urlscan.io logo urlscan.io
SecurityTrails logo

library.avsim.net Open in urlscan Pro
2607:f108:300:8:21a:4aff:fe16:11a  Public Scan

Go To Rescan Add Verdict Report
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Submission: On February 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 12 countries across 73 domains to perform 320 HTTP transactions. The main IP is 2607:f108:300:8:21a:4aff:fe16:11a, located in United States and belongs to AMC, US. The main domain is library.avsim.net.
TLS certificate: Issued by R3 on January 15th 2023. Valid for: 3 months.
This is the only time library.avsim.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2607:f108:300... 29838 (AMC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 65.9.97.56 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 108.138.4.150 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
11 34.255.226.52 16509 (AMAZON-02)
4 185.86.138.122 201081 (SMARTADSE...)
3 35.157.49.84 16509 (AMAZON-02)
3 13 37.252.171.53 29990 (ASN-APPNEX)
1 198.148.27.133 19189 (PULSEPOINT)
1 185.255.84.150 200271 (IGUANE-)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 35.175.157.122 14618 (AMAZON-AES)
2 216.52.2.91 32475 (SINGLEHOP...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 138.201.84.245 24940 (HETZNER-AS)
2 9 185.29.134.249 30419 (MEDIAMATH...)
3 92.123.37.164 16625 (AKAMAI-AS)
2 151.101.193.108 54113 (FASTLY)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
1 4 176.9.26.250 24940 (HETZNER-AS)
1 5 88.99.165.19 24940 (HETZNER-AS)
1 1 35.186.193.173 15169 (GOOGLE)
7 20 172.217.16.194 15169 (GOOGLE)
4 4 213.155.156.185 1299 (TWELVE99 ...)
4 5 37.157.6.247 198622 (ADFORM)
1 35.227.252.103 15169 (GOOGLE)
4 4 213.19.147.44 3356 (LEVEL3)
1 3 51.89.9.251 16276 (OVH)
2 2 37.252.171.149 29990 (ASN-APPNEX)
4 144.76.91.199 24940 (HETZNER-AS)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2a02:2638::c 44788 (ASN-CRITE...)
1 2a02:2638:1::17 44788 (ASN-CRITE...)
11 37.157.2.238 198622 (ADFORM)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
5 15.197.193.217 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 3 185.64.189.115 62713 (AS-PUBMATIC)
1 3 185.86.139.101 201081 (SMARTADSE...)
54 37.157.6.235 198622 (ADFORM)
3 88.99.65.215 24940 (HETZNER-AS)
1 13.227.219.69 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
1 52.222.139.119 16509 (AMAZON-02)
1 2 198.148.27.140 19189 (PULSEPOINT)
1 34.250.26.242 16509 (AMAZON-02)
2 5 172.64.154.237 13335 (CLOUDFLAR...)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
3 23.35.236.201 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 2 216.52.2.39 30282 (AS-INAPCD...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 69.166.1.10 27630 (AS-XFERNET)
1 1 147.75.85.234 54825 (PACKET)
4 4 18.156.0.31 16509 (AMAZON-02)
1 1 34.231.81.182 14618 (AMAZON-AES)
1 1 35.214.223.115 15169 (GOOGLE)
1 5 185.86.139.89 201081 (SMARTADSE...)
4 4 151.101.2.49 54113 (FASTLY)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 2 52.46.151.131 16509 (AMAZON-02)
1 3 185.80.39.216 27381 (CASALE-MEDIA)
1 52.48.86.28 16509 (AMAZON-02)
1 64.95.96.108 32475 (SINGLEHOP...)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 185.29.134.244 ()
3 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
4 185.64.190.80 62713 (AS-PUBMATIC)
2 2 141.94.170.64 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 54.76.136.152 ()
2 2 35.201.96.126 396982 (GOOGLE-CL...)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 17 52.210.15.1 16509 (AMAZON-02)
2 2 3.67.29.124 16509 (AMAZON-02)
1 47.252.78.131 ()
1 1 52.87.37.104 ()
2 2 70.42.32.255 ()
1 1 69.192.160.219 ()
3 3 20.13.96.71 8075 (MICROSOFT...)
1 98.98.134.242 ()
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.233.108.47 ()
1 2603:c020:400... ()
1 38.91.45.7 ()
2 2 54.228.83.115 ()
1 1 20.127.253.7 ()
1 141.95.33.111 ()
2 2 18.158.8.202 16509 (AMAZON-02)
1 1 124.146.215.51 ()
1 1 80.77.87.161 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 69.173.144.139 26667 (RUBICONPR...)
1 198.47.127.20 ()
320 81
17    2607:f108:300:8:21a:4aff:fe16:11a (United States)

ASN29838 (AMC, US)
library.avsim.net
1    2606:4700:10::6816:35c7 (United States)

ASN13335 (CLOUDFLARENET, US)
go.automatad.com
13    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    65.9.97.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-56.prg50.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
1    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
12    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2400:52e0:1e00::1077:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.automatad.com
1    2606:4700:10::6816:45f0 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.atmtd.com
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    34.255.226.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
3    35.157.49.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-49-84.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
13    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
fra1-ib.adnxs.com
1    198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
automatad-d.openx.net
u.openx.net
us-u.openx.net
1    35.175.157.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-157-122.compute-1.amazonaws.com
hb.yellowblue.io
2    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
9    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
9    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
3    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
5    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
20    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
cm.g.doubleclick.net
4    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
5    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
11    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
54    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de
cdn.contentspread.net
1    13.227.219.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-69.ams54.r.cloudfront.net
api.intentiq.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    52.222.139.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-119.ams50.r.cloudfront.net
public.servenobid.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    34.250.26.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-26-242.eu-west-1.compute.amazonaws.com
g2.gumgum.com
5    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:9400:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.231.81.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-81-182.compute-1.amazonaws.com
ssp.disqus.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
5    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    52.48.86.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-86-28.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    185.29.134.244 (None, )

ASN- ()
sync.mathtag.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    54.76.136.152 (None, )

ASN- ()
sync.crwdcntrl.net
2    35.201.96.126 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
17    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    3.67.29.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-29-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    47.252.78.131 (None, )

ASN- ()
event.clientgear.com
1    52.87.37.104 (None, )

ASN- ()
sync.srv.stackadapt.com
2    70.42.32.255 (None, )

ASN- ()
b1sync.zemanta.com
1    69.192.160.219 (None, )

ASN- ()
stags.bluekai.com
3    20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.outbrain.com
1    98.98.134.242 (None, )

ASN- ()
pixel-sync.sitescout.com
1    2a05:d018:d29:3605:904b:84a6:a3bc:1a71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.233.108.47 (None, )

ASN- ()
sync.ipredictive.com
1    2603:c020:400d:3000:1bd0:3d54:e1f3:90af (None, )

ASN- ()
sync.technoratimedia.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    54.228.83.115 (None, )

ASN- ()
ad.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
1    141.95.33.111 (None, )

ASN- ()
id5-sync.com
2    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.51 (None, )

