urlscan.io logo urlscan.io
SecurityTrails logo

bg.myservername.com Open in urlscan Pro
2606:4700:3031::ac43:dfa4  Public Scan

Go To Rescan Add Verdict Report
URL: https://bg.myservername.com/python-variables
Submission: On November 22 via manual from BG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 9 countries across 64 domains to perform 403 HTTP transactions. The main IP is 2606:4700:3031::ac43:dfa4, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.myservername.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.
This is the only time bg.myservername.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
1 185.177.92.30 39572 (ADVANCEDH...)
2 2600:9000:225... 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
9 2a00:1450:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.222.214.2 16509 (AMAZON-02)
2 6 185.184.8.90 204995 (RTB-HOUSE...)
19 104.22.69.131 13335 (CLOUDFLAR...)
8 18 37.252.171.52 29990 (ASN-APPNEX)
11 51.75.86.98 16276 (OVH)
27 2606:4700:10:... 13335 (CLOUDFLAR...)
4 37.157.4.23 198622 (ADFORM)
4 147.75.85.234 54825 (PACKET)
4 54.36.238.155 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
2 94.23.186.68 16276 (OVH)
19 178.32.207.132 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
3 64.233.167.155 15169 (GOOGLE)
6 142.250.186.130 15169 (GOOGLE)
6 9 142.250.185.66 15169 (GOOGLE)
3 9 185.80.39.216 27381 (CASALE-MEDIA)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 ()
2 178.250.2.146 ()
2 35.71.131.137 ()
4 151.101.65.108 ()
1 37.157.4.28 ()
5 69.173.144.165 ()
4 216.52.2.39 ()
4 162.19.138.117 ()
8 8 188.42.196.115 ()
9 9 18.156.0.31 ()
4 2600:9000:223... ()
4 4 23.35.228.23 ()
8 3.127.228.236 ()
4 172.64.154.237 ()
4 4 96.16.141.156 ()
8 23.203.77.3 ()
4 23.35.236.201 ()
4 213.19.147.45 ()
1 185.64.189.115 ()
2 2 23.55.110.197 ()
2 2a05:d018:d29... ()
1 1 37.252.171.84 ()
1 1 141.226.228.48 ()
1 72.251.245.181 ()
403 64
21    2606:4700:3031::ac43:dfa4 (United States)

ASN13335 (CLOUDFLARENET, US)
bg.myservername.com
myservername.com
1    185.177.92.30 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-30.ah-server.com
dr6.biz
2    2600:9000:225e:a400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
9    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    52.222.214.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-2.fra56.r.cloudfront.net
optad360.mgr.consensu.org
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
19    104.22.69.131 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
18    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
11    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
27    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
4    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    54.36.238.155 (France)

ASN16276 (OVH, FR)
PTR: ip155.ip-54-36-238.eu
rtb.adxpremium.services
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
19    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    94.23.186.68 (France)

ASN16276 (OVH, FR)
PTR: vh11.eris-e.of.pl
video.onnetwork.tv
19    178.32.207.132 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w25.of.pl
cdn.onnetwork.tv
cdnt.onnetwork.tv
6    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2607:f8b0:400d:c09::78 (Morganton, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net
bid.g.doubleclick.net
6    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
9    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e:15::7 (Ireland)

ASN15169 (GOOGLE, US)
r2---sn-5hne6nzy.c.2mdn.net
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
ade.googlesyndication.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    2a02:2638:1::13 (None, )

ASN- ()
gum.criteo.com
2    178.250.2.146 (None, )

ASN- ()
mug.criteo.com
2    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
4    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
1    37.157.4.28 (None, )

ASN- ()
cm.adform.net
5    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
4    216.52.2.39 (None, )

ASN- ()
ap.lijit.com
4    162.19.138.117 (None, )

ASN- ()
id5-sync.com
8    188.42.196.115 (None, )

ASN- ()
ads.betweendigital.com
9    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
4    2600:9000:223f:bc00:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
4    23.35.228.23 (None, )

ASN- ()
hbx.media.net
8    3.127.228.236 (None, )

ASN- ()
match.sharethrough.com
4    172.64.154.237 (None, )

ASN- ()
ssum-sec.casalemedia.com
4    96.16.141.156 (None, )

ASN- ()
secure-assets.rubiconproject.com
8    23.203.77.3 (None, )

ASN- ()
eus.rubiconproject.com
4    23.35.236.201 (None, )

ASN- ()
ads.pubmatic.com
4    213.19.147.45 (None, )

ASN- ()
usermatch.targeting.unrulymedia.com
1    185.64.189.115 (None, )

ASN- ()
image6.pubmatic.com
2    23.55.110.197 (None, )

ASN- ()
ads.stickyadstv.com
2    2a05:d018:d29:3605:2eda:8ed6:2a73:2027 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    37.252.171.84 (None, )

ASN- ()
secure.adnxs.com
1    141.226.228.48 (None, )

ASN- ()
sync.taboola.com
1    72.251.245.181 (None, )

ASN- ()
cm.adgrx.com
Apex Domain
Subdomains		 Transfer
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
ade.googlesyndication.com — Cisco Umbrella Rank: 275
226 KB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
static.doubleclick.net — Cisco Umbrella Rank: 309
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
bid.g.doubleclick.net — Cisco Umbrella Rank: 672
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
329 KB
27 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11251
sync.quantumdex.io
6 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com
secure.adnxs.com
85 KB
21 onnetwork.tv
video.onnetwork.tv — Cisco Umbrella Rank: 42793
cdn.onnetwork.tv — Cisco Umbrella Rank: 41135
cdnt.onnetwork.tv — Cisco Umbrella Rank: 52228
156 KB
21 myservername.com
bg.myservername.com
myservername.com
653 KB
19 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
gcdn.2mdn.net — Cisco Umbrella Rank: 906
r2---sn-5hne6nzy.c.2mdn.net — Cisco Umbrella Rank: 343188
3 MB
19 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5877
csync.smilewanted.com
static.smilewanted.com
57 KB
17 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
46 KB
13 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com
11 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
89 KB
11 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
1 KB
11 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 261
imasdk.googleapis.com — Cisco Umbrella Rank: 413
fonts.googleapis.com — Cisco Umbrella Rank: 43
763 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
800 KB
8 sharethrough.com
match.sharethrough.com
137 B
8 betweendigital.com
ads.betweendigital.com
5 KB
6 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6054
creativecdn.com
1 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3294
r.skimresources.com — Cisco Umbrella Rank: 3163
t.skimresources.com — Cisco Umbrella Rank: 3318
p.skimresources.com — Cisco Umbrella Rank: 4264
22 KB
5 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
26 KB
5 adform.net
adx.adform.net — Cisco Umbrella Rank: 3954
cm.adform.net
c1.adform.net Failed
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
16 KB
4 unrulymedia.com
usermatch.targeting.unrulymedia.com
4 media.net
hbx.media.net
2 KB
4 smaato.net
s.ad.smaato.net
962 B
4 id5-sync.com
id5-sync.com
4 KB
4 lijit.com
ap.lijit.com
1 KB
4 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com Failed
1 KB
4 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8716
6 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
694 B
4 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 51219
12 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 adsrvr.org
match.adsrvr.org
657 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
95 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
914 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
94 KB
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 33144
556 KB
1 adgrx.com
cm.adgrx.com
283 B
1 taboola.com
sync.taboola.com
178 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 115
21 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
3 KB
1 dr6.biz
dr6.biz — Cisco Umbrella Rank: 366611
15 KB
0 360yield.com Failed
ice.360yield.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 smartadserver.com Failed
sync.smartadserver.com Failed
0 connectad.io Failed
cdn.connectad.io Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 digitaleast.mobi Failed
euexchangesync.digitaleast.mobi Failed
0 dotomi.com Failed
casale-match.dotomi.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 turn.com Failed
ad.turn.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 adroll.com Failed
d.adroll.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 company-target.com Failed
s.company-target.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
403 64
Domain Requested by
23 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
bg.myservername.com
googleads.g.doubleclick.net
www.googletagservices.com
20 myservername.com bg.myservername.com
18 cdn.onnetwork.tv video.onnetwork.tv
cdn.onnetwork.tv
bg.myservername.com
18 ib.adnxs.com 8 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
ads.pubmatic.com
16 s0.2mdn.net imasdk.googleapis.com
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
bg.myservername.com
s0.2mdn.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
bg.myservername.com
imasdk.googleapis.com
11 csync.smilewanted.com get.optad360.io
csync.smilewanted.com
11 onetag-sys.com get.optad360.io
sync.quantumdex.io
9 ups.analytics.yahoo.com 9 redirects
9 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
ads.pubmatic.com
9 googleads.g.doubleclick.net 2 redirects www.youtube.com
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
bg.myservername.com
9 www.youtube.com bg.myservername.com
www.youtube.com
8 eus.rubiconproject.com sync.quantumdex.io
eus.rubiconproject.com
8 match.sharethrough.com sync.quantumdex.io
csync.smilewanted.com
8 ads.betweendigital.com 8 redirects
8 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
6 imasdk.googleapis.com cdn.onnetwork.tv
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
imasdk.googleapis.com
5 googleads4.g.doubleclick.net bg.myservername.com
5 csi.gstatic.com imasdk.googleapis.com
5 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
4 token.rubiconproject.com eus.rubiconproject.com
4 usermatch.targeting.unrulymedia.com sync.quantumdex.io
4 ads.pubmatic.com sync.quantumdex.io
4 secure-assets.rubiconproject.com 4 redirects
4 ssum-sec.casalemedia.com sync.quantumdex.io
ssum-sec.casalemedia.com
4 static.smilewanted.com csync.smilewanted.com
4 hbx.media.net 4 redirects
4 s.ad.smaato.net sync.quantumdex.io
4 id5-sync.com sync.quantumdex.io
4 ap.lijit.com sync.quantumdex.io
4 acdn.adnxs.com get.optad360.io
4 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 rtb.adxpremium.services get.optad360.io
4 prebid.a-mo.net get.optad360.io
4 adx.adform.net get.optad360.io
4 useast.quantumdex.io get.optad360.io
4 prebid.smilewanted.com get.optad360.io
4 prebid-eu.creativecdn.com get.optad360.io
4 optad360.mgr.consensu.org get.optad360.io
4 jnn-pa.googleapis.com www.youtube.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 bid.g.doubleclick.net imasdk.googleapis.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 creativecdn.com 2 redirects
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 ads.stickyadstv.com 2 redirects
2 match.adsrvr.org get.optad360.io
ssum-sec.casalemedia.com
ads.pubmatic.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 ade.googlesyndication.com
2 r2---sn-5hne6nzy.c.2mdn.net
2 www.googletagservices.com 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
2 www.google-analytics.com cdn.onnetwork.tv
www.google-analytics.com
2 video.onnetwork.tv get.optad360.io
cdn.onnetwork.tv
2 adservice.google.de securepubads.g.doubleclick.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 cdn.jsdelivr.net get.optad360.io
cdn.onnetwork.tv
2 p.skimresources.com bg.myservername.com
2 t.skimresources.com bg.myservername.com
s.skimresources.com
2 get.optad360.io bg.myservername.com
get.optad360.io
1 cm.adgrx.com ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 secure.adnxs.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 pixel.rubiconproject.com
1 cm.adform.net
1 gcdn.2mdn.net 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 cdnt.onnetwork.tv bg.myservername.com
1 fonts.googleapis.com 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 r.skimresources.com s.skimresources.com
1 s.skimresources.com bg.myservername.com
1 dr6.biz bg.myservername.com
1 bg.myservername.com
0 ice.360yield.com Failed csync.smilewanted.com
0 um.simpli.fi Failed ads.pubmatic.com
0 pixel.onaudience.com Failed ads.pubmatic.com
0 aax-eu.amazon-adsystem.com Failed ads.pubmatic.com
0 dis.criteo.com Failed ads.pubmatic.com
0 d5p.de17a.com Failed ads.pubmatic.com
0 sync.smartadserver.com Failed csync.smilewanted.com
0 cdn.connectad.io Failed csync.smilewanted.com
0 sync.srv.stackadapt.com Failed ssum-sec.casalemedia.com
0 pm.w55c.net Failed ssum-sec.casalemedia.com
0 pixel-sync.sitescout.com Failed ssum-sec.casalemedia.com
0 euexchangesync.digitaleast.mobi Failed ssum-sec.casalemedia.com
0 casale-match.dotomi.com Failed ssum-sec.casalemedia.com
0 sync-tm.everesttech.net Failed ssum-sec.casalemedia.com
0 ad.turn.com Failed ssum-sec.casalemedia.com
0 gu.dyntrk.com Failed ssum-sec.casalemedia.com
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 sync.mathtag.com Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 s.company-target.com Failed ssum-sec.casalemedia.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 c1.adform.net Failed ssum-sec.casalemedia.com
ads.pubmatic.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 ssp.disqus.com Failed sync.quantumdex.io
403 104

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
www.optad360.com
myservername.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-13 -
2023-06-13		 a year crt.sh
0.mo11.biz
R3		 2022-10-07 -
2023-01-05		 3 months crt.sh
*.optad360.io
Amazon		 2022-10-17 -
2023-11-15		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
optad360.mgr.consensu.org
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
onnetwork.tv
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-08 -
2023-01-17		 2 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 87 frames:

Primary Page: https://bg.myservername.com/python-variables
Frame ID: 9DFEBCC331B803FFC952B47B99335924
Requests: 90 HTTP requests in this frame

Frame: https://www.youtube.com/embed/eTQEHBLLZSo
Frame ID: BE13AA3471A5C3039F418FFD207B2A1B
Requests: 21 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.04474175528988433
Frame ID: C7405B7AF4F24F9A3F407A9B98C1F4A8
Requests: 1 HTTP requests in this frame

Frame: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5DE54C9A340FA0C3E0CB2601B6B79880
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7150988D0E485338D12C762059EDB0B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F840C7D15423F1DC8DF17055CE129403
Requests: 2 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/player86.css?s=1665422390
Frame ID: 0016A5A996509ED4BF6CC73802F8F40D
Requests: 25 HTTP requests in this frame

Frame: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CD319C1090A5C474F106749C0A27D6A
Requests: 27 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: D690B6DFB2976666480712D01E5FD55C
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: 5B0FC509391C013BC17CD41A9BB68EBD
Requests: 1 HTTP requests in this frame

Frame: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 555EFB309BD56E1BBD20275A7D65AA8C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhj5z4TaATAB&v=APEucNW2Ai-4--Gcr4vaaTcqJXGa5-2w7Li69WNMWVPQo55rfUKZZtCK3x_e3UhMsHM5pRK3FSqEE3nW5AXk2lYzT1nLfKlx0uRyq9aZTKtuuHSDY-7oSjSIzbBRdigUmkwdenYKVtfRouTBrkC_YUP4UQybokqDDMS9fXSW4jH8TRLmzSqPo1vrwJyXvoLFvsRdcZ2YFLYEWK1Yxi8R_3foN2hmGz8yxQ
Frame ID: 9B161642D13F45B139CC23C1C6DBE579
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 944291B172F523F7CD76BE5943B2F57D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AD5A023DF4C69A400416A04FB26083EC
Requests: 3 HTTP requests in this frame

Frame: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D0737C93E321E883DABA20E852F58E9D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRDDht4CGIv20dgBMAE&v=APEucNUpnr6Bh4Pe6_waEK-DJQk0nBob7z5syGP9FIhpirgYruGLwy2AKfQuxTKK96h93aiAF0IxZzA_soYymxf_U6V5Ls-vp1sMvr5-Nl9ZPGy2QdEHjZdwqbdRDJ6RohWYWwTeu8wzsdBA4Uz9BLyCNX7fOYoZGswzgpFiBRRtVcE9ZTYRa5kX57TmuLngbxXO8WsI-bEocEUu_rKk5eO74jcCJBZ9nQ
Frame ID: 3993FA0A4350600D8A537BFFBCB09804
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 240C4953D3E3DA3BF68A1A9D987EB207
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Frame ID: 9A25822C31D5B1FD487E8D4392A46AFB
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669121503586&gdpr=0
Frame ID: E74881A9187B32CC722B6DD0B4F77ED5
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 75D27FD64770209DCB35C0E15A1BD583
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: DE7A3F5E12BCB99536A93EAE2C4A86B1
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 8A4CE3F530EC9D8EE55C61ACDAA30CDD
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 5A82E2277C6411E239727F0F0935EF4A
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: EC355E2F8ED53C489683A44A053750F4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC9203B39263FB60364496CE0094BC59
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 4EE685E92BEB0B02E371FB1CAE4B5BD8
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 4A7060DBF77AA510BB7804A18771C0BA
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669121503587&gdpr=0
Frame ID: 9A08ED83DE3DBD613B997B8BFA54CFCE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1BA02A6D7D721AF374C63B429D318B9B
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: D7895015F6E133087B2B486BA8AAF250
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669121503587&gdpr=0
Frame ID: 5EB6A7A771B9643A01D4ED3A698D908D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E70E12D9C04C6A404ED25C0A4411D13E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EF414F40B355203E6304030910691776
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 3C4CE6A2EFBCA5F39CE09EBA27056EE1
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: AB8E9F31A9204B0A62D27196C139737A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 44FE238EF71FA8FD9573F772F9698F33
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5614E242164BA209190E5FDD29BBF51C
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 44415975C530B4662F43F183A6EFBE62
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: FB5DE21D301BF32CEEC50A2F1762FBF5
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 79C47B74305FF1862C638742CF44FEB4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 7E723FD6A120B87429713600B9F7DF65
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 72318D0C9417B1AA579D2BEEC91AAE77
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 593A1891C8BF78D906D08092064F2750
Requests: 3 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 6F843F67C8EC776F652924795C58B237
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C263E7044B10BCBA0F7E2D22165D7D4A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DB9F96C44D35CDF76EBE4F4AA1C9861F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9A63AD0B3EB2C3FE96C698805D5F0C0E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 1389838E0876C31613DF188233A87C76
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 11F421F82C6805613D715FD21812E5C7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: DD2D687F0AC431DBEE5D6E7D9119B57F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 91720E3B15936A6861A96301C951DF10
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 6B2EE57BB22C62D2A8D0BFE11BB45F94
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 0C8482967ECA7AA5B7468627CA01DCE2
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 29D825C5786E627F04A9C8A3B70BBFA2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5CFE8D8DF3753AE89C213179285B5C7A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/509efb107834a91cf8d12ea1bfdba5d?gdpr_consent=&gdpr=0
Frame ID: A3E611242B8FFE677441C9FB5CEB88E2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Frame ID: 7C2E594B6CA49F3D6F85B2BA81B6C433
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: E57574BFEA555E07B2FA15B71F17F677
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: AC22D224F7B8784E271F462F8B97283B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 303453624AB9082EA6663B8CAA483874
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 32315646B3D04223BB0A593DE5719894
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
Frame ID: C3BBE9D55D9B20A545209F9A1503FE59
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
Frame ID: 550C6C4CCDBF73560B912535FBB25526
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Frame ID: 70C8D5FADBF116EB6679001C6B851E64
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c2ad5238a415b687b1de22a4998cf8b9?gdpr_consent=&gdpr=0
Frame ID: 736A4A161627F446A11DDA5087D1BF88
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
Frame ID: B49B479F08B305B6F4D6AA99F8CC9429
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
Frame ID: AE6BB311A025033835EB3487D486902B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 58F1EB19930336E5513E99AF6F9B7E15
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 7F7B5C545363BBB617BFE9E2B5C49FE9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6450FDFD0EAB6982C1B68CCAADD2971D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 9CA23B6334936777FA606A75061B9BB7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
Frame ID: 93D74A6719EA695DC24E0EDAF6DC772A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
Frame ID: A368AE2DAC326C17EE527F53DE74DEBA
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
Frame ID: 92C60A70C1E5928C0D379557BAE2DEEF
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
Frame ID: 13CCD110E3449C1772B455650A7007F8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Frame ID: E03A525AA398685AEE2A729EA10848D2
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5&gdpr=0&gdpr_consent=
Frame ID: 1BCB212BA446F6873FC303C525D5F1E0
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 96C64C542A9E7D96CC0C068E795496CB
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 60E840602F38FC74CF590D285F07BD49
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6A021A3C35550A2DE94C1CDE8E8C115B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5&redir=true&gdpr=0&gdpr_consent=
Frame ID: 890C6AE08A1396509D0FB946C6D83DB8
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 3CB3CC9AD297C35B8E33E95DE5590AEA
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5
Frame ID: 83C45AA33E2D70C4174B65038F4E7140
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Frame ID: DB22EB864CDB17C04A2CEDBB14162C38
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 581D430B4841FAD48071BC81DD640D63
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 92A4647B0E71876A08BA0398402C73A3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: CA6CAA15894CF3919B9E9B23FD8F751E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Променливи на Python - Други

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

403
Requests

77 %
HTTPS

42 %
IPv6

64
Domains

104
Subdomains

64
IPs

9
Countries

6690 kB
Transfer

13560 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Request Chain 159
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
Request Chain 161
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Request Chain 163
  • https://gcdn.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1B283B5650ACC4901692DCBCAAAF2BE462DAB225.1C62665BF8B0878FB6C6BB36BF8481CE8C22BEA4/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7AFD14AF65E4BD7E163A81F90457BD0B783C464C.4DD5C9B4118D59D642706289EEEC7E2D7A853343/key/cms1/cms_redirect/yes/mh/9t/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1669121127/mv/m/mvi/2/pl/48/file/file.mp4
Request Chain 177
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiLiu7YASABMAE&v=APEucNV-a4AUfYtQ5mr5YWzGxNX-jecVDlUfxvADX4IlmhtNbfCLhaPVocBaGI0vO2QUYJzMAfq_ZJbmpCl2POwYOlAtKIVMog HTTP 302
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Request Chain 197
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
Request Chain 199
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Request Chain 226
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.myservername.com%2F&domain=bg.myservername.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nUCG83xUZnFNWjZtUGk1ZTVXZEdIUlVRUVlaN3ZvVzdYeHJ0T2VTZnVvT24xcWVYQnhUUWRmR0ZQNUwzWVB5VWNlNmdRb3EvOVlrUUc2WVZGQktWVytaRkRiNkUwZUhkQ2hXMS9lcHNHQjczOGI4QjlPMHp5Y05YaVZwTTJDVWNaaHpidGl3SVdOWTdzZU5DYXBMdGVyaG1kSFBmSVcreXFiU0RidlQyTXBQVEhqcWlpRzMrTi8rbnpyVXN1ODZ1NmwzcFpzQ2oyL0VPb016VityQ1hKQ3g1RjBpcW5oNUhybWdkVlFuMmZRbVVyam9XR2MwTVJzYWUzQ29tM2xBMmt4bW9lfA&cppv=2
Request Chain 251
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Request Chain 252
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Request Chain 254
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Request Chain 256
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 259
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Request Chain 260
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Request Chain 264
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 268
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 269
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Request Chain 272
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Request Chain 277
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Request Chain 279
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Request Chain 281
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 290
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 303
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 308
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 315
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/509efb107834a91cf8d12ea1bfdba5d?gdpr_consent=&gdpr=0
Request Chain 316
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKVmyChhXsAYaksPNOCIU7Y&google_cver=1
Request Chain 325
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAA%263285 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7316134a-82f7-49fd-b823-a9fcd5c3989e-tucta764b63
Request Chain 326
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
Request Chain 334
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2561957919951169474
Request Chain 335
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Request Chain 338
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A28F24CACBC24CB8BA085D47CFE9C012
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKVmyChhXsAYaksPNOCIU7Y&google_cver=1
Request Chain 345
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3zF4wAAAJmbRAAW
Request Chain 347
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dMBbtiHGCeZvxlThc5VB5yHAXOZvwl_ne8sfCnvK
Request Chain 351
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAA%263285 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=146e7e84-3751-47c3-afd5-32158c344c97-tucta764b63
Request Chain 360
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7A5AB9C818684A0FAA09A63DA1CAF896
Request Chain 362
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAA%263285 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1233ab46-d25e-4606-8c13-96f32bf5e657-tucta764b63
Request Chain 367
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
Request Chain 368
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
Request Chain 369
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Request Chain 372
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c2ad5238a415b687b1de22a4998cf8b9?gdpr_consent=&gdpr=0
Request Chain 375
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
Request Chain 376
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
Request Chain 382
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
Request Chain 383
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted

403 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request python-variables
bg.myservername.com/ 		33 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bde7e6eac49c6120dc33f6f75338e12e6facd693c689bf9ccbd6ffce9cd1a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76e1cc4b58786963-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGlqCUNOrF%2BI20fPa4i4XaYa%2Bu0dGXYua0RJD17t99RMVQHamycc3O0UTA%2F%2FtzBaQps2fbxUfEvX45HWf1ogBMxLz%2BBGVck6Tf%2BU868DEuGnUyUoYV4kZFal3AWc5t%2BteGIxoh6%2BeuMojim4AgIHAaKU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.css
myservername.com/template/css/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/css/bootstrap.css
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec83baa0b194ae558c23f5531c47685c6de4ee6dbe51699509304f580bd72b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-1ca41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXu6uWeJdRkkNYtqwi4zpmNlKv%2FDZqycmqGejp%2BL3uVyDd8hCSp3%2FcIoV5IadxXPKkXVRJEZRCzjd9sv3iwFuJ6P3t06SqESOMO43DEFtla6drnv1zTQMz2qhSt2yo70gihzkAAHZmGu%2FE%2Bm0gKP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
76e1cc4c4a2e6963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
style_003.css
myservername.com/template/css/ 		250 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/css/style_003.css
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab62d8b0ae889963b44dff563f60b4cb66952181088ad2b4df9d53b25ced055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2105700
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
server
cloudflare
etag
W/"605da555-3e7bc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw%2FRNrO8FZ0kfm0G4De7BT5KQXA%2BB2WOGG2jkyIVGqMQ1xddFJxpGZlK%2FG4r3VsaI%2FTI4qOSGtOuoSBjvtf3SPZC7xnwqRqToykooOGI7kDI8gCE%2B8fiukZLqwDkjroIRWCUGiZDoObfY%2F0rRrOT"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
76e1cc4c4a306963-FRA
expires
Mon, 28 Nov 2022 03:56:42 GMT
responsive.css
myservername.com/template/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/css/responsive.css
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8334aa94ef903881c5296ca8a5e9c228f1da74b9a3703ec443bc4fa4b7bb0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209173
etag
W/"605da555-58e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hXGCLceseTkcqT9gTvHLBTTgYn%2F9Iqd6QrollPq%2FfPh3NMocKzSwVZeBR7ZWZ3dTQOXjuZGyPgg0r2wplt8afQpUEqXAmThaDQN5itS3uyYPRxNyX%2F%2FvgUTwdKRlPdwy%2FSwbM5GioK5J3Dwbd8W"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
76e1cc4c4a326963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:58:49 GMT
custom.css
myservername.com/template/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/css/custom.css
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0d2b3a8ba91da9e90cee8fbd6d8c088a257435322c196951d5766ea1fc6018

