari-JidWs Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
b60395961fdd453504ddbbfa3289520b.safeframe.googlesyndication.com
btlr.sharethrough.com
c1.adform.net
c2shb.ssp.yahoo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.contentspread.net
cdn.resonate.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
eb2.3lift.com
embed.sendtonews.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
in-appadvertising.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.mathtag.com
pixel.rubiconproject.com
player.sendtonews.com
pm.w55c.net
portal.blau.de
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
r.turn.com
s.update.mediamathtag.com
s0.2mdn.net
s1.adform.net
s2l.sendtonews.com
securepubads.g.doubleclick.net
simcast.com
ssbsync.smartadserver.com
static-de.ad4mat.net
sync.1rx.io
sync.adaptv.advertising.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.mathtag.com
timber.sendtonews.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.capitalone.global
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
api.rlcdn.com
cm.g.doubleclick.net
parking2.parklogic.com
player.sendtonews.com
pubads.g.doubleclick.net
104.111.239.217
104.18.12.242
138.201.63.117
142.250.185.66
143.204.98.43
143.204.98.50
147.75.38.124
169.50.137.184
169.63.109.126
172.217.18.98
178.250.0.157
18.185.209.98
18.195.1.147
18.198.161.230
18.203.96.5
18.215.24.252
184.31.84.150
185.29.132.245
185.29.132.246
192.241.157.60
199.187.193.177
2.18.233.201
2.18.234.21
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.44
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:3030::6815:631
2606:4700:3039::6815:c080
2606:4700::6810:125e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a02:2638:1::13
2a02:26f0:6c00::210:ba20
2a02:fa8:8806:12::1460
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
3.125.196.46
3.33.220.150
3.95.140.237
34.107.148.139
34.120.133.55
34.247.120.79
35.157.246.167
35.190.0.66
37.157.2.235
37.157.6.235
37.157.6.246
37.252.161.190
37.252.172.45
45.79.244.12
46.4.10.47
46.4.62.19
50.16.243.51
51.89.7.205
51.89.9.251
52.19.22.209
52.2.183.88
54.204.0.108
54.82.234.18
63.251.14.14
69.173.144.139
72.52.178.23
76.223.111.18
78.46.85.162
82.113.101.132
82.113.101.236
84.200.5.215
88.99.65.215
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
02fe6e1e5f7de89832bfd4129a6a795d63ffed5880d7c06c89a5fdcea27eff95
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05ae3f380aa84525366b83840c571e6220159409c2bbb5e977bd13089b2cf758
06731437b93851a20c28a961aa9c1d2f5af314103be71640f74d89fac90d8e6c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0ec469f71480e26bd1945b897beefc5170de24c4d0b2f392f4d947533ac61f54
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
133445f2edd0fd81ac2f6186ae3f805952018b87cda47a9696f87c7d6090e1be
149c88938701c4183cb848bfb56531d65452605032db9964b84371da75528969
1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1bda28610742ab75071b05da88f5c6f2366f25085ff90c4d771b3e7814973198
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f28c9b7d46128ffee61885ff56fc15869e7743ec90459beab6fed5fd0d35207
1f603879e7c6d9f3648cc4b33ba22c59bb564dc81dbff743b46811012755c3da
1fcbb8438c7471975167853e31c3247d6c1b951ec1ec34b89e16184a0dd76577
20b1263f087f4349521e2bd6f985ad5819c62112e29c33d1d84fa5e802150ee8
230665fcd98b4466f8850c2068dc9bf686e74cc63f3d6fd4b64086b434e58817
27d15ad3fa7be3b11103c21763d6c3d143bf08358c41a6efa79a42c782a97fe2
2a3452ffa6a08762bf982091ac7fbf5614b8fb333faff970026df3c12093535e
2b6dd52dabcd9296705a43db06595eb7c88d4bbf21c53fab2b7e763df5276f07
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0599afb990b9ad5856ea86689574aa88dd3c5aa00c9217a84b2756577504d3
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f07fd1a4107fd7ddee91157b66e63c2d46679add1494ae8a0f691d23df2a8a1
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
30f33d16d1347dc406113a006a99b2fbcd9117530cb90244f25ca1a61128a845
32fbe07e2e94ddbcd04df7c37f1d86714657545c9e112519f21b003c8ce8955e