ASN- ()
tg.socdm.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
70 adform.net
c1.adform.net — Cisco Umbrella Rank: 568
track.adform.net — Cisco Umbrella Rank: 3696
s1.adform.net — Cisco Umbrella Rank: 8046
449 KB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
206 KB
24 googlesyndication.com
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
90 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1358
usersync.gumgum.com — Cisco Umbrella Rank: 1696
6 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
cdn.adnxs.com — Cisco Umbrella Rank: 1450
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7432
secure.adnxs.com — Cisco Umbrella Rank: 409
acdn.adnxs.com — Cisco Umbrella Rank: 534
96 KB
17 avsim.net
library.avsim.net
123 KB
16 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31195
hal900014.redintelligence.net — Cisco Umbrella Rank: 188515
hal900028.redintelligence.net — Cisco Umbrella Rank: 242798
hal900018.redintelligence.net — Cisco Umbrella Rank: 264406
21 KB
15 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 733
ads.pubmatic.com — Cisco Umbrella Rank: 463
simage2.pubmatic.com — Cisco Umbrella Rank: 665
image2.pubmatic.com — Cisco Umbrella Rank: 872
aud.pubmatic.com — Cisco Umbrella Rank: 4113
simage4.pubmatic.com
33 KB
14 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4453
pixel.mathtag.com — Cisco Umbrella Rank: 975
sync.mathtag.com
8 KB
12 smartadserver.com
prg8.smartadserver.com — Cisco Umbrella Rank: 18637
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560
5 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1761
public.servenobid.com — Cisco Umbrella Rank: 3303
8 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
83 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 647
pix.eu.criteo.net — Cisco Umbrella Rank: 7989
csm.eu.criteo.net — Cisco Umbrella Rank: 7891
23 KB
8 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842
eus.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 548
23 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
dsum.casalemedia.com — Cisco Umbrella Rank: 1385
6 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
268 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 70
region1.analytics.google.com — Cisco Umbrella Rank: 4470
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 291
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
52 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
1 KB
5 openx.net
automatad-d.openx.net — Cisco Umbrella Rank: 59051
rtb.openx.net — Cisco Umbrella Rank: 1634
u.openx.net — Cisco Umbrella Rank: 640
us-u.openx.net — Cisco Umbrella Rank: 417
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
1 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4143
1 KB
4 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12826
ads.eu.criteo.com — Cisco Umbrella Rank: 7817
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740
dis.criteo.com — Cisco Umbrella Rank: 696
41 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 592
ce.lijit.com — Cisco Umbrella Rank: 874
2 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 720
1 KB
3 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 54195
3 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
489 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
2 KB
3 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 2475
bh.contextweb.com — Cisco Umbrella Rank: 522
2 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 931
475 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8741
www.google.de — Cisco Umbrella Rank: 5986
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 518
701 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 996
529 B
2 360yield.com
ad.360yield.com
624 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
937 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3641
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26108
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2833
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
997 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 813
912 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
114 KB
2 automatad.com
go.automatad.com — Cisco Umbrella Rank: 46294
cdn.automatad.com — Cisco Umbrella Rank: 42161
31 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 917
660 B
1 socdm.com
tg.socdm.com
695 B
1 id5-sync.com
id5-sync.com
1 KB
1 inmobi.com
sync.inmobi.com
619 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
292 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 bluekai.com
stags.bluekai.com
773 B
1 stackadapt.com
sync.srv.stackadapt.com
590 B
1 clientgear.com
event.clientgear.com
106 B
1 crwdcntrl.net
sync.crwdcntrl.net
266 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2524
182 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 919
178 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1283
283 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 470
433 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 835
267 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1456
477 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 882
191 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
731 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3147
485 B
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1754
795 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
583 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
576 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31320
610 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2810
412 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3472
1 KB
1 atmtd.com
scripts.atmtd.com
75 KB
320 73
Domain Requested by
54 s1.adform.net track.adform.net
s1.adform.net
library.avsim.net
20 cm.g.doubleclick.net 7 redirects e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
g2.gumgum.com
17 usersync.gumgum.com 1 redirects g2.gumgum.com
17 library.avsim.net library.avsim.net
13 securepubads.g.doubleclick.net library.avsim.net
securepubads.g.doubleclick.net
www.googletagservices.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
11 track.adform.net hal900028.redintelligence.net
hal900014.redintelligence.net
hal900018.redintelligence.net
s1.adform.net
11 ads.servenobid.com scripts.atmtd.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
10 cdnjs.cloudflare.com go.automatad.com
s1.adform.net
9 tags.mathtag.com 2 redirects library.avsim.net
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
tags.mathtag.com
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
7 static.criteo.net ads.eu.criteo.com
7 fra1-ib.adnxs.com scripts.atmtd.com
library.avsim.net
cdn.adnxs.com
6 ib.adnxs.com 3 redirects scripts.atmtd.com
acdn.adnxs.com
6 www.googletagservices.com securepubads.g.doubleclick.net
go.automatad.com
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 match.adsrvr.org e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
public.servenobid.com
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 hal900028.redintelligence.net 1 redirects library.avsim.net
hal900028.redintelligence.net
4 image2.pubmatic.com ads.pubmatic.com
4 sync-tm.everesttech.net 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 eus.rubiconproject.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
4 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
ssum-sec.casalemedia.com
4 hal900018.redintelligence.net hal9000.redintelligence.net
hal900018.redintelligence.net
4 d5p.de17a.com 4 redirects
4 hal900014.redintelligence.net 1 redirects library.avsim.net
hal900014.redintelligence.net
4 prg8.smartadserver.com scripts.atmtd.com
3 sync.outbrain.com 3 redirects
3 simage2.pubmatic.com ads.pubmatic.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ads.pubmatic.com public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
3 cdn.contentspread.net hal900014.redintelligence.net
hal900028.redintelligence.net
hal900018.redintelligence.net
3 ssbsync.smartadserver.com 1 redirects e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
public.servenobid.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 onetag-sys.com 1 redirects e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
public.servenobid.com
3 sync.1rx.io 3 redirects
3 pixel.mathtag.com library.avsim.net
tags.mathtag.com
3 hal9000.redintelligence.net library.avsim.net
3 www.google.com tpc.googlesyndication.com
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
3 btlr.sharethrough.com scripts.atmtd.com
3 e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com library.avsim.net
c.amazon-adsystem.com
2 token.rubiconproject.com eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 ad.360yield.com 2 redirects
2 us-u.openx.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 x.bidswitch.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 sync.mathtag.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 sync.go.sonobi.com public.servenobid.com
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 bh.contextweb.com 1 redirects scripts.atmtd.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 cdn.adnxs.com scripts.atmtd.com
2 ap.lijit.com scripts.atmtd.com
public.servenobid.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 www.googletagmanager.com library.avsim.net
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 id5-sync.com g2.gumgum.com
1 sync.inmobi.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-sync.sitescout.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 event.clientgear.com g2.gumgum.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.taboola.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 p.rfihub.com 1 redirects
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 u.openx.net scripts.atmtd.com
1 public.servenobid.com scripts.atmtd.com
1 acdn.adnxs.com scripts.atmtd.com
1 api.intentiq.com scripts.atmtd.com
1 dsp.adfarm1.adition.com 1 redirects
1 csm.eu.criteo.net ads.eu.criteo.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb.openx.net e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 ads.eu.criteo.com e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com library.avsim.net
1 hb.yellowblue.io scripts.atmtd.com
1 automatad-d.openx.net scripts.atmtd.com
1 hb-api.omnitagjs.com scripts.atmtd.com
1 bid.contextweb.com scripts.atmtd.com
1 scripts.atmtd.com go.automatad.com
1 cdn.automatad.com go.automatad.com
1 www.google.de library.avsim.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 go.automatad.com library.avsim.net
320 118

This site contains no links.

Subject Issuer Validity Valid
*.avsim.com
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.automatad.com
R3		 2022-12-22 -
2023-03-22		 3 months crt.sh
*.atmtd.com
E1		 2022-12-15 -
2023-03-15		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
contentspread.net
R3		 2022-12-14 -
2023-03-14		 3 months crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh
*.servenobid.com
Amazon		 2023-01-07 -
2024-02-05		 a year crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-12-28 -
2024-01-26		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2023-01-16 -
2024-02-15		 a year crt.sh

This page contains 48 frames:

Primary Page: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Frame ID: 99CCE99CE4B60ED35FAE8BAA80D05D3B
Requests: 58 HTTP requests in this frame

Frame: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 01C40D639F3B92C94FF1F865044C9793
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumNDS4F11QTkfUJ2TwYCY2hjwugpFA5fxWm_yJtdh6ygvZdvsDrdpiJ453Eo1xgU3lvP0HOLJ0oivY_lO-jEUyYXXKriANFYuy-JPKpQb8wEgIEu1tIJOGUecXfOj1W514PlSbEzjCBjGXykNLN3HiBijZWB6XVR6uESYq3fx_1RcYV-l9ffCxmLY72mn7xMGKYNOIs1n8QNm0cltTI0AJDfv79c9ruzVzeB_ZkeoaTKOA3s6gPdW9JA1Xx7aAMbL62aocC9oqnUCs9UQ50R7L1wOlsNiO4p7l6aVr__iaSlC1QLpUfInTcNJLQoOGdCOQ8hV3O3Q&sai=AMfl-YRJooK7V7f15sgTvDDvKVp6DIoVhEPbG2noZ74o39zgnzoVIvNrYAuzg_Z0yW9sRZDvoOHarTCfcmFO2r5WhQ7g30jG4kPjhCgc6NoKUuKLFT6O2n0-IZjw3nJ9CJE4URDaARXx3mRSN2NcIexx&sig=Cg0ArKJSzAfilXZmgRcQEAE&uach_m=[UACH]&adurl=
Frame ID: CC79118AC05F60F798AF2C0D8E3A11EF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 245580DE81F9F5C5AB042025510AC705
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3CFEA65B677A2E1EFB493401C97C226B
Requests: 2 HTTP requests in this frame

Frame: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9AA844AAFD19E3538BD94CD2B0C639C1
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHXAfr-6oqYQO7EasVemnU_57D6AVZTcN1nCQcSta_3ATMaf6KxaCoEtbRqNbS5540ZcrsuQDrl8RdGTwj89HxOgo4M7u_pG8_RoiupV8vjOui7uyijLExpp_zEloRVggbbaR2Br4nYC1Zp0K5DtRuPit0MZWs4bFvARbVkj0ZgcXJvjxwMlrkbCEpe8qRJ5sHI47XL_5Li60nY2mhU7-XntGkFL-U8oHHDbGNeor394o2tf4pECT-XgB9Q7G62C0vpY7kZzW94lSkFY0nrCqzejs8zwscbdfZxWzcNRDNHnaa2bz_5hDuc1uKfIWnRJ3-3-GfC4H3fye-ELhVw0Z0CWlUpEWIpKSU&sai=AMfl-YQCEziBKu9XCb7boM4KQXAODzI7EEEN_OK_PsqA7kGl0PPMKM34Ckyaj2I2wQgxZNU-n5vxb-qp9ztWsq1UbF5NuB-Q2JQW6oYIfY8vmCNG5WYTIY6DwO7v6nTYzxU&sig=Cg0ArKJSzMZ8dYpAqmrQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 86B725CB376C438BFAEE4866EA7522D4
Requests: 13 HTTP requests in this frame