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-6643"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgHbwBO%2BpYbJlx6EXY5VakM%2BWpE5YPTGbtTtX%2FHYzdKW73UfEV7z9AnzUdyNsiX%2B5UHMOCP95tzwmxBTkvHHGpnGV3akW5cPQnJ5AB9LBdJx1YiXkFKBCU8ly5JokD5%2FrsmAYcHqV1H9A36c3%2Bk2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
76e1cc4c4a336963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
jquery.js
myservername.com/template/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/jquery/jquery.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Nov 2021 09:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209896
etag
W/"618e3374-15d9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sUa9ix9fcW2a4fYY69zD6%2BVTdLB8g8%2FKQvGF7gSFxeMvXiJAipKfkizE0CwZg6NuCN8ohTmxXCscGpuNEe1YJHqLKyns9SkIuOuIzJRFdvJhBx6n60ahedLB01I283Ihhgty3ozVvI%2By0XrXPtv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4c4a346963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:46:46 GMT
/
dr6.biz/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dr6.biz/?te=he4tgmrwmm5ha3ddf42tamzz
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-30.ah-server.com
Software
nginx /
Resource Hash
5f8ba2be149506d78df30098dee1b7edffc9113aaa0ee7ef7ac000ad2f9686dc
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Nov 2022 12:51:42 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
plugin.min.js
get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/ 		268 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/plugin.min.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
248dd0d08d9f4daa47089ea8e4b5a81506be49de44dca3c5d15d55b891eb7674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 04:18:30 GMT
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 04:03:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
117193
etag
W/"047f7e74d3607248193d85125f112134"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=604800
x-amz-cf-id
5nrNPSaqV61m2Wu8g2-KX4Xf5rwnf1m9kF4KtSRJ3SSIpdczOXaeZA==
python-variables.png
myservername.com/img/other/39/ 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myservername.com/img/other/39/python-variables.png
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b20fb13f1112655e3dbb32430524f3f4a1001aa0f3d355a8ba471f941db36c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
302748
last-modified
Fri, 26 Mar 2021 09:11:51 GMT
server
cloudflare
etag
"605da557-49e9c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4Uxm5%2BJKtiZgJkWdfX3ACvHI9Y9FBgZGqGYFyZquHbEH3DEK29PVfNixMHhuCpH5UXWZIVofDUlE1xZY2Ieg2Jzm219n1bLCAew03Uo9XJkP2Sqc5yoD9UAugqFyS8ZTv4E0N6lHeYjbKrH6X5y"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76e1cc4cbb1e6963-FRA
expires
Thu, 22 Dec 2022 12:51:42 GMT
python-variables-2.png
myservername.com/img/other/39/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myservername.com/img/other/39/python-variables-2.png
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e188385e67eda41aae3e439eae475b4087e538357df07b4798a4479ef53c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13566
last-modified
Fri, 26 Mar 2021 09:11:51 GMT
server
cloudflare
etag
"605da557-34fe"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAphrJpWmfL%2FyjzgOHdNsthCKgQr6eYBIbUoJsrztiSvfUiZ4bEQPIOWbML6TKuxDUxv6F1alUUqrlhhJna%2FxhA%2B%2Fut3kd4CbHCKvzkCYCTG9tw3TjrN2Voyjt99DzQjd4wD9o9KBA4cKIH6vuMh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76e1cc4cbb216963-FRA
expires
Thu, 22 Dec 2022 12:51:42 GMT
python-variables-3.png
myservername.com/img/other/39/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myservername.com/img/other/39/python-variables-3.png
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ef8d5d7be6debb879e43bc8e484d66b8af550624647bb057785ee6118a528e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11058
last-modified
Fri, 26 Mar 2021 09:11:51 GMT
server
cloudflare
etag
"605da557-2b32"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqM%2FKAQMcFGcSErPfRe%2BdNto6gExUZzqZRVINBpalIpX%2FKNKiUKKmKwCn4xNN24FxvvYq91KLk9%2FeF0%2BG9FxXtEDc9KDiSo3%2FRUObA5vS6H8gFK9WNu42emD8DVDCzWvfVFbf%2FVBmsvAmNrDcCwG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76e1cc4cbb226963-FRA
expires
Thu, 22 Dec 2022 12:51:42 GMT
python-variables-4.png
myservername.com/img/other/39/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myservername.com/img/other/39/python-variables-4.png
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1fa04a8f70a33686dd8bf3957474625071252633530a9573cf29cf87ca2ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14806
last-modified
Fri, 26 Mar 2021 09:11:51 GMT
server
cloudflare
etag
"605da557-39d6"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQOqvPotdl%2Fppoe%2Fdaj310jjXyJ3uCCABy4Ofqo1bwf0cxRWm0yLNwzQP0sneaSp5sr7a9nUyHBn98Gpuzo0yisGgafId%2FT9P%2BUAocgx0ZTwwNUK1iCYVrM0Z0nD2MtmB94WdC6Xd32%2ByI4VfH%2F2"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76e1cc4ccb466963-FRA
expires
Thu, 22 Dec 2022 12:51:42 GMT
python-variables-5.png
myservername.com/img/other/39/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myservername.com/img/other/39/python-variables-5.png
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c16c6f415d87daa72af7f53a88b0062727d31b253e087ab9d6ac62bed6d5c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12260
last-modified
Fri, 26 Mar 2021 09:11:51 GMT
server
cloudflare
etag
"605da557-2fe4"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ryq93haxtQ9YYPUPTmB1g%2FJGnHtpWPXuRwq7pLoqsySVwMT6Wt867kbP4cH0Ye7W2AdPJodkJPV5rOcJe%2FjS3pM3aeBjme%2FP7w13w2Jp5b8xFYOW4xOQTJkybVOtkQHPtIuITQ6Wk%2FOfmQOJ0v65"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76e1cc4ccb4a6963-FRA
expires
Thu, 22 Dec 2022 12:51:42 GMT
jquery_006.js
myservername.com/template/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/jquery_006.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-17a69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKTZsDOgSzzH1hF1qRe%2BKE2Bess35gCDWsIJiZv9IUU3QO3PRJIddIcgskJvWm78FelUmoyLUbvzl6vqgrvJ2IQ8CA9JB%2B%2FWgJxpGJ6Aply1qUWApi9mf%2Fmam3MUdd3a7OlhDnUt3FQf3wD1eXly"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4c9ad66963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
jquery-migrate.js
myservername.com/template/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/jquery-migrate.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2101664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
server
cloudflare
etag
W/"605da555-2748"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6lGyrtzrNcBCMiPj2DEsvoPdPMhvyhKH0Y9Pc%2FBTVJAWOjRlseKyZdUar7MD3sEFSoLQEXKU%2BtoRjE76xF5SR8uhc8Pi%2BDvsvZ0ojR43DlfctPqWTSkoQRpku%2BYs6YdE9MV0fpmTNuYMvUHV9qw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
76e1cc4c9ae16963-FRA
expires
Mon, 28 Nov 2022 05:03:58 GMT
cart-fragments.js
myservername.com/template/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/cart-fragments.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-b7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uERLz0wkx1XZLmnazGuMApRpWAGBmVxTr3hVzvGoNCKiQfYFWWI3S1gOdLwUHiMuiWsn1Fh2ZOKNUaxo%2FNd8mP5meJtd6eKZks2mS7xFG3Rt%2FJQPNEp2XjihZ7pztXS31mQgFaZmzoKfCPDedCQH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4cbb0f6963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
core.js
myservername.com/template/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/core.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-fa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwM%2FRhBrFVHr%2FmSxnis7SZ8SaICfBckxMOFdtiYkDGpkoEMDRZZseqO3%2FNPUJkZUWGVWApJdomCpOcCb9WehyKhKzKOIAmxvnZkl8p0yYwnfY0iu0O1pRFvVITrwNSx7MIHFZoiTxjxjzLuaDx4J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4cbb146963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
bootstrap.js
myservername.com/template/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/bootstrap.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-8c6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mx33Ey2w%2BrAhS2pmWEeWuxSTjVC2xIkU%2FBsMAwEEqnhGeofs2IuUb2MVSPU0PXkRehDHKstJXBj5YDmWfD89%2BMsopvBWJ8Q8qM9pUkTHkkte4KqSByIpWD6JHF3gG3WBc9b%2Bmv6x3ZcPJuc5njR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4cbb176963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
appear.js
myservername.com/template/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/appear.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fb2235bcf84086a9b939ae509ecacc01bb31c68ba94e6473e31d8adebec3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-111b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuNpeKq52LoAUO%2B2urFTKYqsIn5NTTUKqinoQY0B5VMAdSOUWuKZDYceSzen%2BdkjU2RpX6cQh3hZLl7nzvOKIahf98amvSRUO4nqw7oguuRemrn2WjtI7d9Z1x8Ap%2FMcZRVXzBJmn0HTmM4Ze71Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4cbb196963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
mixitup.js
myservername.com/template/js/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/mixitup.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1288abb45b62709defec307fb4668ece7b0259d02b4a6770da169867b29258cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2223991
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
server
cloudflare
etag
W/"605da555-cc00"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qazJrpWTupG8bQe0xkXFw8vZlSl9I0mXOTJEvVKF2yLSZfGaYqycFghSsmGDSwj9SG1syMRwwL8G%2FkkXorGBogUN6zNp4gUr7YcZlVSeTbo%2FtCoRnmEp0877XAQiALZ2HDXNT8azHNYUjjbOvbv"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
76e1cc4cbb1a6963-FRA
expires
Sat, 26 Nov 2022 19:05:11 GMT
script.js
myservername.com/template/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/script.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8de76334c98a4b4b307b47f0d003644eb595e51c92ff13fff8e7e898c4daefb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-25ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIs7EBlOtOstbRZxSWo91y3C%2FvK8j25pk%2FmxBE3I6SkOdHTdwZy45VnfYCizWYM6pzrOHrDjbqs0qE0A1F3OeamxqF8rjTE%2BMDI8YvXfBFoOqG7G8qKue%2B64cQ96a6jtXjpPmSZ%2FvmmSCDotLVCa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4cbb1c6963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
wp-embed.js
myservername.com/template/js/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://myservername.com/template/js/wp-embed.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1209683
etag
W/"605da555-57b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPktEsJ4BCOpmnUvzHdHCZqVEJZVrXv1r1lEiEpmFbBlxx55POmPDQIIX0xnPmx%2FRAca671M7f1Xt571cTU0xu85Jtf5ogwRg%2BlYTIyMCJ9Qf6UJFFobMdPXDDFqCc%2F4XMB6YkbZoblE94zyWqKx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
76e1cc4cbb1d6963-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Dec 2022 12:50:19 GMT
192355X1673064.skimlinks.js
s.skimresources.com/js/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/192355X1673064.skimlinks.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
76719659b156de545b0d1fb5813865e84b01ac838ce4412be754b7d809865d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 08:54:28 GMT
server
AmazonS3
x-amz-request-id
A4SM9GME2P44CVTW
etag
"067ae0602306a6f90227ea58378a6b24"
x-hw
1669121502.cds148.am5.hn,1669121502.cds318.am5.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20715
x-amz-id-2
0oYCcRlhz6OqRB9ym7rfAEizVmZev9pgRqVDt8YiKRskIunZq79lbfPO92ZgGABQMRBj/bUGACU=
10.jpg
myservername.com/template/img/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myservername.com/template/img/10.jpg
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dfa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46800165b1bce9569cd7af80cb43c7298ecc92f6744a773d1745d682dfc9435d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2105933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138293
last-modified
Fri, 26 Mar 2021 09:11:49 GMT
server
cloudflare
etag
"605da555-21c35"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65fze3g5y2aoEmPrasiixBnrqfsyLvhk3aqQVToTZ47c7HOJHX3%2FNBw%2BjJEvdJxy%2FZkLPX5cnXhZ1XYC3wBA5HKpqwJUqExcBo7Ep606ON1h%2Ba8gKg3XH2ui3Qf1c%2B3oY18xKuI7yMztlYiuN24F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
76e1cc4ccb4c6963-FRA
expires
Mon, 28 Nov 2022 03:52:49 GMT
eTQEHBLLZSo
www.youtube.com/embed/ Frame BE13 		68 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/eTQEHBLLZSo
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e167fe07dc48a205384ef7cfa00f4657f4949f3e4ec475cb6e61c501729ad40b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
/
r.skimresources.com/api/ 		176 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1673064.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
b79f323b056d30f93911178d2704632e5c8faf8faab76ff3a129645af7f75b9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame C740 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.04474175528988433
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=3.160563261709573
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 22 Nov 2022 12:51:42 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=3.160563261709573
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 22 Nov 2022 12:51:42 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
page
t.skimresources.com/api/v2/ 		22 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1673064.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.3 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:42 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.3
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://bg.myservername.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www-player.css
www.youtube.com/s/player/041a7965/ Frame BE13 		359 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/041a7965/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499bda4efe28fc6e3441c0195e6fb713cc51aeef116b61b4b44a1b84ee484a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:00:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
420648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49809
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 01:17:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Nov 2023 16:00:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE13 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 11:55:05 GMT
x-content-type-options
nosniff
age
348997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 11:55:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE13 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 22:21:19 GMT
x-content-type-options
nosniff
age
52223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 22:21:19 GMT
www-embed-player.js
www.youtube.com/s/player/041a7965/www-embed-player.vflset/ Frame BE13 		311 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/041a7965/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ef2b98cb55c9adb5452594b240aea84e7cc74a73cfc6c4234ffe4a0aa31ee2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 09:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
12393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98927
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 01:17:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Nov 2023 09:25:09 GMT
base.js
www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/ Frame BE13 		2 MB
579 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94e813281a8959bd1b0f32940a22c5e40e73e536171bb4d0f0d864d9f01f79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
420616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592891
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 01:17:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Nov 2023 16:01:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/041a7965/fetch-polyfill.vflset/ Frame BE13 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/041a7965/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 07:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 01:17:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Nov 2023 07:23:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1399 / 408 of 1000 / last-modified: 1669118838"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 12:51:42 GMT
prebid7.11.1.js
get.optad360.io/sf/ 		498 KB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.11.1.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:a400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
738df72872e3ed1d49b341eea918207efa339548a71f5a1e086eb1ee2d346fa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:57:28 GMT
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 05:12:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
3466455
etag
"7cb55d774e623c3e166bda0a818df497"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
accept-ranges
bytes
content-length
510412
x-amz-cf-id
M50MpFq7Wxl5KjU1FWlPPw11SA_OBqEzOCcZjV6hysyfkJs8i2oXOA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221122
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da0fe4dbc7641c2431d0a9559f190e3472dee21c4f2e24bcbd2bc143419dc7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35442
x-jsd-version
1.0.1531
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4543-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-hQ4fRIJVsyvvzCIJAYWx//oyR6s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFC4He5Fyv7aJJ7g12KcNgwXIVyDmsRaDARKFCXcBXb9Uwqa18yOeZqSro2AO2rV%2FZ2ckkozNpxy%2Bnxr0SgVUkOHMm4ldL5xnF%2FBpUzBxbXCtPimewpfsZhRldol7Q8T%2BLNtPEuThiDW7zQQLz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76e1cc4f3a018fef-FRA
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 11:51:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		80 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.myservername.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e1e5acb357ba33f0bf26b25269f111c4a194875f409427d3a6d0a1e9884298e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:42 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BE13
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bffdd9e1987dbd921a563bad08266af14158611c0191da747de6e20b696ca188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Nov 2022 12:51:42 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BE13 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:50:09 GMT
x-content-type-options
nosniff
age
93
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 13:05:09 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 22 Nov 2022 12:51:42 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE13 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c74f7be205f204f8f46fa2472420c59b0da48d7a9e9c520533246e78964087d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30902
x-xss-protection
0
remote.js
www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/ Frame BE13 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2d9a3ed11b2bd5dfe77bf5f95b233fef6e2f698a63aeffd64b89bb5faaac4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:01:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
420596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37334
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 01:17:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Nov 2023 16:01:46 GMT
98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
www.google.com/js/th/ Frame BE13 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 17:13:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
589072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 17:13:50 GMT
embed.js
www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/ Frame BE13 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92357b9a0aa62f687c88e3fdbdb36267b5b58d0c0b6c6c91537ef5c8170509f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 16:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
420616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8292
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 01:17:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Nov 2023 16:01:26 GMT
truncated
/ Frame BE13 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_vanjF30M7zzx3D1o25vndkU9jJ8-Y4vZQKSy4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BE13 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_vanjF30M7zzx3D1o25vndkU9jJ8-Y4vZQKSy4=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ef0395f9441ea71f97b18131658805c958fe9e2eaac50c017903bb792a62eb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:20:34 GMT
x-content-type-options
nosniff
age
1868
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2596
x-xss-protection
0
server
fife
etag
"v5d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 04 Nov 2022 12:04:41 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/eTQEHBLLZSo/ Frame BE13 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/eTQEHBLLZSo/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdea74180d26dc1b3d75468e12623b7486894a6ab04a87d58f185883288f5377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:42 GMT
x-content-type-options
nosniff
server
sffe
etag
"1542079159"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21240
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 22 Nov 2022 14:51:42 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BE13 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:51:43 GMT
generate_204
www.youtube.com/ Frame BE13 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?XJoc2Q
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/eTQEHBLLZSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/107/ Frame BE13 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/107/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 14:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 22 Nov 2022 14:23:03 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BE13 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2da4b1994f06778b13d4abc5bf2de60917e4d02dcfa6f8f408d0edb8f273fbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 22 Nov 2022 12:51:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 20:55:50 GMT
content-encoding
gzip
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
57354
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
x3X7x_y-aTzjp5GCakcC31MbejRQNo94w8aCNjvXNT6CqqWRWBlGnA==
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76e1cc554e908fd6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ 		19 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:43 GMT
AN-X-Request-Uuid
e916f4a1-88d6-42cc-b217-020553130c2b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://bg.myservername.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pbjs
useast.quantumdex.io/auction/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
x-reason
[Inventory] site.domain not match RootDomain, myservername.com != celebs-now.com
access-control-allow-origin
https://bg.myservername.com
access-control-allow-credentials
true
cf-ray
76e1cc5558b59960-FRA
content-length
0
openrtb
adx.adform.net/adx/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
78a9cbebc3deaeab89cab5ea460a22eecce4220d859075dcae1a88162151dfd5

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:43 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
400b8d72b56505c55e97d9913fc137b3827ec074bd8d932a1c5f959aaea2ce6e

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:43 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76e1cc554e9d8fd6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
pbjs
useast.quantumdex.io/auction/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
x-reason
[Inventory] site.domain not match RootDomain, myservername.com != celebs-now.com
access-control-allow-origin
https://bg.myservername.com
access-control-allow-credentials
true
cf-ray
76e1cc5558c39960-FRA
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		19 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:43 GMT
AN-X-Request-Uuid
a3e46814-6694-43cc-a27f-121c3ed402da
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://bg.myservername.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b67cb337c60215354ad1653ef0966ae9dbe3f66f48a185b98f4c40965793f4e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:43 GMT
AN-X-Request-Uuid
8e37d3fc-c4cc-4428-99b6-7b4c00332b47
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://bg.myservername.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:43 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
673486783ffd15dcb2c51776d987b8e2d78d055b194ef793474e4be272af5749

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:43 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
pbjs
useast.quantumdex.io/auction/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
x-reason
[Inventory] site.domain not match RootDomain, myservername.com != celebs-now.com
access-control-allow-origin
https://bg.myservername.com
access-control-allow-credentials
true
cf-ray
76e1cc5558cc9960-FRA
content-length
0
/
prebid.smilewanted.com/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76e1cc554ea98fd6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 20:55:50 GMT
content-encoding
gzip
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
57354
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
qIQkLJUb5x3QZzqdNqhH-dzXB84-Y0YIA81nqv2gucXj_DXjh3Pskg==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bg.myservername.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bg.myservername.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=229395060915010&correlator=1544146750901182&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x300&ifi=1&adks=1934452679&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669121503833&lmt=1669121503&dlt=1669121502108&idt=814&adxs=436&adys=375&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=319007038.1669121504&ga_sid=1669121504&ga_hid=1646961099&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef4ee30915ea1accde39633ca1a2f3ebcc33d6282ddb0efd5353d272ba466b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25715
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffff2578214cc2fef6288422331587083772da579b9f9803d5dfae593cdb0769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11065
x-xss-protection
0
container.html
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:43 GMT
expires
Wed, 22 Nov 2023 12:51:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		75 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=229395060915010&correlator=1544146750901182&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=2&adks=2275568123&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669121503851&lmt=1669121503&dlt=1669121502108&idt=814&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=319007038.1669121504&ga_sid=1669121504&ga_hid=1646961099&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
818081def32fcfa433f929ba5c0fb9efc55ea250d24633a8442fd6b4398c94dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36084
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.php
video.onnetwork.tv/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.onnetwork.tv/embed.php?ext=optad
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.186.68 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-e.of.pl
Software
XO.webservant /
Resource Hash
c86c6fe111a5d2f7cf14ed2e499cafb8223c34d130d6390d02d84900e616005d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 22 Nov 2022 12:51:43 GMT
last-modified
Tue, 22 Nov 2022 12:51:42 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-type
text/javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
content-length
785
expires
Tue, 22 Nov 2022 12:51:42 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		569 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=229395060915010&correlator=1544146750901182&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_BTF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x300%7C1280x300&ifi=3&adks=404350375&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669121503862&lmt=1669121503&dlt=1669121502108&idt=814&adxs=436&adys=4803&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=319007038.1669121504&ga_sid=1669121504&ga_hid=1646961099&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cfe0144a5c5ad6bfbd714ca46ff7de987aaf77363db7dafd53f78d173bd2bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
280
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
intersection-observer.min.js
cdn.onnetwork.tv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/intersection-observer.min.js
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
09ae8405880ebeaf9667d888f96dd4b0cc0c78f31a531c0105e56699c487609d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 01 Jul 2018 06:29:42 GMT
server
XO.webservantpro
etag
W/"5b3874d6-2717"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
embed.min.js
cdn.onnetwork.tv/js/player90/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
6586eaf0530229f63e295f9c912a7383185e6c0391ec9784b9202563a9c0fafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.myservername.com/
Origin
https://bg.myservername.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 18 Nov 2022 16:02:15 GMT
server
XO.webservantpro
etag
W/"6377ac87-11782"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/bbb1f355-0e06-48bc-a443-2fda8234fb0f/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 20:55:50 GMT
content-encoding
gzip
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
57355
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
By00Y-pKtSkZdxt7s-qqpFruY3kPxhTnSouMhul6R9vsoEfJJve-Qg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:51:44 GMT
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
76e1cc584d3d8fd6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS
ip155.ip-54-36-238.eu
Software
/
Resource Hash
d6b1eda5cd7ad0242374b3c718dc97a5dce39e3e5a121f47fc102f7cc32ab56a

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:44 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7b860f244b6e3a35ed0f1e73bc69199af38f2175238805f4da7f2104a2acd2b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:44 GMT
AN-X-Request-Uuid
ae14f02b-ba82-47ed-80a0-9bce36612b6e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://bg.myservername.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://bg.myservername.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.myservername.com
date
Tue, 22 Nov 2022 12:51:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
x-reason
[Inventory] site.domain not match RootDomain, myservername.com != celebs-now.com
access-control-allow-origin
https://bg.myservername.com
access-control-allow-credentials
true
cf-ray
76e1cc5858d89960-FRA
content-length
0
openrtb
adx.adform.net/adx/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
embedOptAd.min.js
cdn.onnetwork.tv/js/player90/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1668787335
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
6db6bf98c01ec6763de137f85905b9a434fbab2c3e1a625c06710e1ab8546b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.myservername.com/
Origin
https://bg.myservername.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 18 Nov 2022 16:02:15 GMT
server
XO.webservantpro
etag
W/"6377ac87-581e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
frame86.php
video.onnetwork.tv/ 		18 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.onnetwork.tv/frame86.php?id=ffONNP335a10f78ffd183ac39b8283ad0cf30716691215040821&iid=1669121504082&e=1&ap=4&map=1&umum=1&naa=1&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=919027&dpb=1&onnwid=9074&wtop=https%253A%252F%252Fbg.myservername.com%252Fpython-variables&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP335a10f78ffd183ac39b8283ad0cf3071669121504081&rrpt=%7B%22CxSegments%22%3Anull%7D
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.186.68 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-e.of.pl
Software
XO.webservant /
Resource Hash
27c90db68ab465cdf6030651ec87d5c0271c1b4613b184f8129b4888a706ce88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 22 Nov 2022 12:51:44 GMT
last-modified
Tue, 22 Nov 2022 12:51:44 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://bg.myservername.com
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
access-control-allow-credentials
true
content-length
5874
expires
Tue, 22 Nov 2022 12:51:45 GMT
branding-video-negative.svg
optad360.mgr.consensu.org/icons/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-video-negative.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7260b4a4163f2e458b462ed77194205e12e7d8352f0ec3cb2e4d1475f7419a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:45:26 GMT
content-encoding
gzip
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:05:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
21978
etag
W/"4ccbac335fa4fcdf4c526588ec6a6bc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
tepl9fdqnihRKrjIuGrMv_YJcAPu0933CkSxDOpb5VhN7WlmccaQ-w==
a_cntg.png
cdn.onnetwork.tv/cnt/ 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1669121504091&d=9074&wsc=00&typ=embed&mobile=0&c=40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:44 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7150 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:24:34 GMT
expires
Wed, 22 Nov 2023 12:24:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F840 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e55e1f8c5d849cc9ddae90973b23e41fcdd01059cf2dfa853d571e84083c7e68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EVbAC3dKMEHgf_bn4Zx91w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-EVbAC3dKMEHgf_bn4Zx91w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:44 GMT
expires
Tue, 22 Nov 2022 12:51:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
player86.css
cdn.onnetwork.tv/css/ Frame 0016 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/css/player86.css?s=1665422390
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
8acdbf48bb75598f25ffbecc49f8b6739391d238824f214923fceefcdc7a58dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 17:19:50 GMT
server
XO.webservantpro
etag
W/"63445436-b05f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
player_utils.min.js
cdn.onnetwork.tv/js/player86/ Frame 0016 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player86/player_utils.min.js?s=1669023230
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
b42cdce8a41bd8076fdd464a537ad64ad3f25a2ce0c8fc0e91abe2756d6ee970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 09:33:50 GMT
server
XO.webservantpro
etag
W/"637b45fe-2c6a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
adblock_notify.js
cdn.onnetwork.tv/js/ Frame 0016 		134 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/adblock_notify.js?s=1669121504
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
634c7a6099396c9382029aa927edfc1e84583592d97a96fa6dd2fe8d7a0c2602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 24 Sep 2022 20:52:18 GMT
server
XO.webservantpro
etag
W/"632f6e02-86"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ Frame 0016 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2045df563a0ae14e3f89f2f266402061263c40c6cde260cc78be918e8133c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30954
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 19:01:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Tue, 22 Nov 2022 13:06:38 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0016 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:44 GMT
hls.min.js
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/ Frame 0016 		315 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13148189
x-jsd-version
1.1.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19161-FRA, cache-itm18831-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uktmg%2BjYPr%2FJKGZ%2BSGL748KgmeITMQQz9CLUhRt1Rtb9pz%2BUZgu%2BwhOawHf4RJZ4wEyxku2XShQYG6FeD3EzN066VNyCy9CIisQCVm0uPn4BdaMenN%2BmD6hzakmjsWmi6ZqkFfFvjYFa96qrOw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
76e1cc58fb4cbbad-FRA
player.min.js
cdn.onnetwork.tv/js/player86/ Frame 0016 		316 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player86/player.min.js?s=1669023230
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1668787335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
cd06e8ab3e45dddb6a12b7ba6ff41976475d0348dc32f499543a5a3608ec4a0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 09:33:50 GMT
server
XO.webservantpro
etag
W/"637b45fe-4f065"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bg.myservername.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bg.myservername.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=229395060915010&correlator=1544146750901182&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_am_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C360x300%7C580x200&ifi=4&adks=4285498638&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669121504187&lmt=1669121504&dlt=1669121502108&idt=814&adxs=435&adys=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&frm=20&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=1600&ga_vid=319007038.1669121504&ga_sid=1669121504&ga_hid=1646961099&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34bdfba59f44e9fccb3d69196b037528d891aca76fd2a3ebc84a7d6405a88b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8626
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F840 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=229395060915010&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 7150 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 10:41:27 GMT
container.html
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CD3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:43 GMT
expires
Wed, 22 Nov 2023 12:51:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 3CD3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
7818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:26 GMT
css
fonts.googleapis.com/ Frame 3CD3 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 11:18:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Nov 2022 12:51:44 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 3CD3 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 10:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 10:02:14 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 3CD3 		388 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 10:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 10:02:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3CD3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
general.css
cdn.onnetwork.tv/css/websites/optad/ Frame 0016 		616 B
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/css/websites/optad/general.css
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.min.js?s=1669023230
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 07:49:33 GMT
server
XO.webservantpro
etag
W/"6240170d-268"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Sat, 10 Jun 2023 12:51:44 GMT
analytics.js
www.google-analytics.com/ Frame 0016 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player.min.js?s=1669023230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 11:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5750
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 22 Nov 2022 13:15:54 GMT
bridge3.546.0_en.html
imasdk.googleapis.com/js/core/ Frame D690 		690 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
537715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226628
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:29:49 GMT
expires
Thu, 16 Nov 2023 07:29:49 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 0016 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 12:51:44 GMT
bridge3.546.0_en.html
imasdk.googleapis.com/js/core/ Frame 5B0F 		690 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
537715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226628
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:29:49 GMT
expires
Thu, 16 Nov 2023 07:29:49 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
919027_5m.jpg
cdnt.onnetwork.tv/poster/9/1/ Frame 0016 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnt.onnetwork.tv/poster/9/1/919027_5m.jpg
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
37cb31effe0fa7997e40575b2d239b9fd99fa789fa7f4a9e16cd8c55cb86163c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 17 Nov 2022 10:35:17 GMT
server
XO.webservantpro
etag
"63760e65-28d8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=17280000
accept-ranges
bytes
content-length
10456
expires
Sat, 10 Jun 2023 12:51:44 GMT
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1669121504466&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:44 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntm.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1669121504477&i=919027&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:44 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntd.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntd.png?ts=1669121504478&mobile=0&plc=1&time=15&website=9074
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:44 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
black2.mp4
cdn.onnetwork.tv/img/ Frame 0016 		2 KB
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/img/black2.mp4
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.myservername.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