339b062715f0fa93bd4509bbd3c7ee6ebb3ce63ef1140c0dbf3aa8935b7aaf7c
33ca5e7810d91b923571ae0a67e59cfd3013d6338a05619b8e64d32c5cdb3cb2
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c505f848eea72383c5f604fbcef1ead2073097f5e13adbf286531c6b76d3b43
3fbbcad6c5f08832938d9a9ecf68a7583584226aa80cd6839717a11cdc18923b
403bfcefd23cdd6c98afe957a4d3edca96fff54c9a3116b3c234d0a278153405
411c5cad0d24027c726e52a3903531a2c8348c845e6552932c7698e997a81405
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464dfa416819cda87af937ef9bae3056e74e484b72f0db5f9c156512fc6222bf
46fc99f79ddbf8ae97a2d6d4c95d0d9992abfb8caa993efbfddab0cee7a65f08
4879c5ca67a36e3c2c633557a3a3886ab14b5b6490fa9936acf0fd0abe892778
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
49a86c59b86563d06a25ecdf34ff617c6b8dff04a81798418d9dc02c77c51314
4bba0046c96a9a31a7b96e5a3e9f65d06c3ea6fd655c37dc1a7e559a9a7496dc
4c57a73b3bf4f85b6b0dff637df720bcb0d4d9146eb88485254cce6b33b1587a
4ebb77cacd95fc3d1bf650d0ce9496c7db4b6b78c2756f83b308717cb8928d34
52a832fce3f788a345621975a5a67474047c4f7afec1c33e9ceef81d7e0bdbc1
53cec24da6bd72d8ebf9012e3cd6a4a3935366fbf1ef89be09aff586ded5f543
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565caf30b379abe6d892f5e5d008d59904ffebd106ec3db17a8d0bba8f3da78a
56fe6ea34d18797d462b51ffbc517d842f478caddbabcf92518886e3738d4e64
5857138def6703a65c3b907b9d85c15c3ed7d2a4025fbd006a32e0e010e09863
5b9e14d715735265ef2a440f07ea9bb0e0738028232e1579de99b13cbce91cc1
5da3370ea81bf9fec16d0edc044663f919e8662c07c1d9e1e346c139f3e3aa0d
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c4239c736285f3a317c3ca76210a583b3d477bfc98ac2e4f9590dbc55e245e
643d3ac680e0cad33b2e08bda0c4391da8fbf27ce34cfdec252caf9ed9893278
65cd067f41e38e4300c22d89c320beeeaf18cb1fc11f17a8dff395fec11dd8ea
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
69612ec981d4837739844a088f4930f6ece4a3354cf823ad974d6b7dd6729573
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71351b729bfc7c206bd80a001801bca3317ed54a28830dce9903cca1cc1e4490
71c23fd25162cad33870e7684ed352fbaa16079f64203fe3cd72b485622e0018
741f4c6ed536e6c241d846518594f1b2b39444949494d791f6f883c540491135
7445dd21e8b35707dc9ab3743ae40717522c7fa6c6b0c4c175e4408a30874843
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77b3b2c53216ee57263fe847e0bd6f28ae2577a25c2ae00ab470dc164c769096
795a291fbf9739488e3d1e0647165e75570c93732db339ad2d42e8baa9a10a3d
7adc0e82d10de0c5af74d068b95973ff1528ff242d6e35390d3d5ef718291471
7af72cef01de1923107fe4821b99442c3ddb17940c731a3c83be2b263db69833
7b3af446f914b11016ea91a816561361ff91860da8153754d1c29f78f9446e49
7d18a18eb8f2b492c1494557caff4047e403c7312782e664b6517479e5bb2e47
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
81b940f0df74ace0700459e9b8e84a4c01152503c2ec56ff756e01ebd657b216
81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
852a0ca0ba1aa90aa9876a0fd6063f5ca6917867cebc73ba552f96751850f8c0
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
88810ce65ee55d7a60e833aa3fce057ba28d3a609f3504d6f66f0f77290d9334
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c152fdda98c98071b42d2c8901c4e9519bce31383fbd6b804228595de4f3d27
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cf37740ea7a6511968fcae2844fef8245b2c7975841059a7c1a32c7b3f8f0d5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
93940d0c47c970f5e8d3a6151c12d97e0a1f4ef62067a597adcfd7d420cb88a9
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
95aa0d5df637205fd80328aca4425fbd70d213dd4890332705cf5fa831c06031
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
96bcbe3684c1089d731e6e8b4e7a9af69f361e8299c381a1b22268e85131c0cd
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2398e2ba9f980c701cd662148c8e3c6d5a4a8b7e6ce991ed0351c4d865caa7
9bca01ed7e9dc635393934fb1fb6cce56e2d0aa194aaa601db58c29385c419d2
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
9fde44648a2da545faa9b4a19cf7495e9bf69cbc93008a80853392388cdcba12