Frame: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8BCA5DDF8437CB42DAD17EB4291E8EF1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEK2xUd7g1A8pZJzMYk3F0yC7pws1gL6okZWhkfc06l0xPLVeOGCsemTUr0OUMF2DY2_H9vQUj3ax_CMv9UFn86Maxfb6ZvXsd2e0k6Uyb0oXcpXVIXOu4xSGGCOSVt4Gew2H4RvQFkACJz59SZpDAVhZEzb7OMENcd7PFa9ZHn22tiqTQbdMzdmDRa5Emgw-5hVSw5xZ3wlBsAzEVX12R9WEbQVVJp0TU4UoUTcg7ly-vRNAQfhp_3ftuwRag1d1IvgKb0eIHS5XcrGeq4Gh9XqBAfSJ5V1sZWpme4LmLN0htbJLAum_zZ-iM95a6X-MmlrILblKv6lYt89y_COOSi6yUGGQ2zCjVDk8&sai=AMfl-YQMMcpf7JfkBN2o4afTUJUAEQIcUgXXvWtYbFGbTmu1vHYDFOfAgK3AjlBDhVDaWAWFL6iRJnjsHnFMvPgQzYbOF0fQc9CGpstHkBcjPm3CqkLs91tmEgCVj2rm6oQ&sig=Cg0ArKJSzLONcI2VyyK_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8DDFD46D25BEB88F2BDD4CEF89861884
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Frame ID: E60962D3B15D8FEEE0933D0E12D77D2B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0C5D1A11AC5FA0B43DEE73A5E5276A9
Requests: 9 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
Frame ID: 5F2E258D765D50B328DB212D2A67AFDF
Requests: 11 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=97657700010992106783199012225014&a=2c20d6bc
Frame ID: ACD58AEB36B631023D69051FCB7B2DC0
Requests: 9 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
Frame ID: E3B1BD5F819A0F165E1B3CCFECFA2978
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 644E15407BE4FA221255119EDACDEC4A
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12320352/12320352.js?ADFassetID=12320352&bv=258
Frame ID: AB4770BBB9EE60B03DD58489F6763CE7
Requests: 19 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12320274/12320274.js?ADFassetID=12320274&bv=258
Frame ID: B1B1602FACAAEC1BD51C0C4848DEC919
Requests: 19 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12320325/12320325.js?ADFassetID=12320325&bv=258
Frame ID: D50213418A3881CD58B3D4413B5C1AA9
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 03AA516BA99F0F96D661945241FD60CC
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: FA8BE6567A967621F786E2F8FCE19B84
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 1812183DDBEE489E203CE310BD61A32B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 93F19AF91294FF735516312E01E1D4DA
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F58B8AF7576A334FFFBA83A289403488
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 01D3022D522893F8C4CEB786B9A97F76
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8F592B3F092E064214E881C19CC2ED32
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 65F5EBBA4AB8A80ADC6AFF33AD1C57DD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: AED629B666516A7642F93C1B9BFD748E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: A4C4B99B4CDBECAF99A6BFC9481F0E20
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: E5E6FD9584398B8084EA20E893B4640B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=0&gdpr_consent=
Frame ID: 8A5341E14B0BF3018DBEBDDA47E42129
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
Frame ID: 6F6CC53AD950CB7F1827600B1A1B5F32
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 58C960013712798A408F78089F8034D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8268509275789687133
Frame ID: 6F142680ACDE00957388F340020A774D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw
Frame ID: 5ADD7262520021AB7C359CD792ECE6D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6485183542642210697&gdpr=0&gdpr_consent=
Frame ID: 047B281B9A873772FC2651F81D678ACB
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=14FD8703-16F0-498A-86AC-F320015A5FA9
Frame ID: 6B73C6CF39A63438A6818860F2881FDC
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 100C927D2070436F036F915297617556
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: BFE2745FF378942CA8A337267573D365
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: EF181DFDCEF584D2C9151B70CF619F0B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
Frame ID: CFC3292979AC5402D731978C6BA420FE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y93RagAEcUjJigAF&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF
Frame ID: 4A2864C75A6CF6018E8C971827F28235
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg2Yjg2MC0wNWJkLTRmNTUtYTBmMS1mZDM1MzcwZWMyODI=&gdpr=0&gdpr_consent=
Frame ID: 3006DDE992879EC132FF6925BB2AE6CF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=6485183542642210697brt51591675481450839519f1
Frame ID: 17C7B4164A96745EB3F9AC03C51509B7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y93Ra8Co8YUAAKcsLNEAAAAA
Frame ID: DCDDE3FCFEBFF2F1A0EF8BE15F71F3ED
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=807aaaa0-cc9f-46b0-b3d7-3a1b4f8704da
Frame ID: B2D3D68217A9853A95C2923B9A7EB2AF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y93Rarch38KdPQf7dHfjsQAA%261136
Frame ID: 7F2C56B1A03537B13CA3E50BE9DB4663
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=KTRtD9LMuweSHnm1GYCR&pi=gumgum&tc=1
Frame ID: 0450348F1BC8B220A64D9D9A6F5CC65C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: DA15DE66AA276212963C9A6089754FE6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AVSIM Library

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

320
Requests

84 %
HTTPS

24 %
IPv6

73
Domains

118
Subdomains

81
IPs

12
Countries

1760 kB
Transfer

4365 kB
Size

86
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpZNE5HUmhZek10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NzQ1ODM2MjE3OTk2NDg1NDEvMTEyMDQ0MjAvMTI3ODAzMzYvMTMvMGNwdmEwNFV3LWgxOVlXdXNnYVFTWDdXNnZBNFVTQTljM042RTlPaTZDWS8xLzEzLzAvMC8yMDM5MjE2LzM2NDgxODI4MDMvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNzc0NTgzNjIxNzk5NjQ4NTQxL2Ftcy8wLzUxMzQvNTEvOTk5LzI1OC8yMTcuMTE0LjIxOC4wLzAuMDAwLzE2NzU0ODE0NDYvMTY3NTQ5NDA0Ni8xMy8xMDQ3OS8/YNjburTdeOHYPdPHdaAxly5zXoc&nodeid=3264&group=cdg&auctionid=1774583621799648541&pbs_auctionid=1774583621799648541&shardkey=1774583621799648541&sid=12780336&cid=11204420&bp=a_bjbbgg&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.133.168&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=1774583621799648541&node_id=3264&exch_id=13
Request Chain 82
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpZNE5HUmhZek10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2OTIxMTI2NDk0NDA3MzAzNzAvMTEyMDQ0MTkvMTI3ODAzMzYvMTMvMGNwdmEwNFV3LWgxOVlXdXNnYVFTZE5xZDN6YnZjUVZrQmtNRWFEU1k2VS8xLzEzLzAvMC8yMDM5MjE2LzM2NDgxODI4MDMvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NjkyMTEyNjQ5NDQwNzMwMzcwL2Ftcy8wLzUxMzQvNTEvOTk5LzI1OC8yMTcuMTE0LjIxOC4wLzAuMDAwLzE2NzU0ODE0NDYvMTY3NTQ5NDA0Ni8xMy8xMDQ3OS8/q5XFgYsFcyKwhfDmiqtZbOavyv4&nodeid=3264&group=cdg&auctionid=8692112649440730370&pbs_auctionid=8692112649440730370&shardkey=8692112649440730370&sid=12780336&cid=11204419&bp=a_bjbbgg&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.132.40&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=8692112649440730370&node_id=3264&exch_id=13
Request Chain 105
  • https://hal900014.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1774583621799648541%26mt_id%3D11204420%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=9322340737059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1774583621799648541%26mt_id%3D11204420%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=9322340737059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 106
  • https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8692112649440730370%26mt_id%3D11204419%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=3760188451182&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8692112649440730370%26mt_id%3D11204419%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=3760188451182&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 107
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELoxEknBr06ldv_nhFhFJEw&google_cver=1&google_push=Aa02lx8fQLF9ZQV_-b0OJ8fMubk7CUYkY-f_8rM9fIQFtcLjzG_IXSaETL_RxAP3i-hRmW1XLg1Yy89jp52MYS8XhSg4dTdGya1N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8fQLF9ZQV_-b0OJ8fMubk7CUYkY-f_8rM9fIQFtcLjzG_IXSaETL_RxAP3i-hRmW1XLg1Yy89jp52MYS8XhSg4dTdGya1N&google_hm=rN0D4-w8REC4G2UOokUS5BM
Request Chain 108
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELGPedV_vW0M-rgsK5atjLc&google_cver=1&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N__azKP HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELGPedV_vW0M-rgsK5atjLc&google_cver=1&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N__azKP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N__azKP
Request Chain 109
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBBB8l0SdGnTbwVFkGFhhtA&google_cver=1&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z4Q_0rqyHX_7ayzxeCLlziK HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBBB8l0SdGnTbwVFkGFhhtA&google_cver=1&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z4Q_0rqyHX_7ayzxeCLlziK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z4Q_0rqyHX_7ayzxeCLlziK
Request Chain 111
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI5mbkTd_d4Y-6BSzgBqguw&google_cver=1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675481448046 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b48fe99a-1688-4efe-92c8-a16589ec190f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA%26google_hm%3DA7SP6ZoWiE7-ksihZYnsGQ8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA&google_hm=A7SP6ZoWiE7-ksihZYnsGQ8
Request Chain 112
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIZMPEdcxsQKqa3ZGpJHt3Y&google_cver=1&google_push=Aa02lx9rWO9QZb6IMhuRYk3gv9WqRBrD2bYnAxvcTlXI977ZSsLmPgeo4j9qycyupqsdGec_zmdtoCnbCE5xIkZJIe3QkKdRBqphVw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9rWO9QZb6IMhuRYk3gv9WqRBrD2bYnAxvcTlXI977ZSsLmPgeo4j9qycyupqsdGec_zmdtoCnbCE5xIkZJIe3QkKdRBqphVw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 113
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOmS-r8hZPApNZlNGYHRGw0&google_cver=1&google_push=Aa02lx8dVpm1FlpauQIqpKm8dK-SDXmIr1Un-xe7HfzCcSumXO-oWTH9CC9MwO6klEEneBxc8HGxikV7L8RrCqudix6sJWINpN2S3t8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQ4NTE4MzU0MjY0MjIxMDY5Nw%3D%3D&google_gid=CAESEOmS-r8hZPApNZlNGYHRGw0&google_cver=1&google_push=Aa02lx8dVpm1FlpauQIqpKm8dK-SDXmIr1Un-xe7HfzCcSumXO-oWTH9CC9MwO6klEEneBxc8HGxikV7L8RrCqudix6sJWINpN2S3t8
Request Chain 147
  • https://um.simpli.fi/gp_match?google_gid=CAESEPwOwnmj5FuZawl6sGuDNhU&google_cver=1&google_push=Aa02lx_c39y-Qrej81zEAX8xenoddKbB0SsioFgQglUZWQ7qph96KBJRrbQrC-WcgmdFLGpK8LTyz16pDwAtMjhUZQcJMbnMi2d_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2764D2291CD248A3BFAF41A6842FDBB9&google_push=Aa02lx_c39y-Qrej81zEAX8xenoddKbB0SsioFgQglUZWQ7qph96KBJRrbQrC-WcgmdFLGpK8LTyz16pDwAtMjhUZQcJMbnMi2d_
Request Chain 149
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKrg4UVIRaaJETYuyRM-O5g&google_cver=1&google_push=Aa02lx-hLaBoCqHqkKPXe-t3ZbtItw9D3Ep_I_ZupCpests50BrF2WJxJFK2DPuTejXuMJsZYZqZmB1RwxhanmicpOF9lIImGEo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjEzODAyNDIyNTYwMTY4Ng%3D%3D&google_push=Aa02lx-hLaBoCqHqkKPXe-t3ZbtItw9D3Ep_I_ZupCpests50BrF2WJxJFK2DPuTejXuMJsZYZqZmB1RwxhanmicpOF9lIImGEo
Request Chain 150
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELGPedV_vW0M-rgsK5atjLc&google_cver=1&google_push=Aa02lx_5MgSa5_tLRTGbQq7zNQmjE_lOTy09mV4BebQafFl9YThMOfivgRqyCozYNfCjlbGelgOEPVDcqC8RvRJMH0ZREWJiuKYa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_5MgSa5_tLRTGbQq7zNQmjE_lOTy09mV4BebQafFl9YThMOfivgRqyCozYNfCjlbGelgOEPVDcqC8RvRJMH0ZREWJiuKYa
Request Chain 151
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBBB8l0SdGnTbwVFkGFhhtA&google_cver=1&google_push=Aa02lx8PCmCD1UiAJf6t489F2d-QoMd4AzLIfLm-kiC2FX6GDHmoO6UN5oWF7ZOzGZn2KgRWdC2P72DzCRvzcpAp60oyPLXYv3TD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx8PCmCD1UiAJf6t489F2d-QoMd4AzLIfLm-kiC2FX6GDHmoO6UN5oWF7ZOzGZn2KgRWdC2P72DzCRvzcpAp60oyPLXYv3TD
Request Chain 152
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENj4kHWnyFg56zd_4V1r4Y8&google_cver=1&google_push=Aa02lx93X5dqFeDMrT4Axz6jIcdit2g4mfuTPPSJIYSFqAzlOTehcInFXJtN9kO8SzZsI0cygofgd6mpZ3ZHovv8E4girKr8_Qk HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENj4kHWnyFg56zd_4V1r4Y8&google_cver=1&google_push=Aa02lx93X5dqFeDMrT4Axz6jIcdit2g4mfuTPPSJIYSFqAzlOTehcInFXJtN9kO8SzZsI0cygofgd6mpZ3ZHovv8E4girKr8_Qk&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FP2HAxbwSYqGrPMgAVpfqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx93X5dqFeDMrT4Axz6jIcdit2g4mfuTPPSJIYSFqAzlOTehcInFXJtN9kO8SzZsI0cygofgd6mpZ3ZHovv8E4girKr8_Qk
Request Chain 248
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 249
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 252
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6485183542642210697
Request Chain 253
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GGSSvRZHthckY0tOSHKW9OQk
Request Chain 255
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4656614547
Request Chain 256
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5133329524133119617
Request Chain 258
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=91f72cfe-c88d-48de-b8fb-7de8aa1111cc&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 259
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-zq3jqOlE2uE1_jJE8VjvezIkQ47MRjs64_k1s9g-~A
Request Chain 260
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc1YWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc1YWEyAhIaOAE=
Request Chain 261
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-Be.M6r5E2uHt0xxhuOQRmCt1siK9xJHrOoLVmJ8-~A
Request Chain 263
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=45a519db-c274-4071-93bb-47e4ef66f9c7&gdpr_consent=null&gdpr=0
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y93RagAAA8JOCgAh HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y93RagAAA8JOCgAh&gdpr=0&gdpr_consent=&_test=Y93RagAAA8JOCgAh
Request Chain 265
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDMxNDU2NzUxMjgxNTg5OTI1NQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGN7YcHCxx-02n3rKPnNRM8&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 266
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=N6bpy2Wku84srOyeZ_egmTitv5gspevKMffaq3I1
Request Chain 268
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB&dcc=t
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENadtDizWOqD-GlyXRitSlA&google_cver=1
Request Chain 270
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y93Rarch38KdPQf7dHfjsQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0626JxokNMw4EGksMB3mQ&google_cver=1
Request Chain 273
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAA%261136 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bdeb4a30-2252-4bcf-8765-aad7d7fed388-tuctad756ea
Request Chain 274
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675567850
Request Chain 278
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
Request Chain 280
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8268509275789687133
Request Chain 281
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw
Request Chain 282
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6485183542642210697&gdpr=0&gdpr_consent=
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FP2HAxbwSYqGrPMgAVpfqQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 285
  • https://pixel.onaudience.com/?partner=214&mapped=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=7978424162bd6a835b93b35bf1ac3069&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=208e3e2a031ceb69/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 286
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=14FD8703-16F0-498A-86AC-F320015A5FA9&addseg=19,36,42
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTRGRDg3MDMtMTZGMC00OThBLTg2QUMtRjMyMDAxNUE1RkE5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIOknVkOM4pgFrEOUy6KSWg&google_cver=1
Request Chain 290
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3056566138150904963
Request Chain 292
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6485183542642210697
Request Chain 293
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e886b860-05bd-4f55-a0f1-fd35370ec282&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e886b860-05bd-4f55-a0f1-fd35370ec282&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e4feb7af-0e87-49bb-a63b-ee505e72b965
Request Chain 294
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2ae916df-f925-40fb-669b-079be422360a$ip$217.114.218.19
Request Chain 295
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e886b860-05bd-4f55-a0f1-fd35370ec282&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=aVfqaY45QILRD9wQ6nGH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKWMZYWCWJUGVIUSTCSIQ4XOUJWNZDUQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKWMZYWCWJUGVIUSTCSIQ4XOUJWNZDUQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aVfqaY45QILRD9wQ6nGH&us_privacy=1---
Request Chain 296
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=GckvKWImnj2Y&ev=1&pid=558355
Request Chain 297
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28xk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28xk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e886b860-05bd-4f55-a0f1-fd35370ec282&obuid=ENC(xk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3Dxk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Request Chain 298
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b918c906-8ef1-44da-94a1-7e63dfa5fb0b
Request Chain 299
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-QoT.TWxE2peiO7c1BWJgTWnFT75tl4jsichO~A
Request Chain 300
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=a0007e78-e425-40dc-8279-2b26873fe7b4
Request Chain 303
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=5a866abf-47cb-49d0-8cf4-19812bb198aa
Request Chain 304
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4314567512815899255
Request Chain 306
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
Request Chain 310
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y93RagAEcUjJigAF&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF
Request Chain 312
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6485183542642210697&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=6485183542642210697brt51591675481450839519f1
Request Chain 313
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y93Ra8Co8YUAAKcsLNEAAAAA
Request Chain 314
  • https://cs.admanmedia.com/sync/gumgum?puid=e_e886b860-05bd-4f55-a0f1-fd35370ec282&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=807aaaa0-cc9f-46b0-b3d7-3a1b4f8704da
Request Chain 315
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y93Rarch38KdPQf7dHfjsQAA%261136
Request Chain 316
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=KTRtD9LMuweSHnm1GYCR&pi=gumgum&tc=1
Request Chain 317
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