pragma
public
date
Tue, 22 Nov 2022 12:51:44 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Nov 2022 12:58:10 GMT
server
XO.webservantpro
etag
"63738ce2-8be"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2237/2238
cache-control
max-age=17280000, public
Content-Length
2238
expires
Sat, 10 Jun 2023 12:51:44 GMT
collect
www.google-analytics.com/j/ Frame 0016 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=862623483&t=pageview&_s=1&dl=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&dp=%2Fab%2Foptad360_com&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=480x270&je=0&_u=IGhAAEABAAAAACAAsD~&jid=2066645239&gjid=1832753732&cid=1999299244.1669121505&tid=UA-135184183-1&_gid=980195933.1669121505&_r=1&_slc=1&z=8992518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7150 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EEZihw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
stats.g.doubleclick.net/j/ Frame 0016 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135184183-1&cid=1999299244.1669121505&jid=2066645239&gjid=1832753732&_gid=980195933.1669121505&_u=IGhAAEAAAAAAACAAsD~&z=1870234098
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 22 Nov 2022 12:51:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 555E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:43 GMT
expires
Wed, 22 Nov 2023 12:51:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 3CD3 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~las7ujoh&c=4307200722041&slotId=2153600361020.5&qqid=COr4zpLqwfsCFSDTEQgdJlMCTA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CD3 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:36:30 GMT
x-content-type-options
nosniff
age
62114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 19:36:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CD3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
72412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3CD3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
407369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cmlf238V8Y6qNN6Cmx_APpqaJ4ATmo6yxbbyS367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQJatHDEajSxPqgDAcgDmwSqBMACT9B6BGDnuxeFTAeAJSQtfDKHxU95FsJZ6ZfXlyXfTroJjW33N9wr4ZI32VDJNefEy5IAa-rZi_jCfyiAdDkLmIo1s1HHgX8qRo_ydY6YPq4pI8Xt-1yr5j1uvxJYrbZeGGOMcHohsOCaCgqnUJw0F6yWmWzvp5oa5pA8TormGmsy-4E-MY4qyuMtTMkFsHwQuRk0j41VYoU_MtsaLFlAkVAO5Rkto5ddk9BW1ez5PdO20L3gdPxhGyMUoTKEWUeyooK9QUlRUjZ6aTMCw-F-tnQIKNTkZEOu5dCHQ5_agv2wD5OvNp-VHLzF1yJS01g1V18pUxRz-Wnkxt9GqV2eG8ZNv6R5MRgLYEhp0cwJ8HZPnzZW_0LemgypaRpcNhu98v3fa-ENNDQ_gjCWWmIwnOpVs-j6-qlkbl0J1_w2F1jABIiqyoKRBOAEA5AGAaAGdoAHjIfVxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgPICwHgCwGADAGwE-mOlxHIE4H0neAD2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1669121504844&ai=Cmlf238V8Y6qNN6Cmx_APpqaJ4ATmo6yxbbyS367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQJatHDEajSxPqgDAcgDmwSqBMACT9B6BGDnuxeFTAeAJSQtfDKHxU95FsJZ6ZfXlyXfTroJjW33N9wr4ZI32VDJNefEy5IAa-rZi_jCfyiAdDkLmIo1s1HHgX8qRo_ydY6YPq4pI8Xt-1yr5j1uvxJYrbZeGGOMcHohsOCaCgqnUJw0F6yWmWzvp5oa5pA8TormGmsy-4E-MY4qyuMtTMkFsHwQuRk0j41VYoU_MtsaLFlAkVAO5Rkto5ddk9BW1ez5PdO20L3gdPxhGyMUoTKEWUeyooK9QUlRUjZ6aTMCw-F-tnQIKNTkZEOu5dCHQ5_agv2wD5OvNp-VHLzF1yJS01g1V18pUxRz-Wnkxt9GqV2eG8ZNv6R5MRgLYEhp0cwJ8HZPnzZW_0LemgypaRpcNhu98v3fa-ENNDQ_gjCWWmIwnOpVs-j6-qlkbl0J1_w2F1jABIiqyoKRBOAEA5AGAaAGdoAHjIfVxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgPICwHgCwGADAGwE-mOlxHIE4H0neAD2BMKiBQC2BQB0BUB-BYBgBcB
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 3CD3 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bx2sPeQIsiXiXJ6GwwGakz5JmxYa-jfD7JLA5V4o-KAnCJuQqKXqNrBFiRWZpQR-3mCHXHrXRmkjw66HEYj4wAIZlMmA&cry=1&dbm_d=AKAmf-ChPpDnmPMD6cE1ikW_jwAraeD67RAYruDs5LhwkECNlGQQQOh598AvhgpjYPj4BpQ4WDFbyCNgHxsRWAFjAmaPaplnjY6Zhw9-Uy3kAQkkhDJ2aYToQdLKq4sO9OhZDpjQ98G_L4hyKb_w-AdSEcKR41rUu8KioJNDMDbzzsURbCJZcDH5uZAT5W6h0QvPGhmUTS4IoGJ_rAcDFX3hvJ24yws8lqWQGIQhxQFBN8jpEncpCZEv8ebueJIQGp4DIioH6fb2F4gZj7JZmdlaUucO9FaJBEk_Wt8Da_6d5q51Tx7GnZzPBmTWqYmnYuCKFqEEp_jWartfYj69M1nORkpSmKC4XhjhmuG_t9hURA7DJ9VyHkQIzQWnGwndwXJUJmSwM1f3uI_j0xDHwR1_XWsOWyC_gD0QXVxCo8qxhcK_2Vidae2wulFTm6NDZnsCOimSD5bp1bS_3QxYVbSiP79mdaAWrB2ZtnWCVYlOrILSlh6YLlwyVcF1fBnjfkwcdvctbYIqM2BQfplYZuUMcTSTWxvui74XfvSROMVQIc89x45lNuyNwix8m7Qx0gr-K_EsheEN7jGq02NOIhebOb14osdpPcdTKq8wjB_6uZa9qJEZZr1rD88-tvbA4eXyGEk09EKz09hGumJAAic5VUGiKkrIiZLHfnUiaEPeXOfpK03iXZGd8lTHcIOoShMWaGw4CITZlS5P1s2_Jgx8R20J-YbXgRKV6COY_2FX5mF2BQgnabmdiFO590p-9ENi7NAy4hBUBQ2TfZAuVQ2qDemMg5jpMaeijnBotwCxGQESyigDp1oX6R2blcgWtHIWFeIE0SjUU9KFiWaB43Q1cf-WfM-hSigeRlGuQmlt9ACN8JhBq5BEC2tJbswRoMDC1rn50kalslxZzJ_md4-qc0qXboegkWRraESGOQuvwiREkUEr0eBNekpRGHOREc6xEIxDEXUCZaOM9p7RDaO30uT7e66LYzIdjRF7ZnBfcRbu-SqvwxlTxghVzi4FixS0XNmguTysP14mUeagB5N7Yy2m8uN8TRi4DFjHkCgwlbTX_aWDtd8QupK-FKSQgzmWQKYRZV_JcpAFqFkHatJrAfEY4q13ch0cSpMl1HJwtvvlrb1CRf0aPPe-a32f6n5ZZGkhanZ-ogqPSjUJ92mrL78XOW28hFByfv_LnTENlAiroAJT6rFkSGTlRJbx4o4QPsHfYDCtDb3xcRWnrsAfEPZYRv-YPstpV6bQqzhLw-dnS34ig_9YnYXBhzQPDNMvfOyfjdb6HyYWIsjTlSdJzq7-KxmxJ6QkrCIy9mu9oZzMynkb_1sO5A9Fmwoq23QQvPmxMPN7zHRSm3XvdA5yehjdSHCc8DaEchYwXbPm6cSriUdqZWoMYZtt6sVG8NxPGIWhORnhWMr_f_H2Aa-z6JfRjHs1v948xus1Mnl5BU1bAOaXPaSRK6oQa-Oa45aIGyIe_jvjmD8iqgIGdJaZCpMNXQU008t8cetPjaQSmxlDtkhYQbu6fGewtTQiGTF8XERjd0MWrv60hg7GmpWxPYCEHltT9Gx5fQIyZUNRtOfA6MHdzE7YLKV2bBLqIPoRkGM5eB40s6uDffJeSOPj-a4TY-kWTiMPdU33VtDJGjOuTXkfSLwEPVAxheReMgOrauKWpBc8hhmqFRoA1C0U6TKIjChCaTmYIaWN-Auj8swlSIh5nXACFYy_7eyrBNPeWNbGTorI4LCaAbMwKl4xl3u8mA1w4PkBy4UmaGEmeZGmpEq4ybnJYf5KVgEMw0uAz3EenoWDB0TjLpvrN3i-_m6n53D7xkbe2jtWhzArnVb5aatQQYTUilb9Ae3tSF83_1SeAEQXvkGaEE_WFuF1Qq6lPs4hE2YA4naZeZ0YxicE8Z1VYevG85wkJ8spHqfdw4arAL4XIgG5WmgZfPce0GmcW70IWb7PjoJ9PzF-fqluE1Y_3Xzp-dnhaCynPv-YCAgHhymSpHrLotCbK8OEZs7jQ_iYxfiYNrwcTIN7b-F5EkanTHY8kuxHExr2Riw2aqGX_medGRiy5rJhrTh2rBvjOjyztR4SxgP4Zn5U-liMABtIkrcmyJtNop66oFDLtQXDNEkg0moSd4V8OvbsgAuYR_T502ii-lVdsj52PpX-dEGNHgN16mEwcwlcTcnismDPCK3LfnYuitEwjCUKZyRxj7o79Ea3z4TMouZlJBU_V0v9wnS-ePLP9VhkI46JqO4HwqK--NlGTnalZmVD9ObAuh6U5upP9bIBMx-gUdcZ3nHbFNzMVlmS46IF8MtUr42riaJxpQwS12jDO_LVKyvlWu2imS-CcrVb2a2vbYuse4N84nyi-MMJX21OVxe-7rfq8YJ-HIQEJ87nxZnZhGFX0_S7_BfX37aDQWPbu_XG_wRJ7AZsdoPOvu0U_XP_20ZSYb9cgc9AKbXiyMe7s_EIwdNngqYH9NiVVhZkFUf5qE3uSZD5kDsQ0n6-FPrlXF87zwfPMRS62r5qkBDN1hD_nu8GB0hhVITC8W4Sz-AOn3Ik1HPYlMqOSdpCv1YTlLEf0dbhvtGJAK_jq0qiTkz5QdRlSB1oe09f8OyZTirY8dbizsmp3G6iVT2haRvOnEdGqe8BAAXQSnJ4sZsOjyt2DAYP3fV4B5zY86di6kNQ9cCHy99Yy8xSk07FI4_ro15YaDktig-obkfl_rvubdLGKSC12V5oGwtExfgaHA6udsceAra8XTY9RyZdsavLYCD7oCwXORe_ASPUykJaFHI8DYTT0ApeRZHgqrvblebyPQHSpumCVpANvcz72JAqPnNsGulcTzTgTsN337zBf03HWWdENzLKplGeREMAz5mfu3HOEpyHsDHw5X79ViOzAvHXw9SIEX480K4R_EJJ2FDu4BEJS64TOWmZYJ45uaiehYvxdzaljgYplZKvSFG8mqoUrYSVNUOiZECbngp0zfRzHU5kMI9cI-cKjsx2PZp3krhO-jKvj0-tG40i3xKYz50uB4PN4SoV4czPTaJSblhkjvnoBkBMeljRNlF5iu3h4A96LZnNgiSVHiMp7NWQh-tRzeN5ArzN7z7_1ngE2JlXsKJiNevD5TIPPzsLZC4Ej9MNdq4_uRyovcrfEA1WusIKisX3RDhmKvfA71bWvyA316GM5R15ADYal8-unKqAve3c4wsom2K0H48-GEMEDs3d-ul_25VvmJC7B_4gm9lxZLFzQ5FaH0w2lzQzWeq-mjx8ANY7doTQ52j6NgDuCHHGGOl_4ROzp6pSh87Ke6CwfOcUdYWJKvC0bneuzMnHb7u1kVjLG1Cv84RaZCp1TJSo87W4qWak4hDRZCnOc7m5hH8xE1qRsfTzl2EnvTy0CMUeCFEKu06pas1TyTmBkEiYX5woyGyA-8lhiq6peUco1gUJXCPrQuqW5Cpw82ClD2AqTwQMcE76u4kJzSMED7JOatwXDEpGRZfgr6GA-99ei8LqTayhfy9MYE1kbmSVjjrQzxatxN05P5JiwcsROmYwMcmZk2gwYRYZNKh4NcOlA5rmvn7JkOfpOFkPa8JYx5fyTx_JpfwONFUMQ9PmWo9238wOvSOj0-I_xxFyfMqmzCO56BrIjmPG8cDD4iocmHl2kg94qC3MY0J2KMXVIEYWZASS5AqDUBBJ5KI76LmXSLvA4uhD_SU9T79DnegZ3KUjPQ6sryLqhfImmB32qC8pVMIEkT1DUxPsNT9aY_RnJBAj2KjGNInkThYxWt-NI5wjmhf1-tRhHIbaDArc5iHLe1nxRhg76-0ZRCUaCZiQl9HQro-6aYNFapd1lroBAaoaDpG9sPjJ6TOsKVasJzwU0txfM1MghYLMDRfxzwejKnuxOqIgSIpAUgBsBv3VYs4s--_EACE5B6vgWVwk86ORs5g3tWH7fdr-zO1CdjUYPMlh8HU51vanKN_-34WuJbAQAcoMz0vKqvZYclwvC-uQq5dez2oXccF3zCrIJ4Y7ED6uxkYLBWvq0rkW9dUzLUYh4lInO5Wrobg9aW2YnCFi8Lq-7QAqpjIqPrM40WmmmEzKrmsxxNbK4y8M4QQCSwytQCG-SB3XfUZjjXFpB0g7kknEivtxhdYrpRfmuEcLIOPUyb8brXvG7Jg1Xmwajaa-hgWns5ZbsXrNZFeiN89L46A17UEhVWJN_lX43LunifLnoj7pluyI6fl0J4H0XH9NLAUOJxwA0ljVIXg1O9hDXen3hAjdXA4vOwj6A3mN6bxhou7xS5s3vF57r2TZ-fDVGmHtVIz1ue9vNnpX_fEcf6WTMiMi8MSWXF6DXli4lMynsluHqIXAVShOi34hdEPGKY9r2qBbh4dD7iGxCOwPKdyIdCg2H34cdSaUoisf3qnTmOU4fKtmkY2NkZG64TuptYWITAEBgY-4PdYFaLrC8rABE1wXIQholpxfTjxNeupj2g&cid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6slEmlMrG16gNbKyYLE6CvKVKzwNQRtmRgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
cafe /
Resource Hash
c853fc314c8d0db14fb4f24ad25b2f798c88b0620d201555a70abd350dedfc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16803
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3CD3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuFhP38V8Y6qNN6Cmx_APpqaJ4ATmo6yxbbyS367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQJatHDEajSxPqgDAaoEwQJP0HoEYOe7F4VMB4AlJC18MofFT3kWwlnpl9eXJd9OugmNbfc33CvhkjfZUMk158TLkgBr6tmL-MJ_KIB0OQuYijWzUceBXyqPSkhuSlqtW1mOVrFAfQGOtOH_yQ-ptl5zY4xwAS2w4IYKCqeeYN8Us2PamewvGurl7f9LimrOnjF92bSyhKZKY9hPwwawfOW67DePjaBjcDwy2e8vrEOQUPvm7S6jl6iQJVXV7Aw-JrXQvRV3CWIbI-GC-oBYlX-Ws98KO2bKeChtE-KOn1ZWqUqo1alaS67t1JdDotW6_U2oMq4zHausvQbJL1I_eQhpvy9UlBM675ZOlhThaspAQfI2DUWsg5tZc8qlw0R7aMexMHdXazeCEsfBG9efM5_y9sya-RNanDSgMJpO8h6ay_24yvr0v98aUkRcYq3yvwXABIiqyoKRBOAEA4gF25Cd9z-SBQYIGxACGAGSBQsIIhADGAFI0r69AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjIfVxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDfwCMYi4ru2AHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAbAT6Y6XEcgTgfSd4APYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=uI9hfsAa1mE&uach_m=[UACH]&cid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6slEmlMrG16gNbKyYLE6CvKVKzwNQRtmRgBIBM&vt=10
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
truncated
/ Frame 3CD3 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77d2edcc7101dec47d0e29db67e1eb8aec21e09f15a55428bd2a6c4e979d2ef6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9B16 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhj5z4TaATAB&v=APEucNW2Ai-4--Gcr4vaaTcqJXGa5-2w7Li69WNMWVPQo55rfUKZZtCK3x_e3UhMsHM5pRK3FSqEE3nW5AXk2lYzT1nLfKlx0uRyq9aZTKtuuHSDY-7oSjSIzbBRdigUmkwdenYKVtfRouTBrkC_YUP4UQybokqDDMS9fXSW4jH8TRLmzSqPo1vrwJyXvoLFvsRdcZ2YFLYEWK1Yxi8R_3foN2hmGz8yxQ
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:44 GMT
expires
Tue, 22 Nov 2022 12:51:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 555E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
66938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 18:16:06 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 555E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
56383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 21:12:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 555E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvo5yM5wC77LARvv4k0j0ojGe_Z8x1fDV9tGlGKJmtMsGVXwPDcTaQpXAv8zVqjp5uXXJO3CQAWJ9M-b08S4amAc3hdoLXwrbhCTaymFP9t_1OVaxYHxNLI_EZ2-H2MCS5G27vRyNwpELlSWwL1X1tOY8zq6bWky7I8zvpu_U1gGvEbYbsa5yxa4qVjvbsQbvGDEr0xqCK0sm-wYeMzSabM3XMofus821MYqH3CRXusfA8yMIIvXY0OOQmdcYf_CAmWUdu4rFg6vPMDu2Zh3ZKc5yCtgcw5KZFAovalwC7fX82NbvfuHdGm_LGlG79_3qS2EpIuNFXKcvDBFB9JBkap2qcUdZ7VV0DKM-8YBifdWzXcOfpsJMD15vlTtRwZ8P__70hwWddhJCCbZV1UQVWqstJwdAnvL7itQPiDnHucMidlJ7PGlbP-sE29e97dX2xfsI7L_96fRNwR5yTf6cNplxQPbYK8Z0Q1Qy41i36KfhmhHp87z1ayr9gadS1n_pmXqkujszpiwJ_YlOjtvPcvvEIin-ntbn_DI_jmLw16UZMiFr9bI-kZcE_hPERIiJX17rlTTP0sf0IYs5NZjqWP_AnYl0QJT_TOAYwqRH2sPaQcxE6bdBKzM0YnKKIqFxlBtnwY5eKGeT8nru7I6BB_YPS9Rs3hoyoQFU72NNoX5grKvO7S8WbA25KkJs1FUNRsL0Psw6JvYQPZTqKiIEZ9H4_MB665hI6yn8e16awMfFrLh7RoyD2nAG9ubJK40VTtU41zbbnPa4Ofa0XIQp2Fn8CL6gB_nKJFbStuUP7aC1Xp72BfOwB74iB8KphS2ReJ_MSQreU6EVUcdoAL8jrLwuTLu9zOquRJ7IzFqaotE0FJ0FdGburjVc2J8JzTWvtInxULEBlkUIpGjjGTKV0xgr1sGilLTHx-0bO_Shl4PwAHPzTdagyoImuyEJWYbDMS86jI-5N6nZEnFZdmTI-nBZt-ww6ouz_AgQwYdrT0ziosuyHiddVN_XB3E13rKufkaG90SAEo-tpCFM0AxkGQQuO6OuE0moDRrwJ5nDx8gBKC1yzDGhCwf6ro744zvFbtpG1Xf-l5dYfe9Kv6d0g31YYi4xtmT5Ulentt4rbRM4ZxcqV7A-bt4DmZMkquaBN7rVnBSC7TCSEhGDvjus6_GIa0EqKKzuJVLPbzu7DtxBlhbMgfJL2STDV94CY7FJ9cEgV8ZMPl2ijVAK-xrOflurBllBN5ZYNhkFjJtQrQAhWwJKCIpypZaJhzX0Dj2cdwSxS5-vPNE19_pD5HVCXwRefoH95iV0G5_eCc01h&sai=AMfl-YQEFs9aa_IjzEJreElYNgns-53yy_wjie4aIAGF11DAJs0Cn_ahBdWXe8TC9mMKvdiYHLMCZWgxmYDbFj47_nCTc6mrs7x8x7Nw3SNFTFgSsq7yFborZ4PoZ-TZFF9JXL6ex9RTAfGwRo2WJ5HFQ6eKQHpBGN7J5p6c9wSRJ8Krd_weg1ADJJadGibvIBGalHVxE0wMHW125y41LLBFx86TOTlwYjsZ-vKVD5-RYxQZ1vTZ8QJVqA8hJtpFMxPe_vwOZyNcWrjSSLgnd6o-Q0AxZGVXpLVozOkr4lc70YOt6JpwP-6ed--yiFmF7OZ5WErXotHwMyR7NM9KlJVHVFWdu-VwblNyhfmYkCIvV6Z_Q1ae_Gj6Td6COEPxib8XV0UODsOnnOn_sI2I8mKAawdCKXQyKWlXbaDduqgJNQyfYu5dg1mqihPH4EOhbAF-2NebUb_OW3IxlouM74Innr8S_P6ycsPpHtJgriAVlA&sig=Cg0ArKJSzO91iLycDH5pEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.70445&arae=0&ftch=1&adurl=
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 555E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:06:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 555E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXEyoxo8ilpAc9wCp1CtxWSdIAFDsLwm9mmsXy3NMYQ19rwZY_CK0ECyoMH9LMxQD1VWaKz9V2ckHSGuPhvMnyWf3bJK-CaSfRxEeXOTZ_cYK5X6o
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 555E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
5343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:22:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 555E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 555E 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:51:44 GMT
17371530535795249840
s0.2mdn.net/simgad/ Frame 555E 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17371530535795249840
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be47b7517af9b2dca5ea4f135eba12a7145ef6857581e4c96998f8e39a34559c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 13:50:41 GMT
x-content-type-options
nosniff
age
255663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23446
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 12:27:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 13:50:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9442 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
348303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 12:06:41 GMT
expires
Sat, 18 Nov 2023 12:06:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9B16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhj5z4TaATAB&v=APEucNW2Ai-4--Gcr4vaaTcqJXGa5-2w7Li69WNMWVPQo55rfUKZZtCK3x_e3UhMsHM5pRK3FSqEE3nW5AXk2lYzT1nLfKlx0uRyq9aZTKtuuHSDY-7oSjSIzbBRdigUmkwdenYKVtfRouTBrkC_YUP4UQybokqDDMS9fXSW4jH8TRLmzSqPo1vrwJyXvoLFvsRdcZ2YFLYEWK1Yxi8R_3foN2hmGz8yxQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9B16
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhj5z4TaATAB&v=APEucNW2Ai-4--Gcr4vaaTcqJXGa5-2w7Li69WNMWVPQo55rfUKZZtCK3x_e3UhMsHM5pRK3FSqEE3nW5AXk2lYzT1nLfKlx0uRyq9aZTKtuuHSDY-7oSjSIzbBRdigUmkwdenYKVtfRouTBrkC_YUP4UQybokqDDMS9fXSW4jH8TRLmzSqPo1vrwJyXvoLFvsRdcZ2YFLYEWK1Yxi8R_3foN2hmGz8yxQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9B16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhj5z4TaATAB&v=APEucNW2Ai-4--Gcr4vaaTcqJXGa5-2w7Li69WNMWVPQo55rfUKZZtCK3x_e3UhMsHM5pRK3FSqEE3nW5AXk2lYzT1nLfKlx0uRyq9aZTKtuuHSDY-7oSjSIzbBRdigUmkwdenYKVtfRouTBrkC_YUP4UQybokqDDMS9fXSW4jH8TRLmzSqPo1vrwJyXvoLFvsRdcZ2YFLYEWK1Yxi8R_3foN2hmGz8yxQ
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
AN-X-Request-Uuid
5303884c-44a9-40e3-b4ca-54f711a5afb0
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9B16
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhj5z4TaATAB&v=APEucNW2Ai-4--Gcr4vaaTcqJXGa5-2w7Li69WNMWVPQo55rfUKZZtCK3x_e3UhMsHM5pRK3FSqEE3nW5AXk2lYzT1nLfKlx0uRyq9aZTKtuuHSDY-7oSjSIzbBRdigUmkwdenYKVtfRouTBrkC_YUP4UQybokqDDMS9fXSW4jH8TRLmzSqPo1vrwJyXvoLFvsRdcZ2YFLYEWK1Yxi8R_3foN2hmGz8yxQ
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
AN-X-Request-Uuid
10db5656-f746-4285-9b78-d99aafe7c0b6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 3CD3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 10:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2023 10:02:17 GMT
file.mp4
r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3CD3
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7AFD14AF65E4BD7E163A81F90457BD0B783C464C.4DD5C9B4118D59D642706289EEEC7E2D7A853343/key/cms1/cms_redirect/yes/mh/9t/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1669121127/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400e:15::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 12:51:45 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2442934
Last-Modified
Fri, 11 Nov 2022 14:34:54 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 22 Nov 2022 12:51:45 GMT