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2d3c80162fcf39cb3cb592e687f612b29769116b0e7f5c6a3e3353505a1ebe0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f76bdf43d56995b0a28cf2ec66b41bd61d0e92c46e72e6795603e4c3ff86d4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e55552dd1b8c30e6a33515512cda29a22a628d75d6445e6647f6a9124aac2e
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
aa7958c4adc7eaad62f356df0bfbd4f59fbf1d9a9fb21c4f7a44fb483641fec6
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
abaab2cba237aa106298f6fbba0f540da1e0f943171b14d50e74776696168ec0
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b146539f8541a3490c032afc05fd4402ba3a910067d87133f1c10e95c30bec6c
b1a6b67f0b077700e47f151bc6bfc6a46629a426a265b4b013f2d769c873d6c1
b80b6b2d992693fa00ef2ade320d14a78bbfee49f092e3c212e64a49ed3269f1
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba1d4c816a3afc381c8b2883571e8cbdc8c982ccba7e977072722c881b69b40d
babe18c9b93dc8e60e8912029d44039a3a362d924ea3dae6ad188cb899c63233
bb32e045c4f5428fdda4cd127e93ea8b15db182696daf4b45d07e42471a31ef5
bce8b506578c12690a3fc63424c8331c91bde0a0a29947ae5b27312ba21d7f45
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bfa12779f481d024004ac40f96aa837e671f2b6362ca6b3b84f6edf061825e98
c02c7881d98d1e23d8e054c77e528980397b86186652a0f2491ea354f20726af
c0ffd3333176c58baeea4ecefc1b2621f2ac518b5464c3574718f118a4a8fb29
c2c8db35582e4a7c3691904aa8c693c0be22e9f3fb0d29d151d9b53583b46c12
c3d0837637a8bfc56ac3d88234a9c3c24c4187d7930766d23005d35c6c380687
c6869fdc4b5b6a3bc7b1d33ce27cf8ba45199a3a2a390b41df5c47495733b979
c83d51b9e1de9fb753dcbca9ed03c76cc8541a321c696201809ab741d3c2b3d7
c87d9899a2b238343a8668b906efe925856db9e8696cd54756e1e4ce27b45ac5
ca1e3bc44a3d6d0a2612d88ff8b2f2638101ab8277577ba3649252ae13bf02ca
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cd6c8f0810a8f8fa531ecfa92db6ef5fa77f39e0cf1c91bc461bde32d48ae8ca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db83a88ebf56f0a6c00280a0b4a99a6e387d363336872d49f61a2702792fafc3
dc33992fb42ff89836b096554aab4fd99d9ff1e346bd611287170b03055b75c2
dd08a87c0d61e7eecc5c1896111ffaa3c716558173bc4ab0b4176d88565f58d6
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3740b07b04119d5048fb2774a4405ab2a0f91c34e3129702c043a8254b9a52a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5595db09650405bd6fe4cd28e4433abbbd694d6faa84292c353930bdad1a4d2
e5aaeab37a6a8698e66682cf5576863ba82b78e6bdf486dd90ba40ed00358856
e6bcb09b72fe4af0a7025a07592c4d798c853a0bc53443bbfaeeb58dbaee58bf
e8ba6c25e1483b376da5f911cb5a9cda1cf892b3e3b6a6d193e564636343bf47
e8d6c69e6e51b442c4f22bfbb2afa7e45f8df3960418c3dd5f5b39fbbf711df2
e991daa241c74f0cb0663e6e9f6ac012097ba8fc630a3814444ba0f412ca74e6
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
ec7ec1dbb2f155c539eb06d1b71d56daf6e8c5c96f6837a59820b3a4ba8c773a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
f65b07e212770adff375332cdc24c50978f60efc0c6f1a76c80e3a6a1edb2eb8
f66c72eba2fc065baa8d7efee6e00af0dbc191d553f4bfa46369a0ee6be00020
f71fab405c322b63d09532c007eb7bb5f95b40dbfd7ee16d8968e0365e57ad23
f75286524d4339d345be0ab0d24554611d40b54a7e705c9c9844ebf707f4292c
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
fc913f8d510a79cf5704e72dffed45129f8271397f5a36e9e3e2a357b25da2db
fd831b23a498a8bc13c8cf45345143fe6da0220205b4878a41da301c197aae79
ff8c03a20b1f604b3b58f0fb1607bdd160d14ae08ed33f93537f1a7b3947b6eb
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

simcast.com Open in urlscan Pro 45.79.244.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

329 Requests

88 %HTTPS

31 %IPv6

67 Domains

93 Subdomains

69 IPs

11 Countries

2858 kBTransfer

7298 kBSize

62 Cookies

0 Outgoing links

Page URL History

Redirected requests

329 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

simcast.com Open in urlscan Pro
45.79.244.12 Public Scan

Screenshot
Live screenshot

Full Image

329
Requests

88 %
HTTPS

31 %
IPv6

67
Domains

93
Subdomains

69
IPs

11
Countries

2858 kB
Transfer

7298 kB
Size

62
Cookies

329 HTTP transactions
7 data transactions