320 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request search.php
library.avsim.net/ 		45 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
5f1ecf4f62c963756443e3c809ee1f0a288c682adbda32786a0798ac068bedb4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
vary
Accept-Encoding
x-powered-by
PHP/5.6.36
afihbs.js
go.automatad.com/geo/vxTfCt/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.automatad.com/geo/vxTfCt/afihbs.js
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99180d2ae8aa763d93c5c50da9ac3e600488cb1257148071b86960ec90d6c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
x-openstack-request-id
txb323f21d4b94448aab585-0063db9e12
cf-cache-status
REVALIDATED
x-iplb-instance
28796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id
txb323f21d4b94448aab585-0063db9e12
last-modified
Thu, 02 Feb 2023 09:29:03 GMT
server
cloudflare
x-iplb-request-id
AC47F692:3B10_8E2CE366:0050_63DB9E12_54B999:21367
vary
Accept-Encoding
content-type
application/javascript
x-automatad-country
DE
x-object-meta-mtime
1675329951.446262826
cache-control
max-age=14400
x-timestamp
1675330142.98450
cf-ray
7940545d6bfb2be4-FRA
x-automatad-device
W
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8ec06bacb56ae9d0910e1397ae48be81aaa6a0ae333f0edf4316add5fe8ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27272
x-xss-protection
0
server
sffe
etag
"1472 / 794 of 1000 / last-modified: 1675465921"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 03:30:45 GMT
topbanner.gif
library.avsim.net/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/images/topbanner.gif
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cc5f57a885200dd046baee4ebc817c449bee856d10fe2ada9ee2bc544d812211