Redirect headers

date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
location
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7AFD14AF65E4BD7E163A81F90457BD0B783C464C.4DD5C9B4118D59D642706289EEEC7E2D7A853343/key/cms1/cms_redirect/yes/mh/9t/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1669121127/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3CD3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~las7ujpq&c=4307200722041&slotId=2153600361020.5&qqid=COr4zpLqwfsCFSDTEQgdJlMCTA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=780&mt=video%2Fmp4&vs=360x640&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.w9
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 555E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b392bcbc39569d1a19615f0f4e7c7e9441e367330f5bb6cb7fe3495f404b81d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 9442 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 10:41:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 555E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvo5yM5wC77LARvv4k0j0ojGe_Z8x1fDV9tGlGKJmtMsGVXwPDcTaQpXAv8zVqjp5uXXJO3CQAWJ9M-b08S4amAc3hdoLXwrbhCTaymFP9t_1OVaxYHxNLI_EZ2-H2MCS5G27vRyNwpELlSWwL1X1tOY8zq6bWky7I8zvpu_U1gGvEbYbsa5yxa4qVjvbsQbvGDEr0xqCK0sm-wYeMzSabM3XMofus821MYqH3CRXusfA8yMIIvXY0OOQmdcYf_CAmWUdu4rFg6vPMDu2Zh3ZKc5yCtgcw5KZFAovalwC7fX82NbvfuHdGm_LGlG79_3qS2EpIuNFXKcvDBFB9JBkap2qcUdZ7VV0DKM-8YBifdWzXcOfpsJMD15vlTtRwZ8P__70hwWddhJCCbZV1UQVWqstJwdAnvL7itQPiDnHucMidlJ7PGlbP-sE29e97dX2xfsI7L_96fRNwR5yTf6cNplxQPbYK8Z0Q1Qy41i36KfhmhHp87z1ayr9gadS1n_pmXqkujszpiwJ_YlOjtvPcvvEIin-ntbn_DI_jmLw16UZMiFr9bI-kZcE_hPERIiJX17rlTTP0sf0IYs5NZjqWP_AnYl0QJT_TOAYwqRH2sPaQcxE6bdBKzM0YnKKIqFxlBtnwY5eKGeT8nru7I6BB_YPS9Rs3hoyoQFU72NNoX5grKvO7S8WbA25KkJs1FUNRsL0Psw6JvYQPZTqKiIEZ9H4_MB665hI6yn8e16awMfFrLh7RoyD2nAG9ubJK40VTtU41zbbnPa4Ofa0XIQp2Fn8CL6gB_nKJFbStuUP7aC1Xp72BfOwB74iB8KphS2ReJ_MSQreU6EVUcdoAL8jrLwuTLu9zOquRJ7IzFqaotE0FJ0FdGburjVc2J8JzTWvtInxULEBlkUIpGjjGTKV0xgr1sGilLTHx-0bO_Shl4PwAHPzTdagyoImuyEJWYbDMS86jI-5N6nZEnFZdmTI-nBZt-ww6ouz_AgQwYdrT0ziosuyHiddVN_XB3E13rKufkaG90SAEo-tpCFM0AxkGQQuO6OuE0moDRrwJ5nDx8gBKC1yzDGhCwf6ro744zvFbtpG1Xf-l5dYfe9Kv6d0g31YYi4xtmT5Ulentt4rbRM4ZxcqV7A-bt4DmZMkquaBN7rVnBSC7TCSEhGDvjus6_GIa0EqKKzuJVLPbzu7DtxBlhbMgfJL2STDV94CY7FJ9cEgV8ZMPl2ijVAK-xrOflurBllBN5ZYNhkFjJtQrQAhWwJKCIpypZaJhzX0Dj2cdwSxS5-vPNE19_pD5HVCXwRefoH95iV0G5_eCc01h&sai=AMfl-YQEFs9aa_IjzEJreElYNgns-53yy_wjie4aIAGF11DAJs0Cn_ahBdWXe8TC9mMKvdiYHLMCZWgxmYDbFj47_nCTc6mrs7x8x7Nw3SNFTFgSsq7yFborZ4PoZ-TZFF9JXL6ex9RTAfGwRo2WJ5HFQ6eKQHpBGN7J5p6c9wSRJ8Krd_weg1ADJJadGibvIBGalHVxE0wMHW125y41LLBFx86TOTlwYjsZ-vKVD5-RYxQZ1vTZ8QJVqA8hJtpFMxPe_vwOZyNcWrjSSLgnd6o-Q0AxZGVXpLVozOkr4lc70YOt6JpwP-6ed--yiFmF7OZ5WErXotHwMyR7NM9KlJVHVFWdu-VwblNyhfmYkCIvV6Z_Q1ae_Gj6Td6COEPxib8XV0UODsOnnOn_sI2I8mKAawdCKXQyKWlXbaDduqgJNQyfYu5dg1mqihPH4EOhbAF-2NebUb_OW3IxlouM74Innr8S_P6ycsPpHtJgriAVlA&sig=Cg0ArKJSzO91iLycDH5pEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&vt=11&dtpt=170&dett=2&cstd=0&cisv=r20221110.70445&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:45 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame AD5A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 10:02:18 GMT
expires
Sun, 19 Nov 2023 10:02:18 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame AD5A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 07:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 07:39:11 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BE13 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/041a7965/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time
1669121505230
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/eTQEHBLLZSo
X-YouTube-Client-Version
1.20221116.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtRN2xhWGFhNDRjWSjei_ObBg%3D%3D
X-YouTube-Ad-Signals
dt=1669121502647&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9442 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOP7A4MV8Y6CMEIfigQeslbWIDAAAAAA4AeAEAg&bg=!CwilCEzNAAbvMpMzzzI7ACkAdvg8WsXOs3rcTYqxTWeLh_ERXjMhc602iDg2I0xUCfP-jWHEL-5IXwIAAABsUgAAAANoAQeZAuyMPYCtbNEL43Rn6HW9JWRhZzwauXBrjCH5zLCrcqR1W2RjXpOsCmaX5YUYpNSitid_Kp0EccJd-Wk3_PJBzIEwshqixkRhU7ut44xlCXN5IxX4c53uNcbDhyOcIT_rDbLtFjTFQ6rv1lzSMER8R67I-iJo8hX1YAwuwYD5MwDl2hMwcUIVB7-T10hYTaR7bczoUqvENicMhJnR9yfn8PZnhJHBJO9hKqAxlkNcZoYN2IuAm6hMgwN7rH4XJxUdRc-CQVyp9skR6xKUvhmu3_cAqFkMYvxvIQvetOw-69AZK1FKgDh-UzHUR9wOkQHAljefzYYl2DIwsn7Q-dLivhE3nc4HxkoMnsxSeIoSN7m4hq5pb6rAHcD3kVKVMvPdOb_3mBojt0pcHU7T80FBDJuH90h6OscOCnnSByycUNrvg6C_O5Kxc9dxb3R2wgOXJ5d9OYgjVzBou_UWS_CaGk9jpTo5_x5EGmkGCMnkAz-Lts8W0CFCGqLSr0l4r3PfxrlSJNzt_Vt8smguFkfYyxpYTgD49Am9TnPbmUKmI-iqT-n7jlxm4KUb8_8ACV-YAXmFQhiIp-jBjJ_IFRNo8MI-WBS4onoFUWE5r1pILs4OnaCapHCcsvJnag_qUOu7Vh-5g1PYo_p6Hl8w50gjzwMn_668mv4-XQvc_ivIEuS-yyoMRp60IRbV9jZXBr5mbyoQOVtyhIuo3Ccpul6RmFirEHZ5yY_HAqzB1rQJ0N2tSx36VEg6Ivp7EKMCzkaSfzQROohxvYFhdU6_Xg36Ih2dL1tZLwO5sDMwayMvMG3fb5qSkAHr71nztsXk_Mjq3D17Yct3jV7s58_W3wMTz9dWXICS5oSzImeJzGxQK14xaNhMlGoHcrCG8LZ2HfSX7EcWbXXyjH1ESoA8HRZaH-Djd1uFtewxdJEet3yZr6evY2l851RJyR54ZLl740HC3LKMXa4s8fWXXJsPS1Sf_y2tanptjX59kBPnpTaK
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3CD3 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/39932279ba302c4c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7AFD14AF65E4BD7E163A81F90457BD0B783C464C.4DD5C9B4118D59D642706289EEEC7E2D7A853343/key/cms1/cms_redirect/yes/mh/9t/mip/2a03:1b20:6:f011::6e/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1669121127/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:15::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
d1426753907d80f4775c7cb09ae61920aa8f3ec5c428b9b1d3e4cd7d5618cfc3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 22 Nov 2022 12:51:45 GMT
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2442933/2442934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2442934
last-modified
Fri, 11 Nov 2022 14:34:54 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD5A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B6Hoq4MV8Y_a9OM_AzQallaeQCAAAAAA4AeAEAg&bg=!IyClIGTNAAbvMpMzzzI7ACkAdvg8WpaJvJ1WQz9bLVO26QmTQjzo3Zy7emM1TVBRLqkvxtdSSDC_XQIAAABeUgAAAANoAQeZAuRr3tj4xzJQgfm-qbrHblRgDYDddshe7aayaVtJUn-l9F6Bprtn_m07vlPG5jZWbK42Ow1Uv8naVvivmOLLovMOkIltG8VF3rxQ3uVjhLJBn8zypDmxgBRAsoZB0NODOrFP7nR55a_4htzNbukCinF7sh_-bWgQelRtituET3DTtjPDO5l1Z9KyDnAtDIrfFknVClyAgQ5KUmfwUhuoIe9J7ICgfsW26lUC4MoE_Fy-iebrddfbFlOzt717VRV2b5GD-OaBBAgDDgqHOFjWnV9nQeVZe9Nx_nh-6Zi_OLbcWS5xtR9ZQKLaYFfSyVlxGfaJ_JBdhKCwA2ccl-XYYnbqpHDBbkJETVY779X0J_heBj8nCAgUPPJzZokeQyhtHj4WvZ2GfEJPPTM2uohW0ESbz4uA_ixAXYmwoZDWTNeXcs7YXNv-qIA5hQdxumhrxhyIdxAvA_zdNP745wDPoK7WPrGRUmaiCwbAXWtF5Ag7rUpoE9GNpewwbQzhwebv3SDBpn9X5J4yWfnMYhZaVh7Yi2lcbSBOuioneOp4DPZmM7fed02xgnL7cW5otwQZxM_qiJd1P5e2TTe0RQvdkZ41lcPJ2FtP29o2VRv9LYeI1rFdaknAI7QvCyP47gNRX-PL2g6cfOoAiTW6RtbXLXW-JCeTpSgqPh8aBHf0GteIZoi6xb6aS_eOp-XJhYW0PqR2C8ug0dBRUG5HAJ6xzXDeTASJ3ZIA3S54P8v_eyh-R3mLQL8prNRttlMl8469_Xg18BpKAl0zRtrA7AkULAFfz7Ym1fKSYNeK9CPQUFwiuprL0ritzFHbTI_xZt-RY2XB_1Pa1RKVbKASy1-4pGD6YLdmkeOa7-pl9WIkwKPEcEqmBW6AvmPKVYSwlFg5AYqLilc3jojRe72EiNP3sbBRiJclAmfkIdbRKfOXn_SWhvICEv9wfyuzI_y2ManNKDdzGQfujIlnGqmbhS_X_t2Nd5DtBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9q2Nk-rB-wIVT2DTCh2lygmCEAAYACD2mfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyS367pEEITCOr4zpLqwfsCFSDTEQgdJlMCTA;dc_rmcid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6s...
ade.googlesyndication.com/ddm/activity/ Frame 3CD3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9q2Nk-rB-wIVT2DTCh2lygmCEAAYACD2mfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyS367pEEITCOr4zpLqwfsCFSDTEQgdJlMCTA;dc_rmcid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6slEmlMrG16gNbKyYLE6CvKVKzwNQRtmRgBIBM;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D617409657%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669121505352;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 3CD3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cmlf238V8Y6qNN6Cmx_APpqaJ4ATmo6yxbbyS367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQJatHDEajSxPqgDAcgDmwSqBMACT9B6BGDnuxeFTAeAJSQtfDKHxU95FsJZ6ZfXlyXfTroJjW33N9wr4ZI32VDJNefEy5IAa-rZi_jCfyiAdDkLmIo1s1HHgX8qRo_ydY6YPq4pI8Xt-1yr5j1uvxJYrbZeGGOMcHohsOCaCgqnUJw0F6yWmWzvp5oa5pA8TormGmsy-4E-MY4qyuMtTMkFsHwQuRk0j41VYoU_MtsaLFlAkVAO5Rkto5ddk9BW1ez5PdO20L3gdPxhGyMUoTKEWUeyooK9QUlRUjZ6aTMCw-F-tnQIKNTkZEOu5dCHQ5_agv2wD5OvNp-VHLzF1yJS01g1V18pUxRz-Wnkxt9GqV2eG8ZNv6R5MRgLYEhp0cwJ8HZPnzZW_0LemgypaRpcNhu98v3fa-ENNDQ_gjCWWmIwnOpVs-j6-qlkbl0J1_w2F1jABIiqyoKRBOAEA5AGAaAGdoAHjIfVxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgPICwHgCwGADAGwE-mOlxHIE4H0neAD2BMKiBQC2BQB0BUB-BYBgBcB&sigh=eDU0QhvywmI&label=part2viewed&ad_mt=6&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D617409657%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669121505352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3CD3 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-WvbOWB0YIz8LGBSjpnsz36NX0QVaEfH81IN1OA9xX9M23LdIUjudvA3nMPDOjDmn4iqeG9_bIDd1vgBqeIO0FamtNgO525xJ4tdWfI_fstqwOML6u0mNShF1U9dhSwCTq66O-YR6_IGoSLlRSGD80EXDVsILnVs3JblBD4WN_OA5ogxMY8XDAwvM6O9lQ-ESNybNZ1zaCn5SMQx9WhChN46jAelPsg1veUQwm7o4JdNTn14UQ7J-dJYskvoISktbGedOfOoWJz7eKNr8Efye1RY328WNGe1_V0jAJTUOi1qhJKdGbKH40JFT_Hjvsngz4wn9osnhClbUWgMvqMUYqmjcAV2U2ahsTGTgM9r1Rtn5ZiqRWPgpuGfoWlkDmeN30Zr94btkGAaDSmkl0Eokstwue_ZHOMDnRqsCQDKB7ezYq44n1ErD--zozNXRqIFB2lEsznnLZzPKY85ovhlYKZSJFdNmAmg5ZgeX9wzsEZvBRUHKPB2kkwslxC4yxnHPxl2jjzz11kpE_eRs16UU0ZoFylarA9m9H8soIogv5jYhdAkE1uN-Mo4tH5l5Py40MrykAwq-D3lKDys3bc14_vRskqnRE5z7fjwsyOyOJ6uOpivdMVIl8jjmt9E3n9aor3khVzoeENnnF8zZe9hDitZ4lx28PTDHPawVUUxqdVS7y1SAJ-bCkwV7FEGQuraNQORGF2wv_r6pRKbJqeuro-ril4Hsz5OwVebx51hLDc_ZYWGfQjQvn6Seu9BhA6N3jJVSXkSqk7n7Hw7f0Tg2nozrHiVUGejrEl-TPkW3_vycWqatj_ZnMCIcApioE3jHPiFY_BHMXhF8lxVqwXKXvxYkKe_khqpDveztCwL_33j4MtfMJgjQSK8LT_2koaLyiNWpHcQLcU-T34eDC9tFuXbLLAVhd6wdMYvSTAtOF1jiw3djIVsTZJ-IVpIUFPRkn9HW20mXVTFKq8muXC5EfWMVv-EqtmE9LAholRdnBn9UzcnPVXDRYq5Rg0fcNhKmwYJHkatLPsf5uDiE6IQgjPpkGsDZSDpTiBsbh0x7t5eG3oY0GpdSdxD0X3H1l9VdMFP3qSNaKYdIjZ6YKnxR7t8Fh6i-J4dUPfi9VpvJvG6L-vur1bVMJHtNYkac9slInDZC9gmYR-xejyhTxXLRe9SJlR_FE1gXwpNrEoTe-t1iW77u6gwseiUIcdl874pMdsK7aOhrOJUfwaiQSmgQkQeoqMNfT_U_fOwU7b1P5aD0D6uxIPbOAsjbrXVdLhCF3chgwhlw7D0qyw_Ov5CGVO1eAD_iG2ZI4f3NeHireDOhtdPuQ8-Pl9Z-IEk-oGOMgLxov6ZHXCYzlQ5u-UTd6osd1hyad8KRzybd5Sv8sDJEBPTG5WeDUff0L58LnfGQBBveCvM-GjYoBm69Q8Vz1SoDOE4XQHm4XQsKFYQPrQ&sai=AMfl-YSXx7xq5NrLAxSSCdODQNECX5ALYi2JMQGnysnDhgNmGAiAdyGvpPaztmJhzn_Y3E_ha1wkdWlCRa-5zcI0_WOMlzJ-AyxKGkwG-3N8OXZQ1ITaiPag3Kmwluuk7jvgPud3G0CAg-9tGVCLya8-pL2yq7d3Amkb2P5Y3u0JbaUAOgXlOCUNv-s507zA32zQKJmeALP2gt9tS-SlJ7AFpsuXR06RF-LL8wFImNF1xb0YD-ZfoLhY70BMeKTjblt9Qwaf61zdBHk5SWTW6ThpDeW7MueKUsAhIrftoaLQP14PN2XBmxkMkWx_nxXQWfM&sig=Cg0ArKJSzDsNxxJeIypFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 3CD3
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiLiu7YASABMAE&v=APEucNV-a4AUfYtQ5mr5YWzGxNX-jecVDlUfxvADX4IlmhtNbfCLhaPVocBaGI0vO2QUYJzMAfq_ZJbmpCl2POwYOlAtKIVMog
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
AN-X-Request-Uuid
b1a9f984-7619-4f7b-a635-5b607e0044ad
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9q2Nk-rB-wIVT2DTCh2lygmCEAAYACD2mfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyS367pEEITCOr4zpLqwfsCFSDTEQgdJlMCTA;dc_rmcid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6s...
ade.googlesyndication.com/ddm/activity/ Frame 3CD3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9q2Nk-rB-wIVT2DTCh2lygmCEAAYACD2mfFWOhoIh7-AxQEQiKrKgpEEGIH0neADILyS367pEEITCOr4zpLqwfsCFSDTEQgdJlMCTA;dc_rmcid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6slEmlMrG16gNbKyYLE6CvKVKzwNQRtmRgBIBM;eps=CIDhgBAQARgdMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D617409657%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669121505352;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3CD3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvq4vfcAYjiT9ONMlxoYQD3j8eEaTA_HoVKnfI7hW5sSinOK4wM5yCelaeEGGhQMWckpz9XxgFfCs5RgcouCeIGagy9QnzXy3myc9wkAw1FF2ZhPlqYQ3CMvin8j220H6gZAnR704mjNOvwmKiTIxX2oxRIYmZWEvRLrYopTf3XuXu6LwHOyxtSuLkPNlor3WQ0S8j7u-1eDh2WTa2uiU-er6e77mJdZxh5mERzgyUT41OFG1MrCXA58v0CI2cRMSGGWKwg17SBTdXQl3oSkseGLI0oNA8NxokFbIikgbEUZGIM9WIExCXzeN7a3Ka1pxD-wP-vPRtbtukKySABZ3XU4a53BjYo_hplz4xt-B4lS5XUQL9-ul0lR7qPnTEeAcuIe9d3rRLM3fE1oFN9jV0PZIVSQGjXSxqhRY6YBKTDoljxW-k_8f9Ovd1PMjyA2PSQJJUQqi8famjD5m3UNjgLWphia1hPBUcq7wMlYhnG0edp37HWDJX9hfAHNUGTaWzFsq7aWMA__TEs4Lp24cgdoKYXImL82laXua7Lk2A8HrRhF8m721avHGSZwlqJzc9yXCpkrblyTuYv-yROhMKhlaXbXG-LbplBdUSmpu46dpX-19N0fzuisQeFlcuh7jz_89xqM7Tb04rh8ybq54YiMRg5HpaZhvg551tB5mQ6wbavj5bpWz9BKVgtmHW8v0I0dlIaeFwiD_XwXP6wrgbOyxpxpTehcteIWKGUuneABtLxY17r1WL_0_Pq6ytPLHRX3ZZop_leC0YT6Wgof9c-T3wG6WBucHNVIW3HIf015A63UoVakMq6w1rkMWtjLyymoZ5oFiqSm1HtW0Bc89p_ntBjOtzlbE1nJ-O_ifzeL9jTWBFa5oUec8HN38MN8f3XxHICHUAGGGlExWhqVtD3zTI2uS3mbcLJTJRUbYN6g-IK-vpkOF2j2JMH34kMMka8zdIiPBXwBqJ3Pb-z6dI_wGJvgQhT85l_imf3sBGPtpMMsglQQ9v7VgsOkMJPR-kzONl8W46rmDJYDB-qZhvE6WalSo5n3I4yEhqSoFdj6bKuJ3XagUeYrbbyjZ2AhXpwAGe2aQZRaytRaOyETYs1_mA995zMs4fEddDnYEpK92tqhvQQ8LvIIMCaLQhJIJzmdYpzXNCvEnLfEk94mYgjAGY4hK55-fYMVcvpTgZfvHLs5HxIJVqqPgR50Q2VeruGA4rFFKFwujV0Jze0EXfMO2_emcjQtdNSH97wvmSRMhzpMlNFavFSXdaJqOWhmCIGbCLD90b_Pc4oQxqDDf6kFcjva2rhNSF-rTX7dz6T4X75BWAHzGPwDDM4gQErSqZszOUhDN6-JQOBsq5FqY&sai=AMfl-YRsphknnrANyJfTl6N4akcAYF7S6E5348spt45myKUnpRUt51l65ACY7iKrkdEuyvdvkOAgF0tJ82T0kDI3JzEe58HQPr9BO37Aum5mISogCX-hfvtFD-PJ_iFYKIiN-Ogrls5XJcyMBfRcoZ4Np17EXDSKebqsGVwc&sig=Cg0ArKJSzB3OOXK4OfKGEAE&cid=CAQSSwDq26N98SfQlQRVfJ4UuUv1vvXPrxWyB6wmiyM6M0RGDhCjBW4SAUmMHvisbmw2LecMx6slEmlMrG16gNbKyYLE6CvKVKzwNQRtmRgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D617409657%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669121505352&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 3CD3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cmlf238V8Y6qNN6Cmx_APpqaJ4ATmo6yxbbyS367pEPAuEAEgqoDDImCV4pCCoAegAdz4qrsCyAEFqQJatHDEajSxPqgDAcgDmwSqBMACT9B6BGDnuxeFTAeAJSQtfDKHxU95FsJZ6ZfXlyXfTroJjW33N9wr4ZI32VDJNefEy5IAa-rZi_jCfyiAdDkLmIo1s1HHgX8qRo_ydY6YPq4pI8Xt-1yr5j1uvxJYrbZeGGOMcHohsOCaCgqnUJw0F6yWmWzvp5oa5pA8TormGmsy-4E-MY4qyuMtTMkFsHwQuRk0j41VYoU_MtsaLFlAkVAO5Rkto5ddk9BW1ez5PdO20L3gdPxhGyMUoTKEWUeyooK9QUlRUjZ6aTMCw-F-tnQIKNTkZEOu5dCHQ5_agv2wD5OvNp-VHLzF1yJS01g1V18pUxRz-Wnkxt9GqV2eG8ZNv6R5MRgLYEhp0cwJ8HZPnzZW_0LemgypaRpcNhu98v3fa-ENNDQ_gjCWWmIwnOpVs-j6-qlkbl0J1_w2F1jABIiqyoKRBOAEA5AGAaAGdoAHjIfVxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgPICwHgCwGADAGwE-mOlxHIE4H0neAD2BMKiBQC2BQB0BUB-BYBgBcB&sigh=eDU0QhvywmI&label=vast_creativeview&ad_mt=6&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D5%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D617409657%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1669121505352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3CD3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~las7ujtu&c=4307200722041&slotId=2153600361020.5&qqid=COr4zpLqwfsCFSDTEQgdJlMCTA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=780&mt=video%2Fmp4&vs=360x640&dm=20000&ple=0&umsem=0&event_name=first_play&asset_bytes=198385&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.16h~videopreviewstarted.16i
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=229395060915010&bg=!9vWl9bHNAAbvMpMzzzI7ACkAdvg8WjuelZ5jiFPhC3KN-27QWjIeH9ew3x9odGyrib88vSK-doX71QIAAAEwUgAAAARoAQeZAp-Tw-1oiqbPo1J2cNcqBbWY9ohDLRbltTKKlzpK7qSD0uGn7Vb2M75hvpbo9MXIRXHB0iqNENFGngsxcCvPl5fl17st5ft6mvESvLj2tIMueSYZKgkB52LvqbgdLBcO7IBlLwkvIx7OAInCsQ_UREjsHw9TSvTHSBgnF1pnluYGkHWbsMX9uciyVvBrCS5rgp8K9AizsLZAKzmKptskEvAjco2z-gcFYoajIEbL_Q8HpZeJdUEz5R3JxyoOTPDQESHulhSXvhFKXqGhaxS73aEi68-fkdz-T5Ua3VAYboTEbU71DuddFu6TP55usuaTXR3RyTS-jo_JnkYWU8frE1LkMUu1E_QzX8zGRazQU16nUQRycZOzMSyfJxEuCD4T4LDy3q5AL3StaY4QSAhqC9zYPAhoNP9wzUPSfIPaba1FHh-KKguG3__gUmuKOX4WZnlKi0RnuMSeS_ZtTWmD-MbH3hVSACp87GpTjtK3iVwbloFibryLOo0KfOIQnoUJUri65tmeFcsVqsgPeIjDOijwR6R8Y7tZyp5UsmvAmU23L5pF6xewLAZ3meWKZp58aHQyQxjVCBQGpXB7kKfE9OO7BtywE8z7fs6IKeoyHdzrCIP-Fwd33GvinH9oUHJtkZPNxguJZlpjFlC_n1yXDQoyAuEM3XNrtNNFkmCJy0Gj7FpMvghnOYcySBng8sCjdIfaBxUAj6D59kAG3GvfePRRT1wQOuQjgs-Kjt2DiV0aMwxM1OXCGNKXIQWOoKw-ACajyG2vCCu4Pz01BeVOOXxGf7nD3ayaFL7QJ_fzxD7tQxSes_A_nSd5ewJ7CzzNo8JAT5BZCg2dyuGwj9S_u82V4CtCZEIMTuA2IjVeyv-RXv8g6nY_sAeH19b8TRRg-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1669121505431&d=9074&wsc=ab&typ=embed&mobile=0&c=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:45 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1669121505474&event=plstarttry&d=9074&vs=0&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:45 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1669121505479&event=adsearch&d=9074&vs=0&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:45 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
integrator.js
adservice.google.com/adsid/ Frame 0016 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bg.myservername.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
container.html
28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D073 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:43 GMT
expires
Wed, 22 Nov 2023 12:51:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame D690 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F121764058%2C22528037647%2Fcelebs-networth.com%2Fcelebs-networth.com_o3b_instream_onn_o3b&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&description_url=https%3A%2F%2Fgov-civil-portalegre.pt%2F&tfcd=0&npa=0&sz=300x250%7C400x300&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&nofb=1&vpa=auto&osd=2&frm=0&vis=1&sdr=1&is_amp=0&vpos=preroll&ad_rule=1&allcues=15000%2C30000&vid_d=92&gdpr=0&sdkv=h.3.546.0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2961901633&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=817C30DC-89D5-425B-B850-F258769ACF2E&nel=0&eid=44748969%2C44765701&ref=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&dlt=1669121504086&idt=655&dt=1669121505571&cookie=ID%3D607fa334eea8a942%3AT%3D1669121503%3AS%3DALNI_MYuD5y40rmslBnE5GFbbF3dXxROGQ&gpic=UID%3D00000b85e59e2d24%3AT%3D1669121503%3ART%3D1669121503%3AS%3DALNI_Ma6-Ma2_eiDPITTSBko9p3eXssFFg&correlator=3361774632303901&scor=2284381253405140&ppid=onnetwork&ged=ve4_td2_tt1_pd2_la2000_er951.345.951.345_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69ca5246de4d75bcd53c06e328712d03ba24e706f3c37f16d23708aae8f39dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1154
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3993 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRDDht4CGIv20dgBMAE&v=APEucNUpnr6Bh4Pe6_waEK-DJQk0nBob7z5syGP9FIhpirgYruGLwy2AKfQuxTKK96h93aiAF0IxZzA_soYymxf_U6V5Ls-vp1sMvr5-Nl9ZPGy2QdEHjZdwqbdRDJ6RohWYWwTeu8wzsdBA4Uz9BLyCNX7fOYoZGswzgpFiBRRtVcE9ZTYRa5kX57TmuLngbxXO8WsI-bEocEUu_rKk5eO74jcCJBZ9nQ
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:51:45 GMT
expires
Tue, 22 Nov 2022 12:51:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D073 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxtIrwPuXHuFyAZfiV3xDEtFqy1iL1lHiiMpVoDc9Xsgw2LRyd6vm39jCXgFNyRnOI-SZEHHpFO5-HANMLA7zXon8YqQ&cry=1&dbm_d=AKAmf-Dy1_YSkZf5k3h-Y9EAXh_G6q15KfFhrR57bZ4n7GbQLWgNPvyFUArnznFhZcGdMFaOQPjtueLTTQQWpyrDOGMiIPikjSlKM_1uyviQWov23kDePeOUtQh056-ce4m8glnKFwLFqybpi3s0XOPr7GB6VocnFhJZiMurObIbhInaYFyphmIdWMGiCTDjO9rbbeMdsvyfO3RLFC-Y8NSY5kkhaS5ytSZPFO87YPInqVIKUOLsylvSp-A0NcpMQMcfoy3JGsEYLjzGhHHp339dnq3Cc57SsdxLYzTvrSZ5kt5B81ATbKQyIICS4oXAb_zMALV_pPITXq8qsx26uOKYKCLDQP43Wd1vqyHEefyIKXV5Oy_w3q3MiDAOvqwnJhH_BRIbR-SacAihz68UCkN5fj84ee9hn9YPaNrTKho98cIOBMNQEl0MkHB7cr3b7r8L9IkhH1Mxmy7zPhT34Lx9alyuDrLcNL3LfIscnv1ZttwUljP7K6zN2tjh5fCmkuxE34-C3lsbDq-MYkBL-BxmukfChUs7wlRoOYYsGp3dI_59T9Q_P_P26rSTrE7rDHD0nTWzoG3ICZbmchlfUsZKqchSN1zS2kB004mM1QoRO5QkpyfJCEO8b5V3Mmsk0VlK1ETTqLhp2UwsCb4v3l46naElYOmp123UiNYI_MtuShAD0FVArEtWYNoZzXfOxDhdl3XWfH5U3qgls7d_nyjvzxo8NsQxgHJ74fcs3Pi-GSJT2DGxvx9die7l8tElRpJjJ4MHAzxZXot5nU05fPSoLnNm_RqF8nnxfLUeZfga6Wd2IkqLBXJ6s74Dg1jN97fWkah8pkWIGPjslsHwvsjyyC121OBFCPQzJwJ4rar8ASqupsflKtq2j2o4GPyRqoRRzO7_SQ3d9ZIWfsqL77r0LAGPG7yb5pNgFblknCsTOMeNgoiffhQ-7rfz2hK3PYgf_O5xaOZhkmP3671F8wXb0kNKyA_kdI01cCgsLSCySqVRrt6tvRpivK-Dvyv9n39Kt71Lym8CZQ3TcyNPMyOoXrdJ7N7fM4gxB7fepcSQCEJbmWB98gaf6s_EB_m9pedwaMmOqxWl2_Exg_YzSIYqcjG-3nAX4JU-fDvZjNJdxWYfPwE5CVB0fGA9lhXdcVecazPWX9cm__zqbNX5JkiRQMSS-Mguz7Zw5vmBEXibYyqtP3gO0GoW5U8KwLsNo--O_9a4M28n79a80GodQHfR20uK4IknlLyTaLdU1k5kv_87qELotLR7q9VUMB8tROGrwuCiQGwIQxOQwnBOcXa7NwfmA3DC5WIKYjqEri3Cm3ooON3v76gWUH7YXsJnIct11dvXyXnqR-Kn14PJDHENHaFkTkliK9eekwvlUBschBMQc5cOof0SrblPikRU6bkr9oFuUnvxJRSvG8dUub18q7e0G3M8wAbGIJ7xeCCpvwdXajHKvYRvAlsDlL3mAr9ZEGWZ72yXUBCwzvthPWrnHH4Gv3pFjO_h1-S1tyue9-TXJ5-HJGyTVanZGo38Px9HVKqoDPnKoaAs-rQ4f1qpeu6z-q2GEssq-ONRVm-8GREdKW83-4FEaCY8OuOkrRfHdbR2boN0iwowvq6tMQqTvp57QIKiNPMbgmuDAodwto8gCAbpPwyLbyRsztTjvITQnzdBJAWvUNiUSLIftOU1JlzoT4x_vy4xcNdOItps71sSQoQ4zSOzvFovyDoHEDPzZG1K4R2uPpqTdqUOIPDu8-xw0BlSyFLbxbuMUumom-FzgQSaKS7hwR-0MDUA-dC2xCjCnydKiSxWIxA65pBAKzHPFKtyDjiOm6V7wG6C7ZMs9fTra-psd9PxPHAdWZ7B9Co3csOz2nbXXkQkT0QFAvrwBITPE6o1KUprECvePv0pmiDzAe8Xi1EYGt_dwUzBguD11OHQ6rAh57cgDy5gRwLksX8CH6s3nfH8h0-LFCjUCBChD3Cdh7yUSk49JJZ5HClTbEJrfpi7yViGDaKTkQvyOXSztDUsl_0Qo7FKytpI0Vz5tcZzeit0On_M5D1gcpKMe6zejHavChtnfdMNpEJWn2Gh6X7zpZz_todX8f58xre1Qp3TmYuZuLRVraOM7q7jqEsDiAaM9LrF1GvlOfcetq4VkLtTUnPNSoNPxl1ItrJQUZ8mnagektaD811ZfHi_zwgxm_UguIo0FqEhh7z5AVtrmo6SybGobFiMTsVcwDIBbEaY6lFgaBq1iI-QdL_5ktDJdENf9uL3hhmvQGN6gabObfF-tTfni50k59ygEeJFSG_sxQoM0jnrdyioBKAVxtSgXdfNfda5sIErym2RTv_0a9rjSPhKXIfLrZms3UKr0kbCp2RMp1ZVdB1EAGnbNxmTXQON-bBXHrGACc1jAtoeoBoIz2mp7Ogdjj9Cq_3mSEb1A5PvEdQ2nW6z7f0E1ADgshDi441QuMnJLd94o0cuHM0qDIn5xMfCY5xUb7-Fs5PqOyLw2EuOse_G8sAbdAzXT53KohZqqjBLMkLM6AMo5pt1oOf9oYVqBU8AyYY4zmjEyPoLf7OBA0WsQFUsBBbgBgbdCUhnThUXypqYUZWk8Z5Oif5xjtaFgRLHgnacvUKH_jzFYJPnvIgvXaBBa94peer6USioA8rmNg6Ld9A-OXPDNRF6mCXnQKdbHjqOiDIJl8in8fjWS-JJGts6YnRuPX5oEKLACpxxfnXPsoRPJefm1Shc6vM-M1v3it8GVP6P2oGUNVI_4OR-eAxk5JHfmYf5aWjsBzQcSt3xNTKbOvqet1OONrpPcyNm7HUtEoOIHVacXKQdfMrL-YuCRwaxjQBTryBIPJTJ0OFUAXKuxqEMhKA94pMRNgzifWEXuS8YjjqxR98Ydrz-KPlSS63HCli_5gJ9uiZ9OoYzwEyEHNe9_VYMAw1_5-dEy1OVVDD-IlXi2VKJB3L5HvYje1wdaocbK-juryM4AJ2ngEq9Qs7D4ep0UlKe0iHMm_wuKd1VGSyTdf3GBHxqhxGNijY6AzH-2f0muEVohHUe6J-wgtVSpIYUYggpJ5nwR8SYA9hxfPZvvAbIwuKUdlcv6r_67ytq6dLRiGD2LqA8aicbQkLvEEpbCqLuynm5sZvsmCl1a2TLKmdxm0_b_hofstN42jM7JfDgVypwCol9lWM0kDzYRTrJZngSUJafLBMHA9OuC3LiRsuASjmNjVuhLvz5ooQpv3ZMM4NpU_ZbdYgAEaeAYYv59U_iH2XHdqfzjuF568WkDAHUq4Dvr7c3x6s-17o7Xa1O_kfsARvAjR9ToZ_Ph0zvumqE48utWa5akBe2N5WFfpaG615mVfUydvfvRyDDhnT7B93V1awrAS3iiJdB58n4fB6xtElcOKbFMJStx_TPjLPgA5Zw2tZXVfdzQzDUgLSOWQLfJu3c6aFf3qVTQWSTeKo7lRKDXOmVh55d2oRY0LvSZUQlI7ntzhPbRZF6Zq1yJwh9_LyIDMkW2fyA_vRnmR7Gi1Npjnq5ce1SlQvbxs4RAsSJtWAZSaMZ8p8gWDeoyNznq9FSCMoO-uInISfwhxWfe33rVazeKzzVvo9Hci_M7-tZwNJxV6-1zOwjEpzyprUmmIJ4pJd4XUa71JFLaTFX7WHPLbbaBtdNd0IOlmgDF3eKRCk2L4gmay8Tai8uOL2_o98QT9KyHtHreroe18kLsVog1VTee5qau0qxS6PyE8pHjXNTPCvDHynjvsICavuNBtSfLScykx5APqfVjk8epkDqgNFsBgcNCSd44zyzid1AwcTmzAqIEstm4qHFfG1e8PWk6orGyFvgJm0S2IfH0BVYG0c4f1ZGca6OYrCl5NgBZjKJxory6AWAsHGeau2GFeEUshknaJDNTiBCQuOqjCdGBQtD30dm8EuzDwQI_h56p2NsaMG087YM0sW39iqzOzP95hob5FV8qEgaV__wy_5oB_iNfleXZlPjuIWaz1MaRm4Z15yNPs8up79JRoGOZhMu1DBC2uNHUjH8vrc-0cyS2dOzxoeVxKsM6RY6gd4H2HTQTz6BA8aNPSeXjsZPOu9njh5VwnGfu-izQBXA3UrdB31hsWk&cid=CAQSTADq26N9cL3JBTHhHC1iT5GkNFDKKJGZPlvDjMuadTizv2g-7-pvkiV-tu8CtDRTLOkX7SZ-b-5LMfFDR7AoOwUOdrEy_rUpGRMJf5oYASAT&rfl=1%2Chttps%253A%252F%252Fbg.myservername.com%252F%240
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
281fcf3b7589358d0aaab28e924c03e43e58fae40fda1c9a0bae61a0a0120371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D073 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnM8U47uhRAbDmqdiugXT5dE3nj5vmufrWM1CIobYJWaFpzpo71mP4tMV5xODMN6lQnIeHxQLke-M5PPNqqfQCXcyE2QnNUkfWCWTXrjBPiVJZb-Q
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D073 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
5344
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:22:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D073 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
7818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D073 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 12:51:45 GMT
rum
dsum-sec.casalemedia.com/ Frame 3993
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRDDht4CGIv20dgBMAE&v=APEucNUpnr6Bh4Pe6_waEK-DJQk0nBob7z5syGP9FIhpirgYruGLwy2AKfQuxTKK96h93aiAF0IxZzA_soYymxf_U6V5Ls-vp1sMvr5-Nl9ZPGy2QdEHjZdwqbdRDJ6RohWYWwTeu8wzsdBA4Uz9BLyCNX7fOYoZGswzgpFiBRRtVcE9ZTYRa5kX57TmuLngbxXO8WsI-bEocEUu_rKk5eO74jcCJBZ9nQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3993
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRDDht4CGIv20dgBMAE&v=APEucNUpnr6Bh4Pe6_waEK-DJQk0nBob7z5syGP9FIhpirgYruGLwy2AKfQuxTKK96h93aiAF0IxZzA_soYymxf_U6V5Ls-vp1sMvr5-Nl9ZPGy2QdEHjZdwqbdRDJ6RohWYWwTeu8wzsdBA4Uz9BLyCNX7fOYoZGswzgpFiBRRtVcE9ZTYRa5kX57TmuLngbxXO8WsI-bEocEUu_rKk5eO74jcCJBZ9nQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEM9-V8arBt4Ow8ARO9wn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3993