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
last-modified
Fri, 06 Apr 2012 19:57:41 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"4f7f4ab5-4802"
content-length
18434
content-type
image/gif
Index.png
library.avsim.net/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/images/Index.png
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
01ac6adfa0e215d1ae60b6188465939c146470c99c499ddffa4de50d22dbc5a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
last-modified
Wed, 31 Dec 2003 14:17:45 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"3ff2da89-c40"
content-length
3136
content-type
image/png
ZipDive.png
library.avsim.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/images/ZipDive.png
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8ed932d07bbb87676f4626f5e19a299964e3c308299b554a77b29d22a190605c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
last-modified
Wed, 31 Dec 2003 14:19:13 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"3ff2dae1-885"
content-length
2181
content-type
image/png
Download.png
library.avsim.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/images/Download.png
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
58c20072e3e8c2457829c3014d82771e7b1d642c3bff2fcd1466637f913e7fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
last-modified
Wed, 31 Dec 2003 14:16:57 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"3ff2da59-932"
content-length
2354
content-type
image/png
sendfile.php
library.avsim.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=278076
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
25ba8c34b21a7aea36e59cc0a84e9382dfa8c186b5c9db0ff0839a2340bf46a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2011-01-05_e195_jetblue_n183jb-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=278170
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
d3eb9619d310dd7606fb4bdb7b14970661ee3ae7458961d97800f0fcab359e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2011-01-07_e195_jetblue_n258jb-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=274886
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
3c1b32857beb2b62b8855633827a93ba1aaccc8fe0990fed81bac9aa173b5094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2010-11-01_e195_manchester-united_g-mufc-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=275987
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
52590f74b17880b7c1bdb1e251e5b5c291b0cb79cc429f9413fbe759655a1995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2010-11-24_e195_air-france_f-hblz-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=289695
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
7b9c8179e5a8bec9dba5ed353eae05022e7a80f9f3ad6bd620653fa584798a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
content-disposition
inline; filename=ai_kzr_update_aig-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=274402
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
8736d2c6e0a313b405c823a53824ef1585f5cf46552ddc189b45a0cb12a0d477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:45 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2010-10-24_e195_arkia_4x-ema-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=278249
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
92bae191813192b0d6a8d3cb1ec6efc572e390f75c4af3f10fc07a1690171478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2011-01-08_e195_ivao_pt-ibr-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=275883
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
6106b2e9f9edacec5706de53c2998a2c147fe1cec72b9fc860f34b069def8067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2010-11-22_e195_ba-cityflyer_g-lcyz-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=271458
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
1d83a5155f4dc85b8c7dabe133fd80f8c761525c8d6050e90654c8d99b99d415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
server
nginx/1.16.1
content-disposition
inline; filename=2010-08-31_e195_ceara_pt-csc-2010-08-31_e195_ceara_pt-csc-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
sendfile.php
library.avsim.net/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/sendfile.php?Location=AVSIM&Proto=file&ImageID=305003
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.36
Resource Hash
834787ab97d63c18ac6455b79322cb127f2fb7fb98a9385994e3763d7efbc45a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
server
nginx/1.16.1
content-disposition
inline; filename=aiem2swt-tn.gif
x-powered-by
PHP/5.6.36
content-type
image/gif
PrevPage.png
library.avsim.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/images/PrevPage.png
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9a323ce0f71c5033a0a79500f77d2d772890cedbec53ebe9924472ab0bf8b2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
last-modified
Wed, 31 Dec 2003 14:18:15 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"3ff2daa7-96a"
content-length
2410
content-type
image/png
NextPage.png
library.avsim.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://library.avsim.net/images/NextPage.png
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f108:300:8:21a:4aff:fe16:11a , United States, ASN29838 (AMC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4729ebbfc9b34bb34e849720a5cfb3c2e456a3640dfa7bed72bd4f8bfb856a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
last-modified
Wed, 31 Dec 2003 14:18:07 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"3ff2da9f-98b"
content-length
2443
content-type
image/png
gtm.js
www.googletagmanager.com/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5ZLM3N3
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9316fdcdb37769689c4cbb6552ad3a4c0230ab436f7e09ae93f288e3244e722c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39158
x-xss-protection
0
last-modified
Sat, 04 Feb 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 Feb 2023 03:30:46 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-56.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 02:34:53 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2023 21:25:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
3354
x-amz-server-side-encryption
AES256
etag
W/"a32dad266af898d87dd85cf65ca93536"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
o2ZJMLxuCOZ6yu8d6zL3qpvp5h0vw4MYBOtjd6GZSCWuTA7LZv0Q2A==
pubads_impl_2023020101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 09:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132509
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 09:37:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Feb 2024 09:25:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=library.avsim.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3970e9644153e54a40508af8a225fba38e53f8e227278d1db1030e0f63a07ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-xss-protection
0
expires
Sat, 04 Feb 2023 03:30:46 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=library.avsim.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=library.avsim.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		158 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4395734016778886&correlator=499188531132747&eid=31071362%2C31072165&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fifs&iu_parts=22589072596%2Clib_banner%2Clib_footer%2Cmain-bottom-left%2Cmain-top-left%2Cmain-bottom-right%2Cmain-top-right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=320x50%7C320x100%7C970x90%7C234x60%7C468x60%7C728x90%7C300x75%7C300x50%7C300x100%2C250x250%7C336x280%7C970x90%7C300x250%7C320x480%7C728x90%7C300x100%7C300x600%7C970x250%7C468x60%7C300x50%7C480x320%2C200x200%7C125x125%7C140x120%7C180x150%2C180x150%7C200x200%7C140x120%7C125x125%2C125x125%7C140x120%7C180x150%7C200x200%2C200x200%7C140x120%7C125x125%7C180x150&ifi=1&adks=1399224403%2C2999664660%2C1123269432%2C486244388%2C3935624410%2C2615841576&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675481446174&lmt=1675481446&dlt=1675481445910&idt=216&adxs=-9%2C-9%2C-9%2C169%2C-9%2C1221&adys=-9%2C-9%2C-9%2C11%2C-9%2C11&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C0%7C-1%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C212x122%7C0x-1%7C212x122&msz=0x-1%7C0x-1%7C0x-1%7C210x120%7C0x-1%7C210x120&fws=2%2C2%2C2%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=446818801.1675481446&ga_sid=1675481446&ga_hid=975536189&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd14a8f83028ec0c6d4db5b50cec35d124c466efb8fa57a73aa278d747a3a4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29245
x-xss-protection
0
google-lineitem-id
-2,-2,5792602948,5793234170,5791205487,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,138364705351,138364705618,138364705045,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://library.avsim.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 01C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:46 GMT
expires
Sun, 04 Feb 2024 03:30:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Flibrary.avsim.net&pubid=d3e75b99-4e89-4a39-992c-4bbb8b7a672b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-56.prg50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 01:50:58 GMT
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
age
5988
x-cache
Hit from cloudfront
access-control-allow-origin
https://library.avsim.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
1_41EhufFlK_Lq-mpUHcJZxsJ8grRRiZlTCVCoO9UrqPJAHfC44W0A==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&pid=kfrj9GScx7Ork&cb=0&ws=1600x1200&v=23.127.1625&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1631204876128-0%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%2C%22970x90%22%2C%22234x60%22%2C%22468x60%22%2C%22728x90%22%2C%22300x75%22%2C%22300x50%22%2C%22300x100%22%5D%2C%22sn%22%3A%22%2F22589072596%2Flib_banner%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1631235965862-0%22%2C%22s%22%3A%5B%22250x250%22%2C%22336x280%22%2C%22970x90%22%2C%22300x250%22%2C%22320x480%22%2C%22728x90%22%2C%22300x100%22%2C%22300x600%22%2C%22970x250%22%2C%22468x60%22%2C%22300x50%22%2C%22480x320%22%5D%2C%22sn%22%3A%22%2F22589072596%2Flib_footer%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1632189945370-0%22%2C%22s%22%3A%5B%22200x200%22%2C%22125x125%22%2C%22140x120%22%2C%22180x150%22%5D%2C%22sn%22%3A%22%2F22589072596%2Fmain-bottom-left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1632189913216-0%22%2C%22s%22%3A%5B%22200x200%22%2C%22125x125%22%2C%22140x120%22%2C%22180x150%22%5D%2C%22sn%22%3A%22%2F22589072596%2Fmain-top-left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1632189856832-0%22%2C%22s%22%3A%5B%22200x200%22%2C%22125x125%22%2C%22140x120%22%2C%22180x150%22%5D%2C%22sn%22%3A%22%2F22589072596%2Fmain-bottom-right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1632189811391-0%22%2C%22s%22%3A%5B%22200x200%22%2C%22125x125%22%2C%22140x120%22%2C%22180x150%22%5D%2C%22sn%22%3A%22%2F22589072596%2Fmain-top-right%22%7D%5D&pubid=d3e75b99-4e89-4a39-992c-4bbb8b7a672b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
SZMGWSV184116EFRW8J2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://library.avsim.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NOwb08Jgyxjl62Z6ba7NfaSWwqfPaCIIrECl81-6zuPwYdpZwgpaWg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-56.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 23:59:14 GMT
x-amz-version-id
UbKifkjYJEpp9kioi5dZ9KFE2QW1MpFD
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
12693
x-cache
Hit from cloudfront
last-modified
Fri, 03 Feb 2023 23:37:41 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
0YdVkRddImsPx4zUgZ4sf1ltEggiloU3U7B17Q0p5FXH-DEBL_DlPg==
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X9WG1KE85T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZLM3N3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40da5aa4e97f60b0920d7e88b9f8eb39510d77d4c856e6a1fcda96fa9df5d236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77061
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Feb 2023 03:30:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CC79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumNDS4F11QTkfUJ2TwYCY2hjwugpFA5fxWm_yJtdh6ygvZdvsDrdpiJ453Eo1xgU3lvP0HOLJ0oivY_lO-jEUyYXXKriANFYuy-JPKpQb8wEgIEu1tIJOGUecXfOj1W514PlSbEzjCBjGXykNLN3HiBijZWB6XVR6uESYq3fx_1RcYV-l9ffCxmLY72mn7xMGKYNOIs1n8QNm0cltTI0AJDfv79c9ruzVzeB_ZkeoaTKOA3s6gPdW9JA1Xx7aAMbL62aocC9oqnUCs9UQ50R7L1wOlsNiO4p7l6aVr__iaSlC1QLpUfInTcNJLQoOGdCOQ8hV3O3Q&sai=AMfl-YRJooK7V7f15sgTvDDvKVp6DIoVhEPbG2noZ74o39zgnzoVIvNrYAuzg_Z0yW9sRZDvoOHarTCfcmFO2r5WhQ7g30jG4kPjhCgc6NoKUuKLFT6O2n0-IZjw3nJ9CJE4URDaARXx3mRSN2NcIexx&sig=Cg0ArKJSzAfilXZmgRcQEAE&uach_m=[UACH]&adurl=
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Feb 2023 03:30:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame CC79 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 21:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 21:44:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame CC79 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 21:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 21:44:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC79 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 03:30:46 GMT
16861627514180312515
tpc.googlesyndication.com/simgad/ Frame CC79 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16861627514180312515
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf4b1f45d28a9e8414f7aa7060736e0f2964d3e487cc4748c3ee98b3886b3089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 15:08:07 GMT
x-content-type-options
nosniff
age
130959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2793
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 01:56:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Feb 2024 15:08:07 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-X9WG1KE85T&gtm=45je3210&_p=975536189&_gaz=1&cid=446818801.1675481446&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675481446&sct=1&seg=0&dl=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&dt=AVSIM%20Library&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X9WG1KE85T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://library.avsim.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X9WG1KE85T&cid=446818801.1675481446&gtm=45je3210&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X9WG1KE85T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://library.avsim.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X9WG1KE85T&cid=446818801.1675481446&gtm=45je3210&aip=1&z=717801697
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CC79 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf9cd51bdd8dea0f45d3b6b40395eb7c7a530ac23b191ae2adae0d320b2c8cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CC79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG296kkuDzuh_hfPLfuCX771_ONVWUwydUbypXIM0_7Rjuu0NjKp8CUOoIsSdMjytiFJtq8RRBepNfNh5UfO-F0qYSfEaIWLpjtcAC4My6A0AYoeWjP884Ke6UtVtfoYKRo2hhiJK5qYgvehX4KAnTsfMEwbxJU7mVzDbo7LpjYzMqZj6hqUVAr8xXs0YF-O1CBpzGJPfuohLhV6JPe1MF4uO2ckzcP-kFie-a0JGpc5sT8oYlx129OP56_8d-LmUbQR38S6e7Jo3oP1Qq1RAVk8nw8ELyYxVxX5s9oWG2GmWenIjH4afLsnaI7cX9G0PI4iCMlWJdrQ&sai=AMfl-YRBwlK53bsvzoGNu7HqDXTSkblfmUCAcH7e2331jif0L_YQKyVvlhqm3GSa2J4ONyTiwnyTHN7cQQ34eWQXhB5U8SBxqrXVpXRUu2d1Nq4dlpyG59qr7Tkz5yrL8VF3CJk81qx3a2ElHEsfXOEB&sig=Cg0ArKJSzKdcPtInzxmOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Feb 2023 03:30:46 GMT
iiq_tag.js
cdn.automatad.com/js/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.automatad.com/js/iiq_tag.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/vxTfCt/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1077:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1077 /
Resource Hash
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-198
cdn-cachedat
01/31/2023 02:43:59
cdn-pullzone
50108
last-modified
Mon, 31 Oct 2022 13:32:25 GMT
server
BunnyCDN-DE1-1077
cdn-fileserver
290
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"635fce69-cdcf"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
c48ed7a4bf4329d862e10119c55ab77c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/vxTfCt/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f00f7401c1f4a38d36047ab0292fd869538b950343c2e353760e8062ad947a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27285
x-xss-protection
0
server
sffe
etag
"1472 / 534 of 1000 / last-modified: 1675465921"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 03:30:46 GMT
prebid_vxTfCt.js
scripts.atmtd.com/yetijs/ 		256 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/vxTfCt/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a2132d48e23588b97e2795c26f1915126fdab93ec829d562d8344711113b56d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
x-amz-version-id
26V9l1gFw7dm3HWvbXHU2bEoErDfqGCu
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
5XD4H57F7W04DG5R
age
64510
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
CHNyD1Fuj/cTl5PesXmsu25IG9vC78Ltl8YBdYyDjjRjjJtRNppbovJ/iFYx2tBwUS1bV4bosh0=
last-modified
Tue, 31 Jan 2023 11:09:43 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1670949244/ctime:1670949233/gid:0/gname:root/mode:33188/mtime:1670949233/uid:0/uname:root
etag
W/"27ab74f95690a3a1f1f186a54a7cb93b"
vary
Accept-Encoding
content-type
text/plain
cache-control
max-age=120
cf-ray
794054619e32bb59-FRA
sizzle.min.js
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/vxTfCt/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14112377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6679
last-modified
Mon, 04 May 2020 16:16:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd4-4dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F55Ev0zAw0dkp%2B9NG4FOFyn5oYGdMy1PVFDrj8%2F0VvQyY1dsnvKieY4MS2QY%2FWAdtzgjpE0jlkGb2mtDd%2FuIC%2B1uiyEsl%2Ft5Joq2462HVgMjIFik6v6PYIwSmn8EbDx7FtV4JCHzb2c91ReGuKOOx5q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
794054619aa49a1e-FRA
expires
Thu, 25 Jan 2024 03:30:46 GMT
adreq
ads.servenobid.com/ 		1 KB
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10002
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b18500cbbbeaab27a9c5cb5be393f5668a7420831811cd7e27ba86b4137f1ce3

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://library.avsim.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://library.avsim.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://library.avsim.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://library.avsim.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg8.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://library.avsim.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.49.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-49-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://library.avsim.net
date
Sat, 04 Feb 2023 03:30:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.49.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-49-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://library.avsim.net
date
Sat, 04 Feb 2023 03:30:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.49.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-49-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://library.avsim.net
date
Sat, 04 Feb 2023 03:30:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
df6e4baf4a27a1faf3ab926ef934de3db9c44283422cb786a3b4eb16801574b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 04 Feb 2023 03:30:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e1e5b829-2f8e-43af-aeaa-e36c643c87ad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://library.avsim.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ortb
bid.contextweb.com/header/ 		0
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
envoy
cwdl
22/4211,22/4211,22/4211,22/4211
access-control-allow-origin
https://library.avsim.net
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
86
cw-server
bid-deployment-isolate-stage-699bd6fcc9-2n846
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		714 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&PublisherDomain=https%3A%2F%2Flibrary.avsim.net
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
9e75af797016be7de1ca73ffe30677bf0324d286d2604e9a128808bfdbd2d295
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://library.avsim.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
714
expires
0
arj
automatad-d.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://automatad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=453e25f7-251d-4ca0-998f-de17a04938a5%2C638cfbc6-b16c-412b-8f9e-2ca6690f7011%2Cf4e08097-64ee-43a8-8622-efac04dabd73%2C0c89bce9-8f5c-49a6-8c3f-bcc00fa40d76&nocache=1675481446748&schain=1.0%2C1!automatad.com%2C2311913840991579%2C1%2C%2C%2C&aus=728x90%7C970x90%7C970x250%7C728x90&divids=fi-ash-1633416983-2331%2CATD_AVSIM_NET_INR1_D%2CATD_AVSIM_NET_EOP_D%2CATD_AVSIM_NET_LB_TOP_D&aucs=%2C%2C%2C&auid=549561929%2C549561929%2C549561929%2C549561929&aumfs=50%2C50%2C50%2C50
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2aceb6834d98e6f332a7751249ca55289246d8756cd476d42945af2af3627ccf

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://library.avsim.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-multi
hb.yellowblue.io/ 		105 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.157.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-157-122.compute-1.amazonaws.com
Software
/
Resource Hash
fdcdb4e51d4e3d1e90364b2a888a701bce4ebc059f5e692993412992c6aba4f4

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://library.avsim.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		24 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.28.0
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2d473464782e3555b884e7f93375b1ef5c73fe9589b5413625cd426b4baeacbd

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 04 Feb 2023 03:30:46 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://library.avsim.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cdfc0b9a46f950118e2c5a1c811d1e5fc8e28e187b3ab00bed0bffc570726d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11088
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 03:30:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2455 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 01:00:27 GMT
expires
Sun, 04 Feb 2024 01:00:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3CFE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b4bc2e190ba0f6eb5ef4e1d56ee98b9739c3703ed08c9d67814c79898f40fdb6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-t0dy6-U16kiSVf6cxCc7dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-t0dy6-U16kiSVf6cxCc7dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:47 GMT
expires
Sat, 04 Feb 2023 03:30:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame 2455 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
283842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:40:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3CFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020101&jk=4395734016778886&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2455 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?svUirg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=library.avsim.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=library.avsim.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4395734016778886&correlator=1795825620045931&eid=31071362%2C31072165&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fifs&iu_parts=21804848220%3A22589072596%2CATD_avsim.net%2CATD_728x90_Footer_sticky_D%2CATD_970x90_INR1_D%2CATD_970x250_EOP_D%2CATD_728x90_LB_TOP_D&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F5&prev_iu_szs=728x90%2C970x90%2C970x250%2C728x90&ifi=7&adks=1234413246%2C2463848554%2C3238012736%2C3638245234&sfv=1-0-40&prev_scp=mod%3Dfi%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D464f352afffde95%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D464f352afffde95%26hb_bidder%3Dappnexus%7Cmod%3Dfi%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x90%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D47f6241ac2246dc%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.10%26hb_adid%3D47f6241ac2246dc%26hb_bidder%3Dappnexus%7Cmod%3Dfi%7Cmod%3Dfi%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D486ab40fa74ac65%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D486ab40fa74ac65%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie=ID%3Df99a763db398925b%3AT%3D1675481446%3AS%3DALNI_MY5fbDFoeKayBQ7JOVxFxDWQKnClA&gpic=UID%3D00000baf784083b8%3AT%3D1675481446%3ART%3D1675481446%3AS%3DALNI_MagBykeveVsEIPAuz3hLEb3-T50WQ&abxe=1&dt=1675481447409&lmt=1675481447&dlt=1675481445910&idt=216&adxs=436%2C89%2C169%2C383&adys=1110%2C1304%2C5106%2C11&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C0&ucis=7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&frm=20&vis=1&psz=728x-1%7C1425x4%7C1261x0%7C833x90&msz=728x-1%7C1421x0%7C1261x0%7C833x0&fws=516%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0&ga_vid=446818801.1675481446&ga_sid=1675481446&ga_hid=975536189&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a14c7e70e74ef846c905e60a107b44d3f10a454f35e8d6c5a538d12cc14ed44f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18375
x-xss-protection
0
google-lineitem-id
-1,5029676538,-1,5029676538
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138267176710,-1,138266885871
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://library.avsim.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CC79 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulCrZHSd2PSgQbrMFA-Y4VeysGPl_I7e6CJ9746bAJhgFrF1ya9r9wsbgmSVWoBgNjet_-DXlIBaTJWvECsmlWSCKoan0GsSnIxDXSGBY-NDu1clU8&sig=Cg0ArKJSzFMqEoKDmGe3EAE&id=lidar2&mcvt=1000&p=11,169,131,309&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=486244388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675481446306&rpt=156&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020101&jk=4395734016778886&bg=!vL-lv_vNAAaq5O5FiuQ7ACkAdvg8Wng32T9BcGkMsIqY50n3avmvGeI8MThjo5q2RFd1Dyg1MT5edQIAAABJUgAAAARoAQeZAqQkiR5ETA7FIVa2ZCVexPAtAo1syviLN1c3_ZJOXpcf4XsTmZ4EHfnj1BbRTCotrJs2kfhfbChdJPRl7LjM-2AvGalmOLykZCoHyjPPkBaSZooGh2w5nklx6DnHYG8II0mSFn7x6p6KynRG3G_2O3yzzJSVYKKGCbptPelPHT8bysF3I_Mw7Vyq9NyQwmeHP5_Ai4JwM7L-X0aed2ZwxGzLnaYsQCYhlpXMbEhCiJuBnxkeaeCibZIcetBxzu4bNLkeoPwv4sjMQX4fzBR_1Q26yxyQYE0J6KWTqsKYhiqv7hHEGrf5ngMClhLMORIjkuZDJgkPq3I1Fp0k1cpZaJFNVFk7G3p55cimOzA49sW8MUYpDcR9QzEFcj98slKCdxgjqvDqe46HkBxazOryo28qsqlKpRByya32ZA5o0nv8dvJuNGkjwvnqhVnwp1n82wlVnK53PrI-5m-EGqQHg_3F7JoZQBmzg2Vg0BeOxyi9zWzCQYuHM8Q9l5mgJs2eH7e14roYDW6yy7WOZcKvShYQUwOoi1-nY-gBmVoTyMWC1ktdxbNJpc4NrDcsfKBnsOnbNCgpznjl7ZOtYGm5ZvDEcU_1G6wwwk8N0L_WAwTsoccw-6asaeatmIRtg2807Gu20c9qiCIHjqt9Vnrk-ANGW_14ImLLbap0tPp6-2vd1KcEsJTiZNMc83sjtqLVWgF7nUr9DrjYIoN8RxZ5yoGmbY2Qy6NGXEuDBziyCwte8CXizWv2NPW2mOpbQw9kOTsA_n4S1tkBb49YZ1CxbVJkzqVZrE0a1bR1EO8BnU6jGiRYsXYYQbj3GkNmNR0HAPmc6LMjXVjd6R-kkfymjffADMS5x93iIdAGAPwKwFx5Zs-bxBxzGP7BFjLEWUHOjJdIoDgN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
container.html
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9AA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:46 GMT
expires
Sun, 04 Feb 2024 03:30:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 86B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHXAfr-6oqYQO7EasVemnU_57D6AVZTcN1nCQcSta_3ATMaf6KxaCoEtbRqNbS5540ZcrsuQDrl8RdGTwj89HxOgo4M7u_pG8_RoiupV8vjOui7uyijLExpp_zEloRVggbbaR2Br4nYC1Zp0K5DtRuPit0MZWs4bFvARbVkj0ZgcXJvjxwMlrkbCEpe8qRJ5sHI47XL_5Li60nY2mhU7-XntGkFL-U8oHHDbGNeor394o2tf4pECT-XgB9Q7G62C0vpY7kZzW94lSkFY0nrCqzejs8zwscbdfZxWzcNRDNHnaa2bz_5hDuc1uKfIWnRJ3-3-GfC4H3fye-ELhVw0Z0CWlUpEWIpKSU&sai=AMfl-YQCEziBKu9XCb7boM4KQXAODzI7EEEN_OK_PsqA7kGl0PPMKM34Ckyaj2I2wQgxZNU-n5vxb-qp9ztWsq1UbF5NuB-Q2JQW6oYIfY8vmCNG5WYTIY6DwO7v6nTYzxU&sig=Cg0ArKJSzMZ8dYpAqmrQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
h67p15kot2n3
hal9000.redintelligence.net/zone/ Frame 86B7 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/h67p15kot2n3?subid=&gdpr=0&gdpr_consent=&rnd=1774583621799648541&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1774583621799648541%26mt_id%3D11204420%26mt_adid%3D215543%26redirect%3D
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4f69e3e7b5c2bfac3a41d6e361a81d3ca796db1bbcf0cc5fc1444adf21c34d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:47 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2782
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 86B7
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpZNE5HUmhZek10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NzQ1ODM2MjE3OTk2NDg1NDEvMTEyMDQ0MjAvMTI3ODAzMzYvMTMvMG...
  • https://tags.mathtag.com/ck-confirm?bid_id=1774583621799648541&node_id=3264&exch_id=13
49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=1774583621799648541&node_id=3264&exch_id=13
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MMBD/3.379.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x94, cdg-bidder-x52
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 04 Feb 2023 03:30:47 GMT