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRDDht4CGIv20dgBMAE&v=APEucNUpnr6Bh4Pe6_waEK-DJQk0nBob7z5syGP9FIhpirgYruGLwy2AKfQuxTKK96h93aiAF0IxZzA_soYymxf_U6V5Ls-vp1sMvr5-Nl9ZPGy2QdEHjZdwqbdRDJ6RohWYWwTeu8wzsdBA4Uz9BLyCNX7fOYoZGswzgpFiBRRtVcE9ZTYRa5kX57TmuLngbxXO8WsI-bEocEUu_rKk5eO74jcCJBZ9nQ
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
AN-X-Request-Uuid
a22137cf-007d-4ba7-8252-787fae73a75e
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzCXPbYqamt5a77iaE1aJ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3993
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHmIRDDht4CGIv20dgBMAE&v=APEucNUpnr6Bh4Pe6_waEK-DJQk0nBob7z5syGP9FIhpirgYruGLwy2AKfQuxTKK96h93aiAF0IxZzA_soYymxf_U6V5Ls-vp1sMvr5-Nl9ZPGy2QdEHjZdwqbdRDJ6RohWYWwTeu8wzsdBA4Uz9BLyCNX7fOYoZGswzgpFiBRRtVcE9ZTYRa5kX57TmuLngbxXO8WsI-bEocEUu_rKk5eO74jcCJBZ9nQ
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:45 GMT
AN-X-Request-Uuid
0f9a33b9-bfea-4e8e-b901-304809845b8b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2MTk1NzkxOTk1MTE2OTQ3NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D073 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Origin
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 11:55:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame D073 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxtIrwPuXHuFyAZfiV3xDEtFqy1iL1lHiiMpVoDc9Xsgw2LRyd6vm39jCXgFNyRnOI-SZEHHpFO5-HANMLA7zXon8YqQ&cry=1&dbm_d=AKAmf-Dy1_YSkZf5k3h-Y9EAXh_G6q15KfFhrR57bZ4n7GbQLWgNPvyFUArnznFhZcGdMFaOQPjtueLTTQQWpyrDOGMiIPikjSlKM_1uyviQWov23kDePeOUtQh056-ce4m8glnKFwLFqybpi3s0XOPr7GB6VocnFhJZiMurObIbhInaYFyphmIdWMGiCTDjO9rbbeMdsvyfO3RLFC-Y8NSY5kkhaS5ytSZPFO87YPInqVIKUOLsylvSp-A0NcpMQMcfoy3JGsEYLjzGhHHp339dnq3Cc57SsdxLYzTvrSZ5kt5B81ATbKQyIICS4oXAb_zMALV_pPITXq8qsx26uOKYKCLDQP43Wd1vqyHEefyIKXV5Oy_w3q3MiDAOvqwnJhH_BRIbR-SacAihz68UCkN5fj84ee9hn9YPaNrTKho98cIOBMNQEl0MkHB7cr3b7r8L9IkhH1Mxmy7zPhT34Lx9alyuDrLcNL3LfIscnv1ZttwUljP7K6zN2tjh5fCmkuxE34-C3lsbDq-MYkBL-BxmukfChUs7wlRoOYYsGp3dI_59T9Q_P_P26rSTrE7rDHD0nTWzoG3ICZbmchlfUsZKqchSN1zS2kB004mM1QoRO5QkpyfJCEO8b5V3Mmsk0VlK1ETTqLhp2UwsCb4v3l46naElYOmp123UiNYI_MtuShAD0FVArEtWYNoZzXfOxDhdl3XWfH5U3qgls7d_nyjvzxo8NsQxgHJ74fcs3Pi-GSJT2DGxvx9die7l8tElRpJjJ4MHAzxZXot5nU05fPSoLnNm_RqF8nnxfLUeZfga6Wd2IkqLBXJ6s74Dg1jN97fWkah8pkWIGPjslsHwvsjyyC121OBFCPQzJwJ4rar8ASqupsflKtq2j2o4GPyRqoRRzO7_SQ3d9ZIWfsqL77r0LAGPG7yb5pNgFblknCsTOMeNgoiffhQ-7rfz2hK3PYgf_O5xaOZhkmP3671F8wXb0kNKyA_kdI01cCgsLSCySqVRrt6tvRpivK-Dvyv9n39Kt71Lym8CZQ3TcyNPMyOoXrdJ7N7fM4gxB7fepcSQCEJbmWB98gaf6s_EB_m9pedwaMmOqxWl2_Exg_YzSIYqcjG-3nAX4JU-fDvZjNJdxWYfPwE5CVB0fGA9lhXdcVecazPWX9cm__zqbNX5JkiRQMSS-Mguz7Zw5vmBEXibYyqtP3gO0GoW5U8KwLsNo--O_9a4M28n79a80GodQHfR20uK4IknlLyTaLdU1k5kv_87qELotLR7q9VUMB8tROGrwuCiQGwIQxOQwnBOcXa7NwfmA3DC5WIKYjqEri3Cm3ooON3v76gWUH7YXsJnIct11dvXyXnqR-Kn14PJDHENHaFkTkliK9eekwvlUBschBMQc5cOof0SrblPikRU6bkr9oFuUnvxJRSvG8dUub18q7e0G3M8wAbGIJ7xeCCpvwdXajHKvYRvAlsDlL3mAr9ZEGWZ72yXUBCwzvthPWrnHH4Gv3pFjO_h1-S1tyue9-TXJ5-HJGyTVanZGo38Px9HVKqoDPnKoaAs-rQ4f1qpeu6z-q2GEssq-ONRVm-8GREdKW83-4FEaCY8OuOkrRfHdbR2boN0iwowvq6tMQqTvp57QIKiNPMbgmuDAodwto8gCAbpPwyLbyRsztTjvITQnzdBJAWvUNiUSLIftOU1JlzoT4x_vy4xcNdOItps71sSQoQ4zSOzvFovyDoHEDPzZG1K4R2uPpqTdqUOIPDu8-xw0BlSyFLbxbuMUumom-FzgQSaKS7hwR-0MDUA-dC2xCjCnydKiSxWIxA65pBAKzHPFKtyDjiOm6V7wG6C7ZMs9fTra-psd9PxPHAdWZ7B9Co3csOz2nbXXkQkT0QFAvrwBITPE6o1KUprECvePv0pmiDzAe8Xi1EYGt_dwUzBguD11OHQ6rAh57cgDy5gRwLksX8CH6s3nfH8h0-LFCjUCBChD3Cdh7yUSk49JJZ5HClTbEJrfpi7yViGDaKTkQvyOXSztDUsl_0Qo7FKytpI0Vz5tcZzeit0On_M5D1gcpKMe6zejHavChtnfdMNpEJWn2Gh6X7zpZz_todX8f58xre1Qp3TmYuZuLRVraOM7q7jqEsDiAaM9LrF1GvlOfcetq4VkLtTUnPNSoNPxl1ItrJQUZ8mnagektaD811ZfHi_zwgxm_UguIo0FqEhh7z5AVtrmo6SybGobFiMTsVcwDIBbEaY6lFgaBq1iI-QdL_5ktDJdENf9uL3hhmvQGN6gabObfF-tTfni50k59ygEeJFSG_sxQoM0jnrdyioBKAVxtSgXdfNfda5sIErym2RTv_0a9rjSPhKXIfLrZms3UKr0kbCp2RMp1ZVdB1EAGnbNxmTXQON-bBXHrGACc1jAtoeoBoIz2mp7Ogdjj9Cq_3mSEb1A5PvEdQ2nW6z7f0E1ADgshDi441QuMnJLd94o0cuHM0qDIn5xMfCY5xUb7-Fs5PqOyLw2EuOse_G8sAbdAzXT53KohZqqjBLMkLM6AMo5pt1oOf9oYVqBU8AyYY4zmjEyPoLf7OBA0WsQFUsBBbgBgbdCUhnThUXypqYUZWk8Z5Oif5xjtaFgRLHgnacvUKH_jzFYJPnvIgvXaBBa94peer6USioA8rmNg6Ld9A-OXPDNRF6mCXnQKdbHjqOiDIJl8in8fjWS-JJGts6YnRuPX5oEKLACpxxfnXPsoRPJefm1Shc6vM-M1v3it8GVP6P2oGUNVI_4OR-eAxk5JHfmYf5aWjsBzQcSt3xNTKbOvqet1OONrpPcyNm7HUtEoOIHVacXKQdfMrL-YuCRwaxjQBTryBIPJTJ0OFUAXKuxqEMhKA94pMRNgzifWEXuS8YjjqxR98Ydrz-KPlSS63HCli_5gJ9uiZ9OoYzwEyEHNe9_VYMAw1_5-dEy1OVVDD-IlXi2VKJB3L5HvYje1wdaocbK-juryM4AJ2ngEq9Qs7D4ep0UlKe0iHMm_wuKd1VGSyTdf3GBHxqhxGNijY6AzH-2f0muEVohHUe6J-wgtVSpIYUYggpJ5nwR8SYA9hxfPZvvAbIwuKUdlcv6r_67ytq6dLRiGD2LqA8aicbQkLvEEpbCqLuynm5sZvsmCl1a2TLKmdxm0_b_hofstN42jM7JfDgVypwCol9lWM0kDzYRTrJZngSUJafLBMHA9OuC3LiRsuASjmNjVuhLvz5ooQpv3ZMM4NpU_ZbdYgAEaeAYYv59U_iH2XHdqfzjuF568WkDAHUq4Dvr7c3x6s-17o7Xa1O_kfsARvAjR9ToZ_Ph0zvumqE48utWa5akBe2N5WFfpaG615mVfUydvfvRyDDhnT7B93V1awrAS3iiJdB58n4fB6xtElcOKbFMJStx_TPjLPgA5Zw2tZXVfdzQzDUgLSOWQLfJu3c6aFf3qVTQWSTeKo7lRKDXOmVh55d2oRY0LvSZUQlI7ntzhPbRZF6Zq1yJwh9_LyIDMkW2fyA_vRnmR7Gi1Npjnq5ce1SlQvbxs4RAsSJtWAZSaMZ8p8gWDeoyNznq9FSCMoO-uInISfwhxWfe33rVazeKzzVvo9Hci_M7-tZwNJxV6-1zOwjEpzyprUmmIJ4pJd4XUa71JFLaTFX7WHPLbbaBtdNd0IOlmgDF3eKRCk2L4gmay8Tai8uOL2_o98QT9KyHtHreroe18kLsVog1VTee5qau0qxS6PyE8pHjXNTPCvDHynjvsICavuNBtSfLScykx5APqfVjk8epkDqgNFsBgcNCSd44zyzid1AwcTmzAqIEstm4qHFfG1e8PWk6orGyFvgJm0S2IfH0BVYG0c4f1ZGca6OYrCl5NgBZjKJxory6AWAsHGeau2GFeEUshknaJDNTiBCQuOqjCdGBQtD30dm8EuzDwQI_h56p2NsaMG087YM0sW39iqzOzP95hob5FV8qEgaV__wy_5oB_iNfleXZlPjuIWaz1MaRm4Z15yNPs8up79JRoGOZhMu1DBC2uNHUjH8vrc-0cyS2dOzxoeVxKsM6RY6gd4H2HTQTz6BA8aNPSeXjsZPOu9njh5VwnGfu-izQBXA3UrdB31hsWk&cid=CAQSTADq26N9cL3JBTHhHC1iT5GkNFDKKJGZPlvDjMuadTizv2g-7-pvkiV-tu8CtDRTLOkX7SZ-b-5LMfFDR7AoOwUOdrEy_rUpGRMJf5oYASAT&rfl=1%2Chttps%253A%252F%252Fbg.myservername.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:55:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D073 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxtIrwPuXHuFyAZfiV3xDEtFqy1iL1lHiiMpVoDc9Xsgw2LRyd6vm39jCXgFNyRnOI-SZEHHpFO5-HANMLA7zXon8YqQ&cry=1&dbm_d=AKAmf-Dy1_YSkZf5k3h-Y9EAXh_G6q15KfFhrR57bZ4n7GbQLWgNPvyFUArnznFhZcGdMFaOQPjtueLTTQQWpyrDOGMiIPikjSlKM_1uyviQWov23kDePeOUtQh056-ce4m8glnKFwLFqybpi3s0XOPr7GB6VocnFhJZiMurObIbhInaYFyphmIdWMGiCTDjO9rbbeMdsvyfO3RLFC-Y8NSY5kkhaS5ytSZPFO87YPInqVIKUOLsylvSp-A0NcpMQMcfoy3JGsEYLjzGhHHp339dnq3Cc57SsdxLYzTvrSZ5kt5B81ATbKQyIICS4oXAb_zMALV_pPITXq8qsx26uOKYKCLDQP43Wd1vqyHEefyIKXV5Oy_w3q3MiDAOvqwnJhH_BRIbR-SacAihz68UCkN5fj84ee9hn9YPaNrTKho98cIOBMNQEl0MkHB7cr3b7r8L9IkhH1Mxmy7zPhT34Lx9alyuDrLcNL3LfIscnv1ZttwUljP7K6zN2tjh5fCmkuxE34-C3lsbDq-MYkBL-BxmukfChUs7wlRoOYYsGp3dI_59T9Q_P_P26rSTrE7rDHD0nTWzoG3ICZbmchlfUsZKqchSN1zS2kB004mM1QoRO5QkpyfJCEO8b5V3Mmsk0VlK1ETTqLhp2UwsCb4v3l46naElYOmp123UiNYI_MtuShAD0FVArEtWYNoZzXfOxDhdl3XWfH5U3qgls7d_nyjvzxo8NsQxgHJ74fcs3Pi-GSJT2DGxvx9die7l8tElRpJjJ4MHAzxZXot5nU05fPSoLnNm_RqF8nnxfLUeZfga6Wd2IkqLBXJ6s74Dg1jN97fWkah8pkWIGPjslsHwvsjyyC121OBFCPQzJwJ4rar8ASqupsflKtq2j2o4GPyRqoRRzO7_SQ3d9ZIWfsqL77r0LAGPG7yb5pNgFblknCsTOMeNgoiffhQ-7rfz2hK3PYgf_O5xaOZhkmP3671F8wXb0kNKyA_kdI01cCgsLSCySqVRrt6tvRpivK-Dvyv9n39Kt71Lym8CZQ3TcyNPMyOoXrdJ7N7fM4gxB7fepcSQCEJbmWB98gaf6s_EB_m9pedwaMmOqxWl2_Exg_YzSIYqcjG-3nAX4JU-fDvZjNJdxWYfPwE5CVB0fGA9lhXdcVecazPWX9cm__zqbNX5JkiRQMSS-Mguz7Zw5vmBEXibYyqtP3gO0GoW5U8KwLsNo--O_9a4M28n79a80GodQHfR20uK4IknlLyTaLdU1k5kv_87qELotLR7q9VUMB8tROGrwuCiQGwIQxOQwnBOcXa7NwfmA3DC5WIKYjqEri3Cm3ooON3v76gWUH7YXsJnIct11dvXyXnqR-Kn14PJDHENHaFkTkliK9eekwvlUBschBMQc5cOof0SrblPikRU6bkr9oFuUnvxJRSvG8dUub18q7e0G3M8wAbGIJ7xeCCpvwdXajHKvYRvAlsDlL3mAr9ZEGWZ72yXUBCwzvthPWrnHH4Gv3pFjO_h1-S1tyue9-TXJ5-HJGyTVanZGo38Px9HVKqoDPnKoaAs-rQ4f1qpeu6z-q2GEssq-ONRVm-8GREdKW83-4FEaCY8OuOkrRfHdbR2boN0iwowvq6tMQqTvp57QIKiNPMbgmuDAodwto8gCAbpPwyLbyRsztTjvITQnzdBJAWvUNiUSLIftOU1JlzoT4x_vy4xcNdOItps71sSQoQ4zSOzvFovyDoHEDPzZG1K4R2uPpqTdqUOIPDu8-xw0BlSyFLbxbuMUumom-FzgQSaKS7hwR-0MDUA-dC2xCjCnydKiSxWIxA65pBAKzHPFKtyDjiOm6V7wG6C7ZMs9fTra-psd9PxPHAdWZ7B9Co3csOz2nbXXkQkT0QFAvrwBITPE6o1KUprECvePv0pmiDzAe8Xi1EYGt_dwUzBguD11OHQ6rAh57cgDy5gRwLksX8CH6s3nfH8h0-LFCjUCBChD3Cdh7yUSk49JJZ5HClTbEJrfpi7yViGDaKTkQvyOXSztDUsl_0Qo7FKytpI0Vz5tcZzeit0On_M5D1gcpKMe6zejHavChtnfdMNpEJWn2Gh6X7zpZz_todX8f58xre1Qp3TmYuZuLRVraOM7q7jqEsDiAaM9LrF1GvlOfcetq4VkLtTUnPNSoNPxl1ItrJQUZ8mnagektaD811ZfHi_zwgxm_UguIo0FqEhh7z5AVtrmo6SybGobFiMTsVcwDIBbEaY6lFgaBq1iI-QdL_5ktDJdENf9uL3hhmvQGN6gabObfF-tTfni50k59ygEeJFSG_sxQoM0jnrdyioBKAVxtSgXdfNfda5sIErym2RTv_0a9rjSPhKXIfLrZms3UKr0kbCp2RMp1ZVdB1EAGnbNxmTXQON-bBXHrGACc1jAtoeoBoIz2mp7Ogdjj9Cq_3mSEb1A5PvEdQ2nW6z7f0E1ADgshDi441QuMnJLd94o0cuHM0qDIn5xMfCY5xUb7-Fs5PqOyLw2EuOse_G8sAbdAzXT53KohZqqjBLMkLM6AMo5pt1oOf9oYVqBU8AyYY4zmjEyPoLf7OBA0WsQFUsBBbgBgbdCUhnThUXypqYUZWk8Z5Oif5xjtaFgRLHgnacvUKH_jzFYJPnvIgvXaBBa94peer6USioA8rmNg6Ld9A-OXPDNRF6mCXnQKdbHjqOiDIJl8in8fjWS-JJGts6YnRuPX5oEKLACpxxfnXPsoRPJefm1Shc6vM-M1v3it8GVP6P2oGUNVI_4OR-eAxk5JHfmYf5aWjsBzQcSt3xNTKbOvqet1OONrpPcyNm7HUtEoOIHVacXKQdfMrL-YuCRwaxjQBTryBIPJTJ0OFUAXKuxqEMhKA94pMRNgzifWEXuS8YjjqxR98Ydrz-KPlSS63HCli_5gJ9uiZ9OoYzwEyEHNe9_VYMAw1_5-dEy1OVVDD-IlXi2VKJB3L5HvYje1wdaocbK-juryM4AJ2ngEq9Qs7D4ep0UlKe0iHMm_wuKd1VGSyTdf3GBHxqhxGNijY6AzH-2f0muEVohHUe6J-wgtVSpIYUYggpJ5nwR8SYA9hxfPZvvAbIwuKUdlcv6r_67ytq6dLRiGD2LqA8aicbQkLvEEpbCqLuynm5sZvsmCl1a2TLKmdxm0_b_hofstN42jM7JfDgVypwCol9lWM0kDzYRTrJZngSUJafLBMHA9OuC3LiRsuASjmNjVuhLvz5ooQpv3ZMM4NpU_ZbdYgAEaeAYYv59U_iH2XHdqfzjuF568WkDAHUq4Dvr7c3x6s-17o7Xa1O_kfsARvAjR9ToZ_Ph0zvumqE48utWa5akBe2N5WFfpaG615mVfUydvfvRyDDhnT7B93V1awrAS3iiJdB58n4fB6xtElcOKbFMJStx_TPjLPgA5Zw2tZXVfdzQzDUgLSOWQLfJu3c6aFf3qVTQWSTeKo7lRKDXOmVh55d2oRY0LvSZUQlI7ntzhPbRZF6Zq1yJwh9_LyIDMkW2fyA_vRnmR7Gi1Npjnq5ce1SlQvbxs4RAsSJtWAZSaMZ8p8gWDeoyNznq9FSCMoO-uInISfwhxWfe33rVazeKzzVvo9Hci_M7-tZwNJxV6-1zOwjEpzyprUmmIJ4pJd4XUa71JFLaTFX7WHPLbbaBtdNd0IOlmgDF3eKRCk2L4gmay8Tai8uOL2_o98QT9KyHtHreroe18kLsVog1VTee5qau0qxS6PyE8pHjXNTPCvDHynjvsICavuNBtSfLScykx5APqfVjk8epkDqgNFsBgcNCSd44zyzid1AwcTmzAqIEstm4qHFfG1e8PWk6orGyFvgJm0S2IfH0BVYG0c4f1ZGca6OYrCl5NgBZjKJxory6AWAsHGeau2GFeEUshknaJDNTiBCQuOqjCdGBQtD30dm8EuzDwQI_h56p2NsaMG087YM0sW39iqzOzP95hob5FV8qEgaV__wy_5oB_iNfleXZlPjuIWaz1MaRm4Z15yNPs8up79JRoGOZhMu1DBC2uNHUjH8vrc-0cyS2dOzxoeVxKsM6RY6gd4H2HTQTz6BA8aNPSeXjsZPOu9njh5VwnGfu-izQBXA3UrdB31hsWk&cid=CAQSTADq26N9cL3JBTHhHC1iT5GkNFDKKJGZPlvDjMuadTizv2g-7-pvkiV-tu8CtDRTLOkX7SZ-b-5LMfFDR7AoOwUOdrEy_rUpGRMJf5oYASAT&rfl=1%2Chttps%253A%252F%252Fbg.myservername.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:55:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D073 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
348305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:06:40 GMT
truncated
/ Frame D073 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
379639dc15c53372812c8be7e2bf3bf6ae652fcb46ff9b959cb3fe0a9f4e70ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 240C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
348304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 12:06:41 GMT
expires
Sat, 18 Nov 2023 12:06:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame D690 		66 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F121764058%2Fcelebs-networth.com%2Fcelebs-networth.com_o3b_instream_onn_o3b&sz=300x250%7C400x300&ciu_szs&cust_params&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fgov-civil-portalegre.pt%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&pmnd=0&pmxd=90000&pmad=-1&max_ad_duration=90000&vrid=1267815&ppid=onnetwork&sid=817C30DC-89D5-425B-B850-F258769ACF2E&adk=2961901633&correlator=3361774632303901&ctv=0&dlt=1669121504086&dt=1669121505826&gdpr=0&gdpr_consent=tcunavailable&ged=ve4_td2_tt1_pd2_la2000_er951.345.951.345_vi0.0.1200.1600_vp0_ts0_eb16619&idt=655&is_amp=0&npa=false&omid_p=Google1%2Fh.3.546.0&osd=2&ptt=20&ref=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&scor=2284381253405140&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&allcues=15000%2C30000&mpt=onnetwork%2Fvplayer&mpv=8.6.1&sdki=445&sdkv=h.3.546.0&sdr=1&vid_d=92&vpa=auto&nel=0&cnc=22528037647&nofb=true&kfa=0&tfcd=0&top=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&loc=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&cookie=ID%3D607fa334eea8a942%3AT%3D1669121503%3AS%3DALNI_MYuD5y40rmslBnE5GFbbF3dXxROGQ&gpic=UID%3D00000b85e59e2d24%3AT%3D1669121503%3ART%3D1669121503%3AS%3DALNI_Ma6-Ma2_eiDPITTSBko9p3eXssFFg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ffc37faea7762bff2e38478c3f7f8fb5b343d9647f41a7d5c1c0142463fd362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14091
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 240C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 10:41:27 GMT
index.html
s0.2mdn.net/sadbundle/14454087912947991818/ Frame 9A25 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4b52b97bfcb8c6afb3b9db9671c022b0d55a205d60f270d8fca3ca6d67e7bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
76843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2177
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Nov 2022 15:31:02 GMT
expires
Tue, 21 Nov 2023 15:31:02 GMT
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D073 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLB-RTmqbaMlHzVbYVgZgDAQErt1QHDnk9szfOO_XjKLk2rrTPlxMppVbkLxTv5DSoG7yOVq_bF5J7052Nv9_TlCBufJfUm_xbOsDCrFPI-khdd4TS4lq4tPO4TTZA4XqWjng2NZk-YxxG2hywn2KaRwR7JXf8Vs96rcABMu08acrVqTpv_aimD8pSXnjo5yEy_tkq3O0SLFG58lHokmKYB22PWAb387NoNGicA2BKll3nbNXZYJrTAyF2i757JGW1mRXyBkgTQ2P4PJrK78GRVgDuNunRkn8TCfxuAwNO3RkDvtDyAvtMnDYUbMqW8BBGOXCzFECLbCjqs9-bJiOwzRmz2lA_q85QkIL5yU9nag5j1dbdt2nA0FRW_tTQlnTnfqEB-rEAF22VjsqDcbUlu5mbcQ-HmDXTWKN22K6_1-uSRg9ymUM3Us9gVKxyeoxFNpxDQJk3NqXu87E0UwPBOiI_8oDn1LB4WzIQZ-nBszIGpgIZul0Gt7EspZn88leNOMDjZw0iIWu1-u92MlguijpFD8XyK1OgZ0SX039uzs8WhHE4Uuv4RXm-o6EFmJbB0PCLGhOM79op_XktFdKtfwFIH0fE7rjdfBOaqQinw-ePczCdbIAjGUqKk-cXt4M2rSpYfZODuFOvKDgIzrHUHX3o1jMXr1PLFf0SczpEkZm_1AaY2BsKVUPxNM-4yt6oLr51M-t7nrQr7wWEf97-xY7MhdHMSdx70nkV05TJWsH5OF1H60AdahkLC1hloe07assPs2sh10bF6MoqziCN9oFKhU2bfRzVQezRZOl0hStE14HCVbGAn7VGxL3lV1_320Wxz-Lk8U2zHydDRUKmQGR9XLvwm48LGBDQzhltdG6DkMkHG2RwHECjkmzG2qMx8zB52L1OQaz4hItE0BgRk6rpujoYaBjc7e1l7d7N5dijZuVG1LMxjRJ0Zt8mUmxLnNTeg50rZ0qCRKf5jyeyLcR1rxxoxBl6PdpklPB_6w-42KqkP6oYHBrrFSwZg7O4m_T0yaF7isCokp62gmPy6mLOuFNgj5cBJI3b5ChjX5Ib7mZZkR9y88QO2PryHc4wkRNxGOD2Iq-wE0r_9rNP7NnhtLUvmi65tCleJbBU6zoo4VLXZ_roOSjxnfiPuj9EBzwbR-mjIyndH3Lg_ZzrmztKZilPJLop76CYpcmuEzhpgmJwufX4V-XtUMvmOU8004Xn6hqnYByHQflDrbv4V-UNqHiTEtq-kLFjUhxx47ZBSyXmFjyOSuwH2EPQSyvKUDiiPwpz2ut4QDIt76j3SQ33r5OIQjBDT-zmvSwyyjt06Yvw1OEU5PKtxed37-QZUGvnIwRSpjDaTFp2nWO4tnVQ&sai=AMfl-YT6enAUGOBZ2mcWGlY7g_66KE-YdLEbcchwJmCL0jhDX5Mv86lbCa6rFUk63skuHfTJmJTvQ8wOhTaPncgOROpmp7XSarHBQF5Cx4d_2fr84LStZxFU4bUBpNBMfjesYFQQcrvADZmuLSBvXf6lON2Qp3a4PRBy5FYeyBPxdqasIbmNV_tJgBAVI3MVXHFGNaq6y1pyY6zguGtIKD-7lHoh3YB0Ob4B9_58au7p0Rpu7DvrZ4TDvqq6hvJGBzSh4E_AMGNstVhJURCOwOddy_uKRCPRvJk1wio5k52sDw&sig=Cg0ArKJSzBIzLToup3EsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=161&cbvp=1&cstd=158&cisv=r20221110.23067&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Nov 2022 12:51:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:45 GMT
bg-x2.jpg
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/bg-x2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e302e51c868346efcf49d075b58acced2f072494e130f2506b30c5b0ff01a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:02 GMT
x-content-type-options
nosniff
age
76843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9899
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:02 GMT
werbung-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		551 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/werbung-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b088906876e9d37ae01d1df853a09d9b1560a680510b3dc942916c5890c7923b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
logo-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/logo-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae9392fa574ae2162a7081b3542b9cff574d118aefb66dc4f8de6d934fc9f407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1989
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
phone-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/phone-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3abaf0f161a80a0bc3d1c351130c289760f116f48b42d0d5d123adfcf0d6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49023
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
typo-1-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/typo-1-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02b0292303a29ddf5cbf276ad61bb73b64251eceae9d5be99d429853f6be8f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1809
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
typo-2-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/typo-2-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
638c4b39bf63f9ef16a03a4593ea607e9770d117e0ebe8e610288476fc9ec828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4182
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
typo-3-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/typo-3-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdabc1154edacd59d534f6eef590773312979ca650223b4f222fe2ded4607b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8112
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
typo-4-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/typo-4-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39c5ea2e3dd9f80f72d08eb7098200fbac4852ac3f4fc2404b934ea5f9b60cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7411
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
cta-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		884 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/cta-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26f7ff5c03cbf435f5cb6fee7872b42a5da1accfe807a41094b3eb515e80b1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
884
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
siegel-x2.png
s0.2mdn.net/sadbundle/14454087912947991818/images/ Frame 9A25 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/images/siegel-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be115b36796b1b19370e49cb1189f28b586605db81ae125f44b257b61472913f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5138
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9A25 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27635
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 22:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 12:51:45 GMT
creative-5.1.0.min.js
s0.2mdn.net/sadbundle/14454087912947991818/scripts/ Frame 9A25 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14454087912947991818/scripts/creative-5.1.0.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe258f381631a1fd2607eb42dff5d3e5450e98a0690e963ca82934ab96f5435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14454087912947991818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1213
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 14:05:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Nov 2023 15:31:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 240C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvkZ04cV8Y9i-JYyB-gadoL-4AgAAAAA4AeAEAg&bg=!YGOlYyfNAAbvMpMzzzI7ACkAdvg8WmmRp_i4SCZd16Dty8DFketuivblDXB1LdRTncEn4AhoQuqdpwIAAAB4UgAAAAJoAQeZAvQTaukMrV7uK91m3N9BD4Oqg-X0uEjUEroqa9koVazhX1NTua-u5ka5yD_SHOG67t8tFE_03lBIUUZvrcheQTWYW0V_irHii7Ufcwxr5xSRV0FnF0ZL1d3sDjCtRwlGMEunxnAGgtIcjzcQujv-ZXt-9hBo_GKKbbSwmUHk3_Wky88ZZVV4t34SmA5PcEgjoi-D8zw4hUnwA2Uxy1BKH5oSgr2zpT4UCuTo-v7LihEEqS-DrVMAXDFxOV3z7jmw1VLYQHHoGxWluqMuq7tsU8LK4uFjlLfqeg8fuJFdrBxBkIzoyjyEFrmlQe43dXZ2LlU-cEYxcuRFcddkQrgi2FdO1nwXZOstN76w0vmCv-d3Ql6D1ay_X8GyCZdGaKRzN16irq09jcw8M3swR21xzja4BqXtYf3c7B7qOodDFgx48OKnkZn2AiI-Ak_ueaesXab88eOi4x0RuuIpdGdBCyPOKuD-BCHNOIOmDAyGE_GgC2VwokQLVupIw-oEkmQCapnSFmqP0fdYF_Rorj9YAASF-ePV6b9EHi3iTJaByjVxLpLU5p2a0u-sdiCQz0buFvee2lhOsHr1zh6BmHbRwACfu71xlfXeADl-KuGvhRJuKRUHsgJEjHs56bnH-pxDRs6ZhDMiqCns7sNHqGzBEL1mvkeN3E3wnqQkLXfmpYCNBrDcyBQDBgQf7gn8JqZZ4n8P5Vzw9We25GZpaCGkMnsDY6DDbHjhgtWabzgOrqgYXT1oIkLE0Piaj8qn-apgQE6WamHgMjLhCPpFvXM53VIewELfUSmf_uViUmgcNQ9_vO5kT42rM-aQBGFPiW7OHcLkeqAV6jFTpJcSsURkt4iDB_bDYSgxtD3-iLaa_4kXZh3yzwjRlNAQsevrkbrppUAKfIvJbktFvtPjtd3K7O2f8fh7aDPcsMWIzOfsl23DSZJCrpN59T8moMqULSy7yGVQSzGrmf7iFM0eQwzy5GUlvkBRh4SMFMryDh7jOaARPUR65sM
Requested by
Host: 28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
URL: https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D073 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLB-RTmqbaMlHzVbYVgZgDAQErt1QHDnk9szfOO_XjKLk2rrTPlxMppVbkLxTv5DSoG7yOVq_bF5J7052Nv9_TlCBufJfUm_xbOsDCrFPI-khdd4TS4lq4tPO4TTZA4XqWjng2NZk-YxxG2hywn2KaRwR7JXf8Vs96rcABMu08acrVqTpv_aimD8pSXnjo5yEy_tkq3O0SLFG58lHokmKYB22PWAb387NoNGicA2BKll3nbNXZYJrTAyF2i757JGW1mRXyBkgTQ2P4PJrK78GRVgDuNunRkn8TCfxuAwNO3RkDvtDyAvtMnDYUbMqW8BBGOXCzFECLbCjqs9-bJiOwzRmz2lA_q85QkIL5yU9nag5j1dbdt2nA0FRW_tTQlnTnfqEB-rEAF22VjsqDcbUlu5mbcQ-HmDXTWKN22K6_1-uSRg9ymUM3Us9gVKxyeoxFNpxDQJk3NqXu87E0UwPBOiI_8oDn1LB4WzIQZ-nBszIGpgIZul0Gt7EspZn88leNOMDjZw0iIWu1-u92MlguijpFD8XyK1OgZ0SX039uzs8WhHE4Uuv4RXm-o6EFmJbB0PCLGhOM79op_XktFdKtfwFIH0fE7rjdfBOaqQinw-ePczCdbIAjGUqKk-cXt4M2rSpYfZODuFOvKDgIzrHUHX3o1jMXr1PLFf0SczpEkZm_1AaY2BsKVUPxNM-4yt6oLr51M-t7nrQr7wWEf97-xY7MhdHMSdx70nkV05TJWsH5OF1H60AdahkLC1hloe07assPs2sh10bF6MoqziCN9oFKhU2bfRzVQezRZOl0hStE14HCVbGAn7VGxL3lV1_320Wxz-Lk8U2zHydDRUKmQGR9XLvwm48LGBDQzhltdG6DkMkHG2RwHECjkmzG2qMx8zB52L1OQaz4hItE0BgRk6rpujoYaBjc7e1l7d7N5dijZuVG1LMxjRJ0Zt8mUmxLnNTeg50rZ0qCRKf5jyeyLcR1rxxoxBl6PdpklPB_6w-42KqkP6oYHBrrFSwZg7O4m_T0yaF7isCokp62gmPy6mLOuFNgj5cBJI3b5ChjX5Ib7mZZkR9y88QO2PryHc4wkRNxGOD2Iq-wE0r_9rNP7NnhtLUvmi65tCleJbBU6zoo4VLXZ_roOSjxnfiPuj9EBzwbR-mjIyndH3Lg_ZzrmztKZilPJLop76CYpcmuEzhpgmJwufX4V-XtUMvmOU8004Xn6hqnYByHQflDrbv4V-UNqHiTEtq-kLFjUhxx47ZBSyXmFjyOSuwH2EPQSyvKUDiiPwpz2ut4QDIt76j3SQ33r5OIQjBDT-zmvSwyyjt06Yvw1OEU5PKtxed37-QZUGvnIwRSpjDaTFp2nWO4tnVQ&sai=AMfl-YT6enAUGOBZ2mcWGlY7g_66KE-YdLEbcchwJmCL0jhDX5Mv86lbCa6rFUk63skuHfTJmJTvQ8wOhTaPncgOROpmp7XSarHBQF5Cx4d_2fr84LStZxFU4bUBpNBMfjesYFQQcrvADZmuLSBvXf6lON2Qp3a4PRBy5FYeyBPxdqasIbmNV_tJgBAVI3MVXHFGNaq6y1pyY6zguGtIKD-7lHoh3YB0Ob4B9_58au7p0Rpu7DvrZ4TDvqq6hvJGBzSh4E_AMGNstVhJURCOwOddy_uKRCPRvJk1wio5k52sDw&sig=Cg0ArKJSzBIzLToup3EsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=361&vt=11&dtpt=200&dett=3&cstd=158&cisv=r20221110.23067&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: bg.myservername.com
URL: https://bg.myservername.com/python-variables
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 12:51:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 555E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_53dIBUnMp1KMWvE1T0jvYC4cRo7zBkWmdVbqaHMa8HdQD_Rzp5y58kHqrFgX-kryVpuk15EkUSg3zh9ros7wei1mUuwnAflS0o2lRzfWUAfipbgMWtwaKnXHwCaAyS8_Jhz8Qg&sai=AMfl-YRUKMo9lziH4HQcf7pSFdWYa00nmmKLOwqnvos_ArMT-WVfk_UeweldIzZAngM1BwQXWvmocb4GwjffRS9kWyfA9fMcFBVdvkGwvAsVyYCYz0-UltRvylm4qCe78VmLJo9hnrFm0iVTLwkdXZOX&sig=Cg0ArKJSzNjNQOTbh2VqEAE&cid=CAQSTADq26N9Nds8cQXNsT7qsuyNxkmXsEXqqX3tSLAnIoSfTEJ5AuROCixZutFifnVdXMvo41gaJRC3E54wdeEyxMCJKpjwigdwhaLYzowYASAT&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2275568123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669121504832&rpt=219&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.myservername.com%2F&domain=bg.myservername.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bg.myservername.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 22 Nov 2022 12:51:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
392164
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.myservername.com%2F&domain=bg.myservername.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=nUCG83xUZnFNWjZtUGk1ZTVXZEdIUlVRUVlaN3ZvVzdYeHJ0T2VTZnVvT24xcWVYQnhUUWRmR0ZQNUwzWVB5VWNlNmdRb3EvOVlrUUc2WVZGQktWVytaRkRiNkUwZUhkQ2hXMS9lcHNHQjczOGI4QjlPMHp5Y05YaVZwTT...
376 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nUCG83xUZnFNWjZtUGk1ZTVXZEdIUlVRUVlaN3ZvVzdYeHJ0T2VTZnVvT24xcWVYQnhUUWRmR0ZQNUwzWVB5VWNlNmdRb3EvOVlrUUc2WVZGQktWVytaRkRiNkUwZUhkQ2hXMS9lcHNHQjczOGI4QjlPMHp5Y05YaVZwTTJDVWNaaHpidGl3SVdOWTdzZU5DYXBMdGVyaG1kSFBmSVcreXFiU0RidlQyTXBQVEhqcWlpRzMrTi8rbnpyVXN1ODZ1NmwzcFpzQ2oyL0VPb016VityQ1hKQ3g1RjBpcW5oNUhybWdkVlFuMmZRbVVyam9XR2MwTVJzYWUzQ29tM2xBMmt4bW9lfA&cppv=2
Protocol
H2
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
a1f6546df815c8bc1627449be83a59b34ce8d148c85bcf8e994f0e498d2d7eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1366971
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=nUCG83xUZnFNWjZtUGk1ZTVXZEdIUlVRUVlaN3ZvVzdYeHJ0T2VTZnVvT24xcWVYQnhUUWRmR0ZQNUwzWVB5VWNlNmdRb3EvOVlrUUc2WVZGQktWVytaRkRiNkUwZUhkQ2hXMS9lcHNHQjczOGI4QjlPMHp5Y05YaVZwTTJDVWNaaHpidGl3SVdOWTdzZU5DYXBMdGVyaG1kSFBmSVcreXFiU0RidlQyTXBQVEhqcWlpRzMrTi8rbnpyVXN1ODZ1NmwzcFpzQ2oyL0VPb016VityQ1hKQ3g1RjBpcW5oNUhybWdkVlFuMmZRbVVyam9XR2MwTVJzYWUzQ29tM2xBMmt4bW9lfA&cppv=2
access-control-allow-origin
https://bg.myservername.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
550344
content-length
0
expires
0
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd7a6ef6993ed2d830356a445335670e3b8dda8d965702f66bc9075fd0381609

Request headers

Referer
https://bg.myservername.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 12:51:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bg.myservername.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 22 Dec 2022 12:51:46 GMT
/
onetag-sys.com/usync/ Frame E748 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1669121503586&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbjs
sync.quantumdex.io/usersync/ Frame 75D2 		4 KB
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f72b7c6df379032dca5832f7c2671417813cd1f5c738882dbeeedf1c2df4db

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
76e1cc69a8369960-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
/
csync.smilewanted.com/ Frame DE7A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65117a572a86879965a5de8aedb23e74506111ca66950b37a93ec4f47b2fa4df

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc699b188fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 8A4C 		4 KB
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048d15636a16bdd7b1c0c7be377639d21ebe075b45e8a4ef86282fafd25782b4

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
76e1cc69a8389960-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
/
csync.smilewanted.com/ Frame 5A82 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65117a572a86879965a5de8aedb23e74506111ca66950b37a93ec4f47b2fa4df

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc699b158fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame EC35 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65117a572a86879965a5de8aedb23e74506111ca66950b37a93ec4f47b2fa4df

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc699b198fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC92 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28783
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 22 Nov 2022 12:51:46 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 470899
X-Served-By
cache-lga13626-LGA, cache-hhn4067-HHN
X-Timer
S1669121507.846911,VS0,VE0
/
csync.smilewanted.com/ Frame 4EE6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65117a572a86879965a5de8aedb23e74506111ca66950b37a93ec4f47b2fa4df

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc699b1c8fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 4A70 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0af6773740267f43912e6daab721f9c9354c74708c83ab125d281d614973a1a

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
76e1cc69a83c9960-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
/
onetag-sys.com/usync/ Frame 9A08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1669121503587&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1BA0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28783
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 22 Nov 2022 12:51:46 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 470898
X-Served-By
cache-lga13626-LGA, cache-hhn4067-HHN
X-Timer
S1669121507.842054,VS0,VE0
pbjs
sync.quantumdex.io/usersync/ Frame D789 		4 KB
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a735eeb1d72a5d5935d90ea0001a67851517567624af9735044062521e3062