Redirect headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
x-mm-nodeid
3264
x-mm-bid-request-time
1675481446
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Sat, 04 Feb 2023 03:30:46 GMT
Server
MMBD/3.379.0
x-mm-latency
1 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=1774583621799648541&node_id=3264&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x88, cdg-bidder-x52
Keep-Alive
timeout=360
x-mm-lag
1
Expires
Sat, 04 Feb 2023 03:30:47 GMT
img
pixel.mathtag.com/event/ Frame 86B7 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=1774583621799648541&v3=1262142&v4=12780336&v5=11204420&mt_nsync=1&no_attr=1
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 441 9053ffc master zrh-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MT3 441 9053ffc master zrh-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 04 Feb 2023 03:30:47 GMT
img
tags.mathtag.com/event/ Frame 86B7 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=1774583621799648541&st=12780336&time=[IMP_ATTR.time]&nodeid=3264
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MMBD/3.379.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x102, cdg-bidder-x52
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 04 Feb 2023 03:30:47 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 86B7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires
Wed, 10 Jan 2024 21:27:38 GMT
Date
Sat, 04 Feb 2023 03:30:47 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2095389
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220023-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1675481448.909242,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
60, 4111960
it
fra1-ib.adnxs.com/ Frame 86B7 		0
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Flibrary.avsim.net%252Fsearch.php%253FCatID%253Droot%2526SearchTerm%253Demb-145%252B%2526Sort%253DSize%2526ScanMode%253D0%2526Page%253D15&e=wqT_3QKxC-ixBQAAAwDWAAUBCOai954GELm96sf-xumCPhgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAAwB6F9z8hcA0SACkRJNAxAAAAoEfhyj8woriJCzjvUUAdSAhQ0qCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG8KSYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK09gHgApKnT-oCYGh0dHBzOi8vbGlicmFyeS5hdnNpbS5uZXQvc2VhcmNoLnBocD9DYXRJRD1yb290JlNlYXJjaFRlcm09ZW1iLTE0NSsmU29ydD1TaXplJlNjYW5Nb2RlPTAmUGFnZT0xNYADAIgDAZADAJgDF6ADAaoD4AYKlgYBdqg6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19lEQvQaWQ9NWFXOTVxMmpMekl6THlBdlRucFpORTVIVW1oWmVrMTBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkg8LxMekUzTnpRMU9ETTJNakUzT1RrMk5EZzFOREV2TVRFeU1EUTBNakF2TVRJM09EQXpNell2TVRNdk1HTndkbUV3TkZWM0xXZ3hPVmxYZFhObllWRlRZVEI0WlV3dGNHNUtRM0JyUjNkeVlYazJaMjVwTUM4eEx6RXpMekF2TUM4eU1ETTVNakUyTHpNMk5EZ3hPREk0TURNdk1qRTFOVFF6THpFeU5qSXhOREl2TVM4d0x6QXZUVVJCZDAxRVEJxAAwDdQARKb0AAV8BHdMCQgkeE56YzBOVGd6TgFoQHprNU5qUTROVFF4TDJGdGN5ASiQVXhNelF2TlRFdk9UazVMekkxT0M4eU1UY3VNVEUwTGpJeE9DNAFQ8It1TURBd0x6RTJOelUwT0RFME5EWXZNVFkzTlRRNU5EQTBOaTh4TXk4eE1EUTNPUzgvcjluRTZXbTk5VG1tc01CM3ZkUnFSRTBwaWlzJm5vZGVpZD0zMjY0Jmdyb3VwPWNkZyZhdWN0aW9uaWQ9MTc3NDU4MzYyMTc5OTY0ODU0MSZwYnNfYXVjdGlvbloiACRzaGFyZGtleT0xTj8A8EZyaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iamJiZ2cmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4xNjgmcwF8IDI3ODAzMzYmYwENmDEyMDQ0MjAmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMUaTAKgaEzQ0NjkxNjA5NjQyOTcyMzYxNTMiCTQwNzMyNjgwMioGMTAxOTM2OggxDWTwsMADrALIAwDYA62KOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4xOagEALIEDwgAEAEYygcgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATSoJ3CAYgFAZgFAKAFsZPQ_feus6EZwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFo4AD-gUECAAQAJAGAJgGALgGAMEGAAUlLPA_0Ab5qwHaBhYKEAURHQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTI2MjE0MsgHwogG0gcNCQANNAEwDNoHBggFCWjgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAE.&s=85dad94d117952722e357b7636ee7d163148534d
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:47 GMT
AN-X-Request-Uuid
b9d7f385-0176-4064-b87d-bba5aadd5e05
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86B7 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 03:30:47 GMT
container.html
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BCA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:46 GMT
expires
Sun, 04 Feb 2024 03:30:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8DDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEK2xUd7g1A8pZJzMYk3F0yC7pws1gL6okZWhkfc06l0xPLVeOGCsemTUr0OUMF2DY2_H9vQUj3ax_CMv9UFn86Maxfb6ZvXsd2e0k6Uyb0oXcpXVIXOu4xSGGCOSVt4Gew2H4RvQFkACJz59SZpDAVhZEzb7OMENcd7PFa9ZHn22tiqTQbdMzdmDRa5Emgw-5hVSw5xZ3wlBsAzEVX12R9WEbQVVJp0TU4UoUTcg7ly-vRNAQfhp_3ftuwRag1d1IvgKb0eIHS5XcrGeq4Gh9XqBAfSJ5V1sZWpme4LmLN0htbJLAum_zZ-iM95a6X-MmlrILblKv6lYt89y_COOSi6yUGGQ2zCjVDk8&sai=AMfl-YQMMcpf7JfkBN2o4afTUJUAEQIcUgXXvWtYbFGbTmu1vHYDFOfAgK3AjlBDhVDaWAWFL6iRJnjsHnFMvPgQzYbOF0fQc9CGpstHkBcjPm3CqkLs91tmEgCVj2rm6oQ&sig=Cg0ArKJSzLONcI2VyyK_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
y39eto6m2jel
hal9000.redintelligence.net/zone/ Frame 8DDF 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=0&gdpr_consent=&rnd=8692112649440730370&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8692112649440730370%26mt_id%3D11204419%26mt_adid%3D215543%26redirect%3D
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
791b3a40f134436ca5287d36d57dc1a3484f0ca3fe7a9cf16ff2d8c603a47cff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:47 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2782
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 8DDF
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpZNE5HUmhZek10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg2OTIxMTI2NDk0NDA3MzAzNzAvMTEyMDQ0MTkvMTI3ODAzMzYvMTMvMG...
  • https://tags.mathtag.com/ck-confirm?bid_id=8692112649440730370&node_id=3264&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8692112649440730370&node_id=3264&exch_id=13
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MMBD/3.379.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x110, cdg-bidder-x52
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 04 Feb 2023 03:30:47 GMT