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
76e1cc69a83d9960-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 12:51:46 GMT
server
cloudflare
/
onetag-sys.com/usync/ Frame 5EB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1669121503587&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame E70E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28783
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 22 Nov 2022 12:51:46 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 481414
X-Served-By
cache-lga13626-LGA, cache-hhn4046-HHN
X-Timer
S1669121507.842235,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame EF41 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.11.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://bg.myservername.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28783
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 22 Nov 2022 12:51:46 GMT
ETag
W/"623de86a-cf34"
Expires
Tue, 22 Nov 2022 04:52:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 472143
X-Served-By
cache-lga13626-LGA, cache-hhn4058-HHN
X-Timer
S1669121507.842522,VS0,VE0
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:46 GMT
server
nginx
content-length
43
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame E70E 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:46 GMT
AN-X-Request-Uuid
8f7b6d4b-af97-4a4a-bcfd-e02c090a54a5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1BA0 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:46 GMT
AN-X-Request-Uuid
8019e162-f962-4b07-8ef4-c2c62c37996b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EF41 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:46 GMT
AN-X-Request-Uuid
9032c12b-cb29-41e4-8c37-42dff5c78596
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BC92 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:46 GMT
AN-X-Request-Uuid
81af3ac3-ff1b-479b-a9ea-722334f14268
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 4A70 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 12:51:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 4A70 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 4A70
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b2bc59960-FRA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:47 GMT
AN-X-Request-Uuid
0a173b2f-aab1-468a-8cfb-2b8bd169c9b1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 4A70
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6bbd1e9960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
ssp.disqus.com/redirectuser/ Frame 4A70 		0
0
setuid
sync.quantumdex.io/ Frame 4A70
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6c3e4c9960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 4A70 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cache-control
no-cache, must-revalidate
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
2nVmm2bZuh6X-jENWP4COfRtXja4J8BTfOZDesiSmtgase_U6QBeGw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 4A70
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b9cf49960-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 22 Nov 2022 12:51:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 12:51:47 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 4A70 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
0.gif
id5-sync.com/i/495/ Frame 75D2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 75D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b2bc29960-FRA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:46 GMT
AN-X-Request-Uuid
f6fbecc3-d2f9-45f9-bc71-5d519c67a1e8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 75D2
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6bbd1b9960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
ssp.disqus.com/redirectuser/ Frame 75D2 		0
0
setuid
sync.quantumdex.io/ Frame 75D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6c3e559960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 75D2 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cache-control
no-cache, must-revalidate
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
Q0jA7CTY07Z9QFgzz61KWjGdJeWnNrshE-GU3dNRjXS8hhS2adx7vA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 75D2
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b9cf59960-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 22 Nov 2022 12:51:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 12:51:47 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 75D2 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
pixel
ap.lijit.com/ Frame 75D2 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 12:51:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
v1
match.sharethrough.com/FGMrCMMc/ Frame D789 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
setuid
sync.quantumdex.io/ Frame D789
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b9ce69960-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 22 Nov 2022 12:51:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 12:51:47 GMT
setuid
sync.quantumdex.io/ Frame D789
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6bbd189960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
ap.lijit.com/ Frame D789 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 12:51:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame D789
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6c3e569960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame D789
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b7cc59960-FRA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:47 GMT
AN-X-Request-Uuid
b746a6d3-45ad-47ef-8225-e8b87ab62eb1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.ad.smaato.net/c/ Frame D789 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cache-control
no-cache, must-revalidate
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
UmDIvqQBLljvZh336gwzVmu7sAhmZhyiwROqBiBTlWuyPEqEbO3M6w==
x-cache
FunctionGeneratedResponse from cloudfront
0.gif
id5-sync.com/i/495/ Frame D789 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
ssp.disqus.com/redirectuser/ Frame D789 		0
0
setuid
sync.quantumdex.io/ Frame 8A4C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6c3e549960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-OExwJwBE2uEzce1LMJEjO51z8sN4Ln0fF5_uxXc-~A
date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 8A4C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6b2bc79960-FRA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:47 GMT
AN-X-Request-Uuid
4de3aa68-7f48-4469-a455-323931aa9be5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2561957919951169474
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 8A4C 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
setuid
sync.quantumdex.io/ Frame 8A4C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6bbd1c9960-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=cab826f8-efbd-5246-99ef-412ffa9384cc
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame 8A4C 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cache-control
no-cache, must-revalidate
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
7O_ubwBjyI651gXF0EoGcMaIYPbusH-s9ZyD9ASWZIxlfbKzWsHhkg==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 8A4C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6bbd209960-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 22 Nov 2022 12:51:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 12:51:47 GMT
pixel
ap.lijit.com/ Frame 8A4C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 12:51:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 8A4C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
ssp.disqus.com/redirectuser/ Frame 8A4C 		0
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 4EE6 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
334826
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
76e1cc6acd988fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nUCG83xUZnFNWjZtUGk1ZTVXZEdIUlVRUVlaN3ZvVzdYeHJ0T2VTZnVvT24xcWVYQnhUUWRmR0ZQNUwzWVB5VWNlNmdRb3EvOVlrUUc2WVZGQktWVytaRkRiNkUwZUhkQ2hXMS9lcHNHQjczOGI4QjlPMHp5Y05YaVZwTTJDVWNaaHpidGl3SVdOWTdzZU5DYXBMdGVyaG1kSFBmSVcreXFiU0RidlQyTXBQVEhqcWlpRzMrTi8rbnpyVXN1ODZ1NmwzcFpzQ2oyL0VPb016VityQ1hKQ3g1RjBpcW5oNUhybWdkVlFuMmZRbVVyam9XR2MwTVJzYWUzQ29tM2xBMmt4bW9lfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 22 Nov 2022 12:51:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
383594
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame EC35 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
334826
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
76e1cc6acdac8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame DE7A 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
334826
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
76e1cc6addc28fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3C4C 		1 KB
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
618abcb48e33b67f8beb9e63332fd8f7586be0242a4ad174b73b32827e9fe7ef

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e1cc6b4fb15c44-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 12:51:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHofnVg6UWDx4WMfF2MO%2FX%2FAzYKnCCCtGb50FX2tlLinEWc0MjV2DTE%2FGCVqWiVLXt2SAKIQnO91jlTI343pU2p8vE%2Bb3r%2FBrFe9lFrpPmY9Y91sIQ%2FY4qZwVby3rJDW%2BL3pdumEkNTCyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AB8E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 12:51:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 12:51:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 44FE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92554
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5614 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4441 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FB5D 		2 KB
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
00b6cedd63891781c691da97fa1da24c64d8b59d6668c7bfaac6572f4f3f2431

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e1cc6b4fb95c44-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 12:51:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzVzxu6r6I4alioDfbkh3uv6O0oeBZxwKDcd1WHju35Pboo9NNCSHvwbo%2F0XkCmK0be1sPDqbFehEezLvJZJM1J%2BSXrn8EeO30TXYC8gAQGc%2B88XSICMFFvY%2BdgteBMWVQt%2BgAVZb9fuCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 79C4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92554
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 7E72 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 7231 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
usync.html
eus.rubiconproject.com/ Frame 593A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 12:51:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 12:51:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
pbsync
usermatch.targeting.unrulymedia.com/ Frame 6F84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C263 		2 KB
908 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a301031b6dc880385b83ce08edbd55954568e57126d2e344b0777c75c9dafe4e

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e1cc6b4fb55c44-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 12:51:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR7v63ACw4BCxa4TX9SEuHpkKQytrd1STX1MaIovqBJMlYqf0rG9%2F%2FlNlZBlNhocQ%2FoAGN%2BGrSIivUMo0tmsraLxO2Bb3GB2wwMX0ksWHhWcE4ScMHanER6WxHOJOFdmafsDCSgQpmgUBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB9F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92554
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9A63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 1389
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 12:51:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 12:51:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame 11F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
84f1c98d61d7111c94c440e1881db9053c3ea9df543fda361d15967980491217

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e1cc6b4fba5c44-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 12:51:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FETlRZOh2qKSrELvaVr9%2F7nJq6ZdyM8gTvqCRQskGFyz6FyR4Hyv3n4iXiVpU2yx5pPfnTw1XqMYH%2FUa2tN9WigsJ45XW2xEwDZca%2BAiU0dQ%2Bw6NEodzgAHgaNd4tAtYtAdnuQzMB3Yzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame DD2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9172 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92554
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 6B2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
usync.html
eus.rubiconproject.com/ Frame 0C84
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 12:51:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 12:51:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5A82 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
334826
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
76e1cc6b3eeb8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vast
bid.g.doubleclick.net/dbm/ Frame D690 		32 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D28lgS81PEL6AvvFoEU3IEbu-fUD2YcBJ9ILet5ktRm7br66T0jNi0Hyb-NaoXnah04mSJIwiLTfVBWpe2ZLyoICjXpQ&cry=1&dbm_d=AKAmf-CC19DMafAfygLRFnA1N1T7OT_JLJJx6d-o0LwhsimvMqDLPx6stJ5bXhPWOuU_A0Zm4T9Jg3x7Zg8eDto9rl1i-LGpglNDWTR9buNv6UW7vBoZLVxDS8NUjiQOhJuHx36a24jm9klMN-x70dR0rRT-TLoPkjvKr9fy8WfHUsrDYzldr8Gpqotbc8G5_aQaQHlg9tfHhh1x1E_4DAX_O97xNZShozz8Is-2YR0IvcJ_qDJQfvNoMPuBEZRIpqVnb0zHk1ZVPrFiM0VE3Vay4VeVGQdKKdFIRB2q8TiE0Ok87ZlqkmGIHRpDoEKORIH6Vw08wDXXEuG8e4qqxeCaJFw_4Fut_b0hMVldrXg-dUQxgZTSwsJDm95OuhPuHSt9UATATM0DokfwUzGkHE2UAdsC8TaegN4EPQAnd1s0cctXMQ3ZQz7Vv0Z9ue-xp3jGjjOZ6oVdFKs2QOpK1D2V74XyJM-BUUkRTCMzi4AIeNzvgS4cgJRv8LIQZsLQIt4lXENlS9lC4i42u5mtjPS4QctRG717AdtPQcYS_RQ17QMJcpr1-bWM7U9esHrqMYWfZiIHAUBxleFz8ZOww7NABdPZJTKQ-7HOzl2xDkLoyIiMoxhJypVn9QmXuotNZEu2mat9-3NZ4scTMSWfKer6XkFytLDaKixiM8ORY-ozBTBlCfogzcFxwt_TtS-7l1JX4dxUwElh96JrP_rY4zF3nPDEqFqVkiTFn8nO9BbDo3_IpG6Zw8EDifIYDiKGN_IMaBcXHFinHVQWxDPxuy3mR-l_-pG6Zx8ADhJHMNXJUtShN_vQ7kCiqAKJ_ffAaOfNjA1Hbmn1Uz3eQI607nFN7RYDvOCkvl6ZJNkVFifcUkh3CKga1zMg_wsA6iVwlUtVZAbdr_CQ0cKX-iJ9-8Tqyf0svEJyUTpAHGAI0IKlYsXl5ICIQ-XUkqz0wd7TyFfBSnR5X7l6IcbMn0vS9CDw7xMkuE1gY1yLnYMRZ0DFLQqn3LAP-UALN35MdzTHHn_emXalhpuOp_PX8PpGphevuICwisDdDOpvr8mokrcb9aE2lenIhYnLavYP_OmtMMh_59ACwu9oyGV9H2yYkE3ua4l1h3hM46DqTiMy548WoTgs-vzhrMcgpy7A_hOZLN6jKaaFHynPkkB1Jb8dyRCLIIhsaVy_gLT6XomswsYdQvpnKYT0PlW7EOb1lk35tqX2e3yBJiuxBs42nslCMtMPwL19q_ygoAl54mfcvxnsAYJmDDNUaBnJx4_Z3wXaYnxCuP9VlM_rCBI-XU2S7pD50yereYWeRRIWT0l-6xKXKxDXrbYyV1fTRSVWpBkiqDNKcggavzFJYo3_1UIy8rX3QH74D8Qd5EkQ93SzjPFK2zbRXruz1iTseSBIiv2K901MadhREZyjd7RN7Nbfk_pcn17PkJb6VH3stWKLbarnpwvR-JovLBENaCP9871Xgs2GMMjR5EHZKJ9EB7M6uM2YTLMdtKL2BZX0zib8EkUL1EbT4J1bH-cezUNKvb39KI794wazbLS--kt59tUhnUwXcD6Z1r4v38zw9VDuWNJ1FZO2Ha0hxYQTq9LkNyUPSTAI3M21wBopNbnMMtVdEBwvY1el-MOUGvO5IwNHGuYkZ2_jzLW2OtkXgl9By_BDIrib55LqltIQu5SMwMg55bceZAS7xzwiyjsZI_QVbSVPuNT_TxPLPEpPaYlJzxrvJn9vGWfPmahuT8K_r_5hMtZJkLYE7P5FbWnW_G33NTNvjIn83qPuq3DpALpXa0iPmmtzOf-BDf1dszM6geTWEE_UFgweYrD4K-Wmk7rtiFHTLd15y8_TZgOBHYUxZHqRh9emyExQ5uaa9tAr6z93nA96MZkDoYbnxS4RR0HiI8XOrcir95L86_uSenFBJHDGqFm6dgfiv8B4cNlGKwScwr08qvlKmnlJjWPW2wpLPsaSD-bWTUibgkkEZQT0XNpxJ9zCnRxfPidaSCcMO2RwA1Mg8NZz5klYkK5r03W6vcKNXdvHk8JFSABVBPeNvsXP78EC06DNjMZ8CRl7AwPW4YKh6jeF87-PwfmW1EvQ5IhO6wb92hOn5aQ1lYaMyh0TSoGhXsQgT0_bw19-BCjw7e-EOvW9qvsxo28goR7xvphEXCYvpFsWU7wSF6TerxtwBqXkkly-kdqdh5f2tZKf1OflplmJQzmOffhmt0yA5kxvIKHKzcMHBMe83r2Hij2JWwUCENgszmBTlRtDFFNM5w6zXJI4yffCLf1QulHLx_QKyaO61Jsh7HcBLa0UJfSU6JkAAj72LAM8J5Y90qt3Nwe9kiky_qUXj2l4HshA0xdKDoqwKxYoYaAhnljXL6rULCnx3TVJ1pZNoqaLkk9uxXDIXEo9EJGfTZWQnpsN79U0eXx68U5BKnzQWq3Ypa-MDxUROSF4PPf5WC4h9HeHhpzJiykDZRo75QY1m9r3P_iteoP4lnmxfqiiRJmh4frpYKVCAc7pr5WaniiHSnP4rfpVV3eLUu8wmqwNpgvm1HLjikQvCphlazEMomnDjjTIfRvS_SF80AlwB4swlNSICdM4OC5Jec4d9GJPLOPx9mA5v3ahocvFKc_Hgb4ah7eMjsbr7hHgfGcWryQI9egKRvmsunTd6i9JIpy9hlTmrW3sw_x--6l4tTdhZzxeyj06LJllbXEakGU85-TXn4FKQPW5d_6boxyOMUOXbyXqy0c86OAf5KmYxq6SAI3H_PdIpGMsHyKjWoT3Kheragyj6ScNJ5Ka-Zdbfe6Vbg-FJ37nld-TKoYIG92Q7gvEFpSOV1X5Kllo4pw_mWONpbk9z1pREH4PLMOWymkEc9q-ZeHqX56v256LygbIcyedsD6qULTp_eRgvcUUNy1s0I94zNESaElMovSw_nT817ZWniZMXXQTmUNyC2g-ogWB3Sywwpi9PJ_l79aW9kIByTh8Aq63qvROEyWeVJCjV5Voobr6Uaf22KPSGIHSO-eCDKK-T67aHUneFRaW4gvVePmIlEuNZLgPB4sL7BRkB0dyqxHqZ2L8WruJofhuhKQfvUKlNoJFJIL3wDbEFD8O8tKJm3HNuLBd4ijcCJgnzXrYTHkDchbyRV9wVkN2Ra6E7BlYhKPXZBMLLUPmNvRyzFqr592XComPzKX6n_rJbCvY14g2So5wtGZTrR7kBy2QpKTcUxPTvuTvZ0LjOUapKk3CeGeuRpHyPPQXqgBBpa_Ibw4V_Wb02M0JcVdYvS3T9R4ZpssYBRiUNK57KRgIXRxhjT-8SjfAN6HeYAd2433mT2yOnBAInDjGx97qTkOVhQ8sqmi5y0oKAZWKqD-eJDeKTszAeNKw2fQyzqPc3cOxoxdDT3zNvrSyOIgYUQtoePpTXCyTq653JeNd7Smyl6aswI5NTN3R5puu9fCz7Y2RbBGdHJWT2TaH-pJE7yBNGkSRE2XhG2Jo5Zd0UVGaqUM7zw1rhv61Aill2qfhD0en1BO0By9158pIAnE2pO64xrEz6WSKYmtLQAmJJNju6VBKGhu61FZqjZx4kmGbQPmzB9aevxH5jg0aFEHIPrfkmUUsOsI1JnkObUsTqWS0AD4rCjRwLtwoSZNv1xa1mdmn7siX_ZL3xmJJcaJVthubyvQ2K65ekUAgiQRJ7dM_QLT5wwhlKUAEsDPq9TeHVu5o3uv0BBo5aSB8h3LYuTynwEEf1KV9_ecRvN6dBwToLu9p7n9Z895abl7ZAdpj29-quDluxmaNdKNJU4fKBczjPc2Wm2w_7e3J4Vw8VKjZ_-tVH4p3j3dN6A-M6-y8pQELTAGfKVaB-HjktLvElmY_0XsaaC73Eqnlu6f5P6WI0NDkkvt-7meEJ4L-oKHRxRoEHF4zodQgez1zrnUJbcpgXwLjmuyZq-xkHj-WKTph27LiNQEIaoHFXMfYI7QJGzyai5CXX92grl0N8aEkHRCiQdfW0uULB_4kYGS4IjbNWFSrmPA5kTNSeo5W3btiacecGL-xF8E5QF2SGgtTDeAW-xsfRxkigxVQKJjfHVx_9oQBtTTqwqvs6FDaqOEdWqDHPHJPVCrfyuEGoBaTHU7AnYjdS99K5LSYhwkE0Bd9NodVc6WK8XDFTKfpOlhhk281Q-JonZoFbIaLYhVtbH4qceqc2NIAuPQA71FN&cid=CAQSOwDq26N9ISSt_Nt6vBIoNos-G0TxI_Cl1t1S1mKPFU429WldLTzA6Izxs86Esx86gSw0dsIuknleuNSbGAEgEw&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr=0&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2961901633&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=817C30DC-89D5-425B-B850-F258769ACF2E&nel=0&eid=44748969%2C44765701&ref=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&dlt=1669121504086&idt=655&dt=1669121507061&ged=ve4_td3_tt2_pd3_la3000_er951.345.951.345_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
cafe /
Resource Hash
8375345c7b6d70c741c7b64b9b09065c34beac9c60d8fac0b7b990a1b66dc385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16861
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame D690 		30 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Cd0lqLz3AdABwbB_cfhFzxh5xlYBQrbH6rZ6rwytpBza1uCcbdzvwf0MnK-MqI1jvqlBzp-DBdI5QJb14zlkC77WuY5Q&cry=1&dbm_d=AKAmf-Bd8bunQmQjAohyzV-i-CjpD-9qJFDLFbc_M2m9kQkFuVg9cYoJRHcrd7ZQt8MUUGo4X8lsy4I4tKLV53O9-_65Nzh49j6CSjxdxuF3bI6OKL6IohSiWvJBh9xDhdrwTuFnxWNtKDjEIEESxkEtpUKvWZ9LGkfAdevEfPWBoWJw1QOOL0pZmWV8MCSu5IRHHj0ZX3TlhKHlsb5N_6jtipuuV7SVKv_NcEfmg25iOIQTz65g_UwpzNFqCRNJGA36htD-0pLLZk7p98UFVSB1ac-PCPqWYWiOwcjbt5_LwVHzPzohkoTL3CILMpDqhoaih_LXY0zN9_vKt2y5nzduvsmvsj6yVvrS4diy5Rt7-56w85ZZr2FFW8s8f5mfY7jh3OHaboJU7SNKPon-IffceTczKSLUrTWWb64iKlQR_EzOrIeg2UoDh_leo1w31lJ4TK0l7El4fgzWgdZusHBdLGcBnGIddtYitkDBySDm5S0lody0yCGEIfTxS9yhAPITxDO4_rU7KSDOkyg5tsbKYm56FaaNY5PI4G_9UOGO5rsPBbBS2r8iYtgUGpEpC8YcHiNpOLtiH6gnQv1hZHUNZQRgyfnRUx6cZHedA2q2IN_oA4vKFf1VvBH3QwNkZdOK89heWNaMPtd354dCvN0hcIPrPUxyK6ldcrJQ7WQGOOiqs5YdHGXLNWQ5flnenzl1jwqmvwy_ppG9QJUXD-CN15X2HwAqVK-J6v_DQzlrgNP9PlChqmwwAvf_ZbEAx66tef2kCVMvytCWdi30IDQwxz2chQnuQndujPaa3smBTfo_n_c-HSKXfBZkzqgf3OWFcezaVXytjiPoUKpWOSExK4aDEG-34fY6ukBGOK32iT3yWYjsgvGSrbJ-ayylUc7oCUBcumLlSE525_7r5w7J7tz_mivNdiRLMpf-Y-DhRc-wY6FNOYYdznzm5zMmEt7CwWuUPJI3lyfwb03xD-EK9Pc5RAL9T7Xuko31E8-eKiPhPQhrVjrbuUSPxye19KBA-7vZt0RN-YQptCOpSmk69d5XmGieFmYc--0RjEI52-qdTQyf0ijjjdPFrzMVbPRNnuNTro-Bd6Qa57DRLGQfdfkV-1BByphrCvG1JHy-EhSXCKquyeJLMNl7kuUsbKTsDZ_oDWrs69Qn1nuJ5FI-A9sVUcxrP-IgFO9lSBV1p93pIFvsIZjvv0pjSpuTEH29a-AjL3Oo_uDopExmDWzSQD4bXJbPK_FWXD7uUfyM3Y3baQfnP5KuaEnycoKDqPiEbNMNazpY1JPJGWt6mu2SxjHY7-uTAC18tJCftM7ngAqtk2Xu2wJdAnCmUxrCL_pB9Q1VWJkd73TalJmkxemvmZneYITFEPAPOm-P3fQKs7SnQXUBwll5lwAFQvF9Ms_LP5hS7NRbS94LkXw1P9SR7BLIrGLV7tiFKhBpGutZYFmE0FcuNjfcPgtma4XH5XBzK08bwh1bQHJ1rUfniYNw3FOEilFyjUgZwhN-WJfg7hH52YPrTxVshAdufyIOm2btBUHAyeUdIECLb3GuYX74nOgnkeQhrK4NtCrF7Rm7QCUmR8MVN0wQ0BaYKUTUk2LjfyZB0FPVXOyi8UZzG1mp47LAluOkoB-XUkp_OllXDDIK8G3vDiG8lC_Ia-JSq3Ar0T1saBkLmH1UAag7gwa2gV_k-twz1ujfMBTpQtQlSFSNFa2UnIGnADRhWw_NpNolusqNNqYiIydapOrcDMXJuSRUk2Aajj0UsreONevBJXaQ6tkuWaIVhNr37RjGpu2CsXq_1uCuw2mob45D4d5Aqhg4yXt8ECzb1T-RveRixTY5RCa2HvD-ZQmgcqbfdFQ3jZ8fTsKG5xpA0BD-4pZWA5q621rYyuqUtSKh303KntQkaqhQuiYArMaw8ioc4G-sVT2pxzCQWYNZgNdb8KgMIhJEzoeCKLjysr-d0tDuBCzAgm16fEzPvI4lx0t6v1yyePqAXRhlI7j43aV93wm_tZo3FwwNhdqxuYQAR3CkZOF9Sx5mInUHkRauzzjcGqk0RIyKS4RwUNczPg7NrlqZs_XNd7Um0hgVYZuPCNc1Zu75o6LjZ9rvDWNgsI1OR-t1ez9HKnWFu1rZ2jcnXouMrXgMm1UiQ2EL_ckvZw1xiM3Hot77StjxbkdRZQUJusbxpptlq_bVcXTxrgxFsd10mUZXEvVGZQfNxIc8s7_5_yHIhVX15dAfUjAiw_U8qB3aUPBUZY7qkGi7fYGt1Eoii8g1rUlhuf2z69omx2IIBGLhgXrHWhk2c8c7ktK1YazhbHCJDVQbEUiMLVDB1A-JxlxA-lDNKGLczn92rJnviUjmT75bzWPptlaHuu2Oq3ZJYBfhEt52qVlBWQG9hY7sWmR05DEw2fliI73UTtttxwLGNjqlUxbM9jkAa0hLzHvLuDPHOhBDrRM3CxWzc8mNa0HPaVhQ9iAps1OicenMnhErK4zH2XErgyCzcxHsZ7hi8VPc7RiCB9J6gFJvrqq2sRDnXMhng9Xpz2DbnohANdG1jGh6ZVQ92C6V0p_IXi7g0q2Je0EWdA0pm8TP4-Aif3wN0zHwIXf-nCRd4fEXgRjTRvcLSI9s-8P-mqEv8eCUqOEEfGwBakSN5Mcer2EnDG4bMXI-RLu_dflEprvEdclnF_x8rsi_yNStqGU47bhe4cg90015S2RjxtH71orxdt3O0wZOm7zRfgNo1hjCyqm1AdZUYGCiAUrT_nTAcy6V7QZXF2kz_PbWrhktcnXyRfmspAqWIvMm51JhLbRCM3YjZi2x960ooSrKPl537vU86Rop_rLwrcS0o8-5wB_QGB9Z_l22wP7uiABvwV8orRSsADQNLTqrYAkR8vKNBlxkVpDTXkjdNmP-8-4EzDomRBwhhND_lM11Ts9YYZvJAItmBr_oGr_8wujH7OwdUYA8O-QX8sHeJvEyQJLnqQj3VRLKcWIKsxsXWhviy4aNcQE4E_sqaC1d_QHIRjp7KO3vaLwFWkBVuqeTe1fWqVRW3N7bxvTMeIDiKkXuO92fkaO56E8VxlphD5XNnss0GFeBXWa41mBxOycUiOhyGtg4PAScyfcaKsXFfoq5s7nB9bak_uoyYm3lbKzvFWTdyV0RbK4BijEpMB2409g_3ZXclolGH1JijpeK8Z1kGEYm4qpIXij7lHJvtoLqydB-G2t35iS4O7FYU0lIGKSK3HFqDmIYvR7AQYi-cYhe81X20gxd0umArQaQR5y_PEnQ1YVZrzMORGXDph18g-og_Zib_xbFxQE4y1YEtu5-DBWOXwTDXSs3mvwZt0C48O-Iu83Uf3r4mXDCKv522jO0KYqoWApukHkmMMrThzL9NNc7_Q8ggqsmJyh2_eW8rHKUtavJvWVZaJ9eRLXNt8wj2ufwPSwlt_-eY9ZRxFhwHpVUHtTwExe8o8w5mmWWePDjlR5uc8ESBd05l3Sl0PCTxdOy5WR_zyiaWuQUh0kgk6d9xa5w71UfisfG_nFnSc13Y3e4WNQlOwp6WS8sXVyesFq5q0955lxE83qxJZx-_yrMKEs--klZr6k13CTWhkZwy0Q4L7h56W41xDi0b8syteTkdP6JQjAyRnr3tqs5EChaNwzcl2qMh_oJKZSWXO0C_Membq949Y6MT9LTGBozdnmaJtCLCjIeIvSMaZMyCs9F7tKdIAM2g6XwqJ_HCcMadkXhIdXTyTDZxEE7w_qChuzKznzvp_0_CnSUNPKbKSeAyt5KHoZOyRvmmvrAqA4V9aR7-kdNiE-u4ils_p8EsGkOQOmTgDmuO0YQ0VkEKBNcKJ8K7BmV8aR91Vs9Wp8PxyJjR4fDlDn6kItJRxgdaSRllvVF9_KTWw&cid=CAQSOwDq26N9ISSt_Nt6vBIoNos-G0TxI_Cl1t1S1mKPFU429WldLTzA6Izxs86Esx86gSw0dsIuknleuNSbGAEgEw&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr=0&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2961901633&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=817C30DC-89D5-425B-B850-F258769ACF2E&nel=0&eid=44748969%2C44765701&ref=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&url=https%3A%2F%2Fbg.myservername.com%2Fpython-variables&dlt=1669121504086&idt=655&dt=1669121507065&ged=ve4_td3_tt2_pd3_la3000_er951.345.951.345_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.167.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f155.1e100.net
Software
cafe /
Resource Hash
feb3d5863dd422f2a3d30c70ceb550f4944bc369010f8843efe7007c5c789890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16304
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 29D8 		0
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6b7fab8fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 5CFE 		0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6b8fb78fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 44FE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26735189&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
509efb107834a91cf8d12ea1bfdba5d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame A3E6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/509efb107834a91cf8d12ea1bfdba5d?gdpr_consent=&gdpr=0
0
0
a346b439c35bbffff717f84a86b915
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 7C2E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6d3b5c8fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Nov 2022 12:51:47 GMT
Expires
Tue, 22 Nov 2022 12:51:47 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1669121507350009-569
usync.js
eus.rubiconproject.com/ Frame 1389 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 12:51:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34743
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
usync.js
eus.rubiconproject.com/ Frame 593A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 12:51:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34743
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
usync.js
eus.rubiconproject.com/ Frame 0C84 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 12:51:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34743
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
usync.js
eus.rubiconproject.com/ Frame AB8E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 12:51:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34743
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 11F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKVmyChhXsAYaksPNOCIU7Y&google_cver=1
0
0
casale
match.adsrvr.org/track/cmf/ Frame 11F4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 12:51:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 11F4 		0
0
Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 11F4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:2eda:8ed6:2a73:2027 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 11F4
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAA%263285
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7316134a-82f7-49fd-b823-a9fcd5c3989e-tucta764b63
0
0
match
c1.adform.net/serving/cookie/ Frame 11F4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
0
0
ibs:dpid=23728&dpuuid=Y3zF4S2Yb63Kqi3fQvOmswAA%263285
dpm.demdex.net/ Frame 11F4 		0
0
ix
s.company-target.com/s/ Frame 11F4 		0
0
setuid
sync.quantumdex.io/ Frame 11F4 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6c6eb09960-FRA
content-length
43
content-type
image/gif
csi
csi.gstatic.com/ Frame D690 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~las7ujmk&c=1159570635893&slotId=579785317946.5&qqid=CJ7-zJPqwfsCFYeddwodlQwGwg&gqid=4cV8Y_aKOJSz3gO1756wDg&fb=ima_html5-lima&sdkv=h.3.546.0&ppt=onnetwork%2Fvplayer&ppv=8.6.1&mrd=30&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44748969%2C44765701&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D690 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CITwF4cV8Y96JO4e73gOVmZiQDJrQp7Ft7vuHr-0Qs6S6hbMaEAEg6pr8JygCYJXikIKgB6AB3PiquwLIAQWpAlq0cMRqNLE-qAMByAMTmAQAqgTMAk_QdG3yxWOAVljuoKvxJLzTf9eLkIrXrA5yzlIlLEvIUT66Jxb_yrbr4otpFbIG_5yhcHBpQPgpr9IPdqKv17VHVVE4zZDdgS-bvS9N-K_uXYh5S40Jj_bB16bozaPQR365RpeZsvj65Brmb5gaWjTK9LbeWOx7aOVutguNuwuT4zoYXT1cSz8mGm1S58zwWq_sTSATYsPQ0G_c6o_iDBUrLY3b1qTQMW1YFw8RJcOnqIZQglPKjbdJ8erUhEk1KwmGO-BMqaQlitCZuK63Q5Uua5o-WOJn9Dn8OBDoiUWZ6h5R52Ex5fmditvxFAOn0JVsi3wEnZcXZ1QBZz6UrTG8PEjfdZ-HiA9cVxI3iE9FGCcAu_MCW-vUHdl5KSsy_kSvtBognTVFdXqxPjhUFAk9oRMqoxwBSipP9TjiQr2N_rPDHYO79TYgBkSEwATPmKr-kwTgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAeALAYAMAbAT84yXEcgTjbbu4APYEwqIFALYFAHQFQH4FgGAFwE&sigh=AFS88f-f3rY&label=show_ad&sdkv=h.3.546.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MzQ0OTI5MjA4NzhAkgkKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDI5NjY0NTYyCTE4MjIwOTE2NECMAVIzCM4CEA8lAACgQSgBOgs0NTQ3ODEyNDctMUIER0RCTVAAWhBnZjRkLWFUcFpwOE9WM2xQGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame D690 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CV5Es4cV8Y96JO4e73gOVmZiQDJrQp7Ft7vuHr-0Qs6S6hbMaEAEg6pr8JygCYJXikIKgB6AB3PiquwLIAQWpAlq0cMRqNLE-qAMBmAQAqgTNAk_QdG3yxWOAVljuoKvxJLzTf9eLkIrXrA5yzlIlLEvIUT66Jxb_yrbr4otpFbIG_5yhcHBpQPgpr9IPdqKv17VHVVE4zZDdgS-bvS9N-K_uXYhZS3zONfsFFTULvQ5DG8WH7P8QIrghsx7mb_MaWjSx-LbeROx7aCuSXQiSTkhm4LKYrTwhiDoklrmn5Eqo0CzmwaCTl8Da02_cH4wXDxUr2Iwu1aTSxG6tFA4R0MBTq4ZQd1A_jrdJBOkhh0k13gpzOOBMXIftjtFLdZqGId5cXAJwCuZHVDaCWHp0y41S1jhZ5yMv9fmglOPx0bcG0ZCMtcwFeIkaZ_wgWgB0qzY8XItZBxdCicIUjxo1SMbsJLqbK8o5-J_bUFJnrk0_k-yGaSUu8J1E_tOZHDhfB5ZbrH6CqD4BRj6KyjaP6rav_r3Vpve0uL2-ndkry8AEz5iq_pME4AQDiAXU1tCqQpIFBggbEAIYAZIFCwgiEAMYAUjSvr0BkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEKaBTxi_0u3YAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAbAT84yXEcgTjbbu4APYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=dczS-WjJbwc&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9ISSt_Nt6vBIoNos-G0TxI_Cl1t1S1mKPFU429WldLTzA6Izxs86Esx86gSw0dsIuknleuNSbGAEgEw&vt=10&sdkv=h.3.546.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MzQ0OTI5MjA4NzhAkgkKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDI5NjY0NTYyCTE4MjIwOTE2NECMAVIzCM4CEA8lAACgQSgBOgs0NTQ3ODEyNDctMUIER0RCTVAAWhBnZjRkLWFUcFpwOE9WM2xQGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
drop_cookie_sw.php
csync.smilewanted.com/ Frame E575 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6c29198fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame C263
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2561957919951169474
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2561957919951169474
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:47 GMT
AN-X-Request-Uuid
b2a98177-1e91-443b-99cc-0957ff6f23ef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2561957919951169474
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C263
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3605:2eda:8ed6:2a73:2027 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
date
Tue, 22 Nov 2022 12:51:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame C263 		0
0
img
sync.mathtag.com/sync/ Frame C263 		0
0
crum
dsum-sec.casalemedia.com/ Frame C263
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A28F24CACBC24CB8BA085D47CFE9C012
0
0
tp_out
d.adroll.com/cm/index/ Frame C263 		0
0
us.php
gu.dyntrk.com/adx/ie/ Frame C263 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame C263
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKVmyChhXsAYaksPNOCIU7Y&google_cver=1
0
0
setuid
sync.quantumdex.io/ Frame C263 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6c9f409960-FRA
content-length
43
content-type
image/gif
v1
match.sharethrough.com/universal/ Frame AC22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cs
ad.turn.com/r/ Frame FB5D 		0
0
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame FB5D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3zF4wAAAJmbRAAW
0
0
current
casale-match.dotomi.com/match/bounce/ Frame FB5D 		0
0
rum
dsum-sec.casalemedia.com/ Frame FB5D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dMBbtiHGCeZvxlThc5VB5yHAXOZvwl_ne8sfCnvK
0
0
ix
s.company-target.com/s/ Frame FB5D 		0
0
img
sync.mathtag.com/sync/ Frame FB5D 		0
0
index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame FB5D 		0
0
rum
dsum-sec.casalemedia.com/ Frame FB5D
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAA%263285
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=146e7e84-3751-47c3-afd5-32158c344c97-tucta764b63
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=146e7e84-3751-47c3-afd5-32158c344c97-tucta764b63
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 12:51:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=146e7e84-3751-47c3-afd5-32158c344c97-tucta764b63
date
Tue, 22 Nov 2022 12:51:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13676
setuid
sync.quantumdex.io/ Frame FB5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e1cc6cbf5f9960-FRA
content-length
43
content-type
image/gif
drop_cookie_sw.php
csync.smilewanted.com/ Frame 3034 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6c597a8fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/universal/ Frame 3231 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3C4C 		0
0
bridge
cm.adgrx.com/ Frame 3C4C 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:47 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
ping_match.gif
pm.w55c.net/ Frame 3C4C 		0
0
sync
sync.srv.stackadapt.com/ Frame 3C4C 		0
0
current
casale-match.dotomi.com/match/bounce/ Frame 3C4C 		0
0
crum
dsum-sec.casalemedia.com/ Frame 3C4C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7A5AB9C818684A0FAA09A63DA1CAF896
0
0
tp_out
d.adroll.com/cm/index/ Frame 3C4C 		0
0
rum
dsum-sec.casalemedia.com/ Frame 3C4C
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAA%263285
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1233ab46-d25e-4606-8c13-96f32bf5e657-tucta764b63
0
0
setuid
sync.quantumdex.io/ Frame 3C4C 		0
0
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1669121507284&event=adloaded&d=9074&vs=1752&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=9&co=0&vc=1669121504081&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:47 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 0016 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1669121507284&event=adstarttry&d=9074&vs=1752&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=9&co=0&vc=1669121504081&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.32.207.132 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w25.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
last-modified
Tuesday, 22-Nov-2022 12:51:47 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
csi
csi.gstatic.com/ Frame 0016 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~las7ujdd&c=1159570635893&slotId=579785317946.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::78 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bg.myservername.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 12:51:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ERz0GdwqBZE1o132V3Wc
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame C3BB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6d0ae18fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 22 Nov 2022 12:51:47 GMT Tue, 22 Nov 2022 12:51:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
pragma
no-cache
ERz0GdwqBZE1o132V3Wc
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 550C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
0
0
a346b439c35bbffff717f84a86b915
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 70C8
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
76e1cc6d3b598fd6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 12:51:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Nov 2022 12:51:47 GMT
Expires
Tue, 22 Nov 2022 12:51:47 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a346b439c35bbffff717f84a86b915?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1669121507322056-538
khaos.jpg
token.rubiconproject.com/ Frame 1389 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 593A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
c2ad5238a415b687b1de22a4998cf8b9
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 736A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c2ad5238a415b687b1de22a4998cf8b9?gdpr_consent=&gdpr=0
0
0
khaos.jpg
token.rubiconproject.com/ Frame 0C84 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame AB8E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/prebid/ Frame B49B
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
0
0
setuid
ib.adnxs.com/prebid/ Frame AE6B
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
0
0
v1
match.sharethrough.com/universal/ Frame 58F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
file.mp4
gcdn.2mdn.net/videoplayback/id/feb6aeff83a8f870/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657507/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4B2F... Frame 0016 		0
0
v1
match.sharethrough.com/universal/ Frame 7F7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.228.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Nov 2022 12:51:47 GMT
connectmyusers.php
cdn.connectad.io/ Frame 6450 		0
0
connectmyusers.php
cdn.connectad.io/ Frame 9CA2 		0
0
ERz0GdwqBZE1o132V3Wc
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 93D7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
0
0
ERz0GdwqBZE1o132V3Wc
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame A368
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
0
0
getuid
sync.smartadserver.com/ Frame 92C6 		0
0
getuid
sync.smartadserver.com/ Frame 13CC 		0
0
getuid
csync.smilewanted.com/ Frame E03A 		0
0
match
c1.adform.net/serving/cookie/ Frame 1BCB 		0
0
img
sync.mathtag.com/sync/ Frame 96C6 		0
0
pubmatic
d5p.de17a.com/getuid/ Frame 60E8 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 6A02 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 890C 		0
0
getuid
ib.adnxs.com/ Frame 3CB3 		0
0
setuid
sync.quantumdex.io/ Frame 83C4 		0
0
pixel
cm.g.doubleclick.net/ Frame 44FE 		0
0
img
sync.mathtag.com/sync/ Frame 44FE 		0
0
/
pixel.onaudience.com/ Frame 44FE 		0
0
pixel
cm.g.doubleclick.net/ Frame 44FE 		0
0
pixel
cm.g.doubleclick.net/ Frame 44FE 		0
0
pubmatic
um.simpli.fi/ Frame 44FE 		0
0
match
c1.adform.net/serving/cookie/ Frame 44FE 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 44FE 		0
0
getuid
csync.smilewanted.com/ Frame DB22 		0
0
server_match
ice.360yield.com/ Frame 581D 		0
0
server_match
ice.360yield.com/ Frame 92A4 		0
0
connectmyusers.php
cdn.connectad.io/ Frame CA6C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/509efb107834a91cf8d12ea1bfdba5d?gdpr_consent=&gdpr=0
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKVmyChhXsAYaksPNOCIU7Y&google_cver=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=7316134a-82f7-49fd-b823-a9fcd5c3989e-tucta764b63
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?CC=1&party=29
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3zF4S2Yb63Kqi3fQvOmswAA%263285?gdpr_consent=&us_privacy=&gdpr=
Domain
s.company-target.com
URL
https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A28F24CACBC24CB8BA085D47CFE9C012
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKVmyChhXsAYaksPNOCIU7Y&google_cver=1
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3zF4wAAAJmbRAAW
Domain
casale-match.dotomi.com
URL
https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dMBbtiHGCeZvxlThc5VB5yHAXOZvwl_ne8sfCnvK
Domain
s.company-target.com
URL
https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
euexchangesync.digitaleast.mobi
URL
https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=68
Domain
casale-match.dotomi.com
URL
https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7A5AB9C818684A0FAA09A63DA1CAF896
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1233ab46-d25e-4606-8c13-96f32bf5e657-tucta764b63
Domain
sync.quantumdex.io
URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Y3zF4S2Yb63Kqi3fQvOmswAADNUAAAIB
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted&tc=1
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c2ad5238a415b687b1de22a4998cf8b9?gdpr_consent=&gdpr=0
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e64d434e5f261c76f28cbc5e3b90be74
Domain
gcdn.2mdn.net
URL
https://gcdn.2mdn.net/videoplayback/id/feb6aeff83a8f870/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700657507/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4B2F8794DF7C34BF12CFF7751544EC462732DFBB.B7FBFF9BE798527F685D462EB35A9413065668C3/key/ck2/file/file.mp4?cpn=gf4d-aTpZp8OV3lP
Domain
cdn.connectad.io
URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Domain
cdn.connectad.io
URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ERz0GdwqBZE1o132V3Wc?pi=smilewanted
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5&gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5&redir=true&gdpr=0&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
sync.quantumdex.io
URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0BS3ml0KSyaFp9irSfVvxQ%3D%3D&gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=D014B79A-5D0A-4B26-85A7-D8AB49F56FC5&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDAxNEI3OUEtNUQwQS00QjI2LTg1QTctRDhBQjQ5RjU2RkM1&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Domain
ice.360yield.com
URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Domain
ice.360yield.com
URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Domain
cdn.connectad.io
URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| $ function| jQuery object| jQuery112407729431476495414 object| wp object| Sk function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| AdSlotCollection boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| urls number| atr boolean| busy object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| _ONND_URL_EMBED string| _ONND_URL_CDN_EMBED string| _ONNPBaseId object| ns object| fs object| ONTVOpAdConfig object| ONTVOpAdAConfig function| ONTVOptAdPlayer function| ONTVOptAdAudioPlayer object| GoogleGcLKhOms function| ONTVMiniatureEnabled function| ONTVdisposePlayer function| ONTVFSSwitch function| ONTVFSOff function| ONTVsendCommand function| ONTVhideAllMiniature number| google_global_correlator object| closure_lm_631072 object| google_image_requests

20 Cookies

Domain/Path Name / Value
.dr6.biz/ Name: uuid
Value: 3748843f-c019-44c6-b756-bf0651e64346
.youtube.com/ Name: YSC
Value: hgS7nPZwn-M
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Q7laXaa44cY
bg.myservername.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.myservername.com/ Name: _sharedID
Value: e43c531b-9fcb-4aa4-8bb8-acbfaf08e8e2
.quantumdex.io/ Name: uid
Value: 84f1bbf3-9008-42fa-8df9-d7b6c87bdf6b
.prebid.a-mo.net/ Name: __amc
Value: 2_1669121503_1669121504
.myservername.com/ Name: _ga
Value: GA1.2.1999299244.1669121505
.myservername.com/ Name: _gid
Value: GA1.2.980195933.1669121505
.myservername.com/ Name: _gat_onn_tracker
Value: 1
.bg.myservername.com/ Name: _ga
Value: GA1.3.1999299244.1669121505
.bg.myservername.com/ Name: _gid
Value: GA1.3.980195933.1669121505
.doubleclick.net/ Name: IDE
Value: AHWqTUmHzgZckzN3HD59h5J8VWlmZ3y8GujxnC-udBZpfm0ZUggZCyrKBPCPRcehKws
.adnxs.com/ Name: uuid2
Value: 2561957919951169474
.casalemedia.com/ Name: CMID
Value: Y3zF4S2Yb63Kqi3fQvOmswAA
.casalemedia.com/ Name: CMPS
Value: 3285
.casalemedia.com/ Name: CMPRO
Value: 3285
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>8vUtUS!]tbPl1M>e)ZlrFUfJ+tGXxoDU$kB^?Mo6JHQe+'aXvjb])vemNab4phf5>Q*bpRz*qF1`*b_vU*0mo#
.myservername.com/ Name: __gads
Value: ID=af8df6c22d799d4f:T=1669121504:S=ALNI_MYH24yuQf62O5UeMmkGOnT_Rv8ZWA
.myservername.com/ Name: __gpi
Value: UID=00000b85e93985ea:T=1669121504:RT=1669121504:S=ALNI_Ma0UDXZJH3vEb-iZBNMwFasOQBBWw

4 Console Messages

Source Level URL
Text
network error URL: https://useast.quantumdex.io/auction/pbjs
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://useast.quantumdex.io/auction/pbjs
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://useast.quantumdex.io/auction/pbjs
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://useast.quantumdex.io/auction/pbjs
Message:
Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28b05b1477ac5f102a9622587b0da12d.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
bg.myservername.com
bid.g.doubleclick.net
c1.adform.net
casale-match.dotomi.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.onnetwork.tv
cdnt.onnetwork.tv
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
creativecdn.com
csi.gstatic.com
csync.smilewanted.com
d.adroll.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dr6.biz
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbx.media.net
i.ytimg.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
jnn-pa.googleapis.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
myservername.com
onetag-sys.com
optad360.mgr.consensu.org
p.skimresources.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
pubads.g.doubleclick.net
r.skimresources.com
r2---sn-5hne6nzy.c.2mdn.net
rtb.adxpremium.services
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.skimresources.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssp.disqus.com
ssum-sec.casalemedia.com
static.doubleclick.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.quantumdex.io
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
t.skimresources.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
video.onnetwork.tv
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
aax-eu.amazon-adsystem.com
ad.turn.com
c1.adform.net
casale-match.dotomi.com
cdn.connectad.io
cm.g.doubleclick.net
csync.smilewanted.com
d.adroll.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
euexchangesync.digitaleast.mobi
gcdn.2mdn.net
gu.dyntrk.com
ib.adnxs.com
ice.360yield.com
match.adsrvr.org
match.prod.bidr.io
pixel-sync.sitescout.com
pixel.onaudience.com
pm.w55c.net
s.amazon-adsystem.com
s.company-target.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
sync.quantumdex.io
sync.smartadserver.com
sync.srv.stackadapt.com
um.simpli.fi
104.22.69.131
141.226.228.48
142.250.185.66
142.250.186.130
147.75.85.234
151.101.65.108
151.139.128.10
162.19.138.117
172.217.16.130
172.64.154.237
178.250.2.146
178.32.207.132
18.156.0.31
185.177.92.30
185.184.8.90
185.64.189.115
185.80.39.216
188.42.196.115
2001:4860:4802:38::178
213.19.147.45
216.52.2.39
23.203.77.3
23.35.228.23
23.35.236.201
23.55.110.197
2600:9000:223f:bc00:1b:5138:8a40:93a1
2600:9000:225e:a400:11:a4de:2580:93a1
2606:4700:10::6816:2460
2606:4700:3031::ac43:dfa4
2606:4700::6810:5814
2607:f8b0:400d:c09::78
2a00:1450:4001:802::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2016
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a00:1450:400e:15::7
2a02:2638:1::13
2a05:d018:d29:3605:2eda:8ed6:2a73:2027
3.127.228.236
35.190.59.101
35.190.91.160
35.201.67.47
35.71.131.137
37.157.4.23
37.157.4.28
37.252.171.52
37.252.171.84
51.75.86.98
52.222.214.2
54.36.238.155
64.233.167.155
69.173.144.165
72.251.245.181
94.23.186.68
96.16.141.156
00b6cedd63891781c691da97fa1da24c64d8b59d6668c7bfaac6572f4f3f2431
02b0292303a29ddf5cbf276ad61bb73b64251eceae9d5be99d429853f6be8f29
048d15636a16bdd7b1c0c7be377639d21ebe075b45e8a4ef86282fafd25782b4
09ae8405880ebeaf9667d888f96dd4b0cc0c78f31a531c0105e56699c487609d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1288abb45b62709defec307fb4668ece7b0259d02b4a6770da169867b29258cf
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
248dd0d08d9f4daa47089ea8e4b5a81506be49de44dca3c5d15d55b891eb7674
26f7ff5c03cbf435f5cb6fee7872b42a5da1accfe807a41094b3eb515e80b1a8
27c90db68ab465cdf6030651ec87d5c0271c1b4613b184f8129b4888a706ce88
27e188385e67eda41aae3e439eae475b4087e538357df07b4798a4479ef53c68
281fcf3b7589358d0aaab28e924c03e43e58fae40fda1c9a0bae61a0a0120371
29bde7e6eac49c6120dc33f6f75338e12e6facd693c689bf9ccbd6ffce9cd1a8
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2cfe0144a5c5ad6bfbd714ca46ff7de987aaf77363db7dafd53f78d173bd2bf6
2da4b1994f06778b13d4abc5bf2de60917e4d02dcfa6f8f408d0edb8f273fbd2
2e3abaf0f161a80a0bc3d1c351130c289760f116f48b42d0d5d123adfcf0d6e9
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
2ffc37faea7762bff2e38478c3f7f8fb5b343d9647f41a7d5c1c0142463fd362
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
34bdfba59f44e9fccb3d69196b037528d891aca76fd2a3ebc84a7d6405a88b31
36f72b7c6df379032dca5832f7c2671417813cd1f5c738882dbeeedf1c2df4db
379639dc15c53372812c8be7e2bf3bf6ae652fcb46ff9b959cb3fe0a9f4e70ba
37cb31effe0fa7997e40575b2d239b9fd99fa789fa7f4a9e16cd8c55cb86163c
39c5ea2e3dd9f80f72d08eb7098200fbac4852ac3f4fc2404b934ea5f9b60cdb
3ab62d8b0ae889963b44dff563f60b4cb66952181088ad2b4df9d53b25ced055
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400b8d72b56505c55e97d9913fc137b3827ec074bd8d932a1c5f959aaea2ce6e
46800165b1bce9569cd7af80cb43c7298ecc92f6744a773d1745d682dfc9435d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fb2235bcf84086a9b939ae509ecacc01bb31c68ba94e6473e31d8adebec3eb
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
499bda4efe28fc6e3441c0195e6fb713cc51aeef116b61b4b44a1b84ee484a86
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f8ba2be149506d78df30098dee1b7edffc9113aaa0ee7ef7ac000ad2f9686dc
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
618abcb48e33b67f8beb9e63332fd8f7586be0242a4ad174b73b32827e9fe7ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
634c7a6099396c9382029aa927edfc1e84583592d97a96fa6dd2fe8d7a0c2602
638c4b39bf63f9ef16a03a4593ea607e9770d117e0ebe8e610288476fc9ec828
65117a572a86879965a5de8aedb23e74506111ca66950b37a93ec4f47b2fa4df
6586eaf0530229f63e295f9c912a7383185e6c0391ec9784b9202563a9c0fafb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
673486783ffd15dcb2c51776d987b8e2d78d055b194ef793474e4be272af5749
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69ca5246de4d75bcd53c06e328712d03ba24e706f3c37f16d23708aae8f39dee
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c16c6f415d87daa72af7f53a88b0062727d31b253e087ab9d6ac62bed6d5c29
6db6bf98c01ec6763de137f85905b9a434fbab2c3e1a625c06710e1ab8546b9c
6e0d2b3a8ba91da9e90cee8fbd6d8c088a257435322c196951d5766ea1fc6018
6ef2b98cb55c9adb5452594b240aea84e7cc74a73cfc6c4234ffe4a0aa31ee2e
7260b4a4163f2e458b462ed77194205e12e7d8352f0ec3cb2e4d1475f7419a9a
738df72872e3ed1d49b341eea918207efa339548a71f5a1e086eb1ee2d346fa6
76719659b156de545b0d1fb5813865e84b01ac838ce4412be754b7d809865d45
77d2edcc7101dec47d0e29db67e1eb8aec21e09f15a55428bd2a6c4e979d2ef6
78a9cbebc3deaeab89cab5ea460a22eecce4220d859075dcae1a88162151dfd5
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a1fa04a8f70a33686dd8bf3957474625071252633530a9573cf29cf87ca2ee6
7b860f244b6e3a35ed0f1e73bc69199af38f2175238805f4da7f2104a2acd2b2
7c8334aa94ef903881c5296ca8a5e9c228f1da74b9a3703ec443bc4fa4b7bb0b
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
818081def32fcfa433f929ba5c0fb9efc55ea250d24633a8442fd6b4398c94dc
8375345c7b6d70c741c7b64b9b09065c34beac9c60d8fac0b7b990a1b66dc385
84f1c98d61d7111c94c440e1881db9053c3ea9df543fda361d15967980491217
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8acdbf48bb75598f25ffbecc49f8b6739391d238824f214923fceefcdc7a58dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa
92357b9a0aa62f687c88e3fdbdb36267b5b58d0c0b6c6c91537ef5c8170509f1
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
9da0fe4dbc7641c2431d0a9559f190e3472dee21c4f2e24bcbd2bc143419dc7b
9e1e5acb357ba33f0bf26b25269f111c4a194875f409427d3a6d0a1e9884298e
9fe258f381631a1fd2607eb42dff5d3e5450e98a0690e963ca82934ab96f5435
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1f6546df815c8bc1627449be83a59b34ce8d148c85bcf8e994f0e498d2d7eac
a301031b6dc880385b83ce08edbd55954568e57126d2e344b0777c75c9dafe4e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5ef8d5d7be6debb879e43bc8e484d66b8af550624647bb057785ee6118a528e
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae9392fa574ae2162a7081b3542b9cff574d118aefb66dc4f8de6d934fc9f407
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b088906876e9d37ae01d1df853a09d9b1560a680510b3dc942916c5890c7923b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a735eeb1d72a5d5935d90ea0001a67851517567624af9735044062521e3062
b392bcbc39569d1a19615f0f4e7c7e9441e367330f5bb6cb7fe3495f404b81d9
b42cdce8a41bd8076fdd464a537ad64ad3f25a2ce0c8fc0e91abe2756d6ee970
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b67cb337c60215354ad1653ef0966ae9dbe3f66f48a185b98f4c40965793f4e7
b79f323b056d30f93911178d2704632e5c8faf8faab76ff3a129645af7f75b9a
b8de76334c98a4b4b307b47f0d003644eb595e51c92ff13fff8e7e898c4daefb
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bd7a6ef6993ed2d830356a445335670e3b8dda8d965702f66bc9075fd0381609
bdea74180d26dc1b3d75468e12623b7486894a6ab04a87d58f185883288f5377
be115b36796b1b19370e49cb1189f28b586605db81ae125f44b257b61472913f
be47b7517af9b2dca5ea4f135eba12a7145ef6857581e4c96998f8e39a34559c
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
bffdd9e1987dbd921a563bad08266af14158611c0191da747de6e20b696ca188
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c74f7be205f204f8f46fa2472420c59b0da48d7a9e9c520533246e78964087d0
c853fc314c8d0db14fb4f24ad25b2f798c88b0620d201555a70abd350dedfc1c
c86c6fe111a5d2f7cf14ed2e499cafb8223c34d130d6390d02d84900e616005d
cd06e8ab3e45dddb6a12b7ba6ff41976475d0348dc32f499543a5a3608ec4a0a
cdabc1154edacd59d534f6eef590773312979ca650223b4f222fe2ded4607b5c
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0af6773740267f43912e6daab721f9c9354c74708c83ab125d281d614973a1a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1426753907d80f4775c7cb09ae61920aa8f3ec5c428b9b1d3e4cd7d5618cfc3
d2045df563a0ae14e3f89f2f266402061263c40c6cde260cc78be918e8133c3e
d3b20fb13f1112655e3dbb32430524f3f4a1001aa0f3d355a8ba471f941db36c
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d6b1eda5cd7ad0242374b3c718dc97a5dce39e3e5a121f47fc102f7cc32ab56a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e167fe07dc48a205384ef7cfa00f4657f4949f3e4ec475cb6e61c501729ad40b
e302e51c868346efcf49d075b58acced2f072494e130f2506b30c5b0ff01a37b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4b52b97bfcb8c6afb3b9db9671c022b0d55a205d60f270d8fca3ca6d67e7bce
e55e1f8c5d849cc9ddae90973b23e41fcdd01059cf2dfa853d571e84083c7e68
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef0395f9441ea71f97b18131658805c958fe9e2eaac50c017903bb792a62eb8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d9a3ed11b2bd5dfe77bf5f95b233fef6e2f698a63aeffd64b89bb5faaac4c
ef4ee30915ea1accde39633ca1a2f3ebcc33d6282ddb0efd5353d272ba466b09
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
f94e813281a8959bd1b0f32940a22c5e40e73e536171bb4d0f0d864d9f01f79c
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
feb3d5863dd422f2a3d30c70ceb550f4944bc369010f8843efe7007c5c789890
fec83baa0b194ae558c23f5531c47685c6de4ee6dbe51699509304f580bd72b2
ffff2578214cc2fef6288422331587083772da579b9f9803d5dfae593cdb0769