Redirect headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
x-mm-nodeid
3264
x-mm-bid-request-time
1675481446
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Sat, 04 Feb 2023 03:30:46 GMT
Server
MMBD/3.379.0
x-mm-latency
1 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=8692112649440730370&node_id=3264&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x90, cdg-bidder-x52
Keep-Alive
timeout=360
x-mm-lag
1
Expires
Sat, 04 Feb 2023 03:30:47 GMT
img
pixel.mathtag.com/event/ Frame 8DDF 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=8692112649440730370&v3=1262142&v4=12780336&v5=11204419&mt_nsync=1&no_attr=1
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 441 9053ffc master zrh-pixel-x5 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MT3 441 9053ffc master zrh-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 04 Feb 2023 03:30:47 GMT
img
tags.mathtag.com/event/ Frame 8DDF 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=8692112649440730370&st=12780336&time=[IMP_ATTR.time]&nodeid=3264
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MMBD/3.379.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x79, cdg-bidder-x52
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 04 Feb 2023 03:30:47 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 8DDF 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires
Wed, 10 Jan 2024 21:27:38 GMT
Date
Sat, 04 Feb 2023 03:30:47 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2095389
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220057-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1675481448.909333,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
60, 657737
it
fra1-ib.adnxs.com/ Frame 8DDF 		0
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Flibrary.avsim.net%252Fsearch.php%253FCatID%253Droot%2526SearchTerm%253Demb-145%252B%2526Sort%253DSize%2526ScanMode%253D0%2526Page%253D15&e=wqT_3QKwC-iwBQAAAwDWAAUBCOai954GEPa8laWlkcP4QRgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAA4HoUAkAhcA0SACkRJNAxAAAAYGZm1j8wtriJCzjvUUAdSAhQqKCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG8KSYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK09gHgApKnT-oCYGh0dHBzOi8vbGlicmFyeS5hdnNpbS5uZXQvc2VhcmNoLnBocD9DYXRJRD1yb290JlNlYXJjaFRlcm09ZW1iLTE0NSsmU29ydD1TaXplJlNjYW5Nb2RlPTAmUGFnZT0xNYADAIgDAZADAJgDF6ADAaoD3wYKlQYBdqg6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19lEQvQaWQ9NWFXOTVxMmpMekl6THlBdlRucFpORTVIVW1oWmVrMTBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkg8LxMemcyT1RJeE1USTJORGswTkRBM016QXpOekF2TVRFeU1EUTBNVGt2TVRJM09EQXpNell2TVRNdk1HTndkbUV3TkZWM0xXZ3hPVmxYZFhObllWRlRWR0pLY2xjdE5FMW5UM2RuWVd4eU5uTlFSbTB6YXk4eEx6RXpMekF2TUM4eU1ETTVNakUyTHpNMk5EZ3hPREk0TURNdk1qRTFOVFF6THpFeU5qSXhOREl2TVM4d0x6QXZUVVJCZDAxRVEJxAAwDdQARKb0AAV8BHdMCQgQNE5qa3kB7FROalE1TkRRd056TXdNemN3TDJGdGN5ASiQVXhNelF2TlRFdk9UazVMekkxT0M4eU1UY3VNVEUwTGpJeE9DNAFQaHVNREF3THpFMk56VTBPREUwTkRZdk1UWTNOVAFc8GVBME5pOHhNeTh4TURRM09TOC9kWTdzRVhpN0V6d1dQMWM0b3Bablp3U2Y5T00mbm9kZWlkPTMyNjQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD04NjkyMTEyNjQ5NDQwNzMwMzcwJnBic192IgAcc2hhcmRrZXlWPwDwgXJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2JqYmJnZyZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMyLjQwJnNpZD0xMjc4MDMzNiZjaWQ9MTEyMDQ0MTkmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITODY5MjE20QBYGhM0NzUxNTkyODcwMTE3NzI3ODYyIgkB8DgyNjc2MCoGMTAxOTM2OggRZPCwwAOsAsgDANgDrYo44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKigncIBiAUBmAUAoAWEnP_krufWohfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWjgAP6BQQIABAAkAYAmAYAuAYAwQYABSUs8D_QBvmrAdoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjYyMTQyyAfCiAbSBw0JAA00ATAM2gcGCAUJaOAHAOoHAggA8AffzgGKCAIQAJUIAACAP5gIAQ..&s=a262c4897b50e832587338fc0c9efe01afa0974d
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:47 GMT
AN-X-Request-Uuid
1e483977-d93a-42b0-a00f-0b85ac0b2dc6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DDF 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 03:30:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9AA8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChcRPZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNACT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkX3z9Ac5jOxmuRLE-2uj7BNf5Rgb9TG9mgg9oWT4Jp1J3DEU6TTM4AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NjQ4NDMyNzY5NzQ2NzE3GJPCcA&sigh=hOdn7D3fWcU&uach_m=[UACH]&cid=CAQSPADUE5ymiONAQgJ4glp-6fjc7OS28bn_qhS-gKcDLwcWx6l85EP2PXlGheg4SKKIz9VYVViOqe5DdVVIYBgB&tpd=AGWhJmuq4ueNEjq9E5c4kyng8AD-o6o8v9PzkniddTvz1OvpH5OIQK0lhyP952eh6ZrgFQHFSNwDkVfYqv7pxcQIzZwJH3APCMOooTw8zgTrFq3qrsgr4MGFvc6q3eI91rIcKYUlU3ol8rAdB3S4kEqODA_pNLK9kf7TzEp6-rBOUtjQ2hnFIUjFj6lKcPiPN4Wv1I_39eLg5oW-bf-DJLonkzcsfpmz-QTxpiY2XAWg3ofQK0OlZ5aZcOoOLAPBpTPoqJ8bTANmkdLyhu5xADSOW3xa5L8QKQ1mu65YlL3lxWcN6n2G_A14dQjXaIGVgn-pbWZeuarsvqTFcwG6S8j4wtUcCYW_zEvwGHBuyhP0hd5vvZA4BlzITEkTffrJ96JCH9IUb3zgsaaB2o54qbnkpD43f8S7xt2Gt8w5v2g9Iyjl7hZ83Ksxe7iyLJ_IwYPvbi6NoF1nczXTb6My7tnb9u0Mgo99BudseaM8ozs5NTMbdiI5cQP_riYHJ2TmeAtogTXeS1bq0dsKCyiFinAD6Mt2aW8JrT06AWM0n0z-SfpJx9fJaHuJPnIjFhnePZrt3rsKEEw9Ht0IrM0OrDOonUXZNVDapUeTlryYcBK9F34n6MUDJYO-MFBH3GecVOiRHMHZQyXR9twLmGbU2KgMTDOc7u6LJt0nG8JD2BnlqQhSlVxoFVEK1G0W64ZOqp9RDGiWUAcDualzWdssPwBgIsNkR8D31_vsKBniAnXxjDnuYOwNdHk282wFtY6bHYMqbKIXyF3Z1-07f_qVSbH_3VzLikPPednP7_9PQZv003XN_oSCvaHql7UFll5c7tM-XaovcV1aPzZeXUAqXl4LcCPU3aBvMJ49PAyCdNYKSpi-sFeAMHmRO1yRJFMrM5b4S9y6QoORMQzq3cwygBt5eYs0Fv9s5dZM_dY9AbopBatNgWw9Ir9xblyTrlueWPuWNl81zwHJ4WcTXx-ilYKD8-BkkzSGh_tqU4wXB_ftcolRobPPwbi2j_uTirjOBhvePHa_QN44XCoULQdvj5D0eHRhMiCvA2UUnRSq9NR6I-ZPBdearvs6VQo6He72Qc6PV11TsXF94PMl1fwgLhLqbb7iyd6yJgs0XqPd8o5H9r74Re147bBG
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 9AA8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRBNU56Y3pZekV0TURjNU9DMDVNV0kzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTY2MjEyMDQyMDE4ODkwMi8xMTIwNDQxOS8xMjc4MDMzNi80LzBjcHZhMDRVdy1oMTlZV3VzZ2FRU1NUNlRmVVpVZzlhN2VXNFJlUzBFTXcvMS80LzAvMC8yMDM5MjE2LzAvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE2NjIxMjA0MjAxODg5MDIvYW1zLzAvNTA3NS81MS85OTkvMjU4LzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3NTQ4MTQ0Ny8xNjc1NDk0MDQ3LzQvcHViLTg2NDg0MzI3Njk3NDY3MTcv/Ylznr9bsFQ1D7AEMMIFL10hcoac&nodeid=4017&group=cdg&auctionid=621662120420188902&pbs_auctionid=621662120420188902&shardkey=621662120420188902&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.95&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%26client%3Dca-pub-8648432769746717%26adurl%3D
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
c4851667915f50e3a0f7bc46326f0c18ed0fe28b16efa2d1ea639612382dce7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
x-mm-nodeid
4017
Content-Encoding
gzip
x-mm-bid-request-time
1675481447
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Sat, 04 Feb 2023 03:30:47 GMT
Server
MMBD/3.379.0
x-mm-latency
1 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x103, cdg-bidder-x164
x-mm-lag
1
Expires
Sat, 04 Feb 2023 03:30:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9AA8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 21:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 21:44:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9AA8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 21:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 21:44:27 GMT
l
www.google.com/ads/measurement/ Frame 9AA8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbFLxPLcJW_KDX-5NQxGGE-GVhUZsQ1tl2d-WKyA9uhXQpESV6wtOv1P1UPZfVDyVy5QAZFWkpcA0fGiR9Vkd_ESJTmA
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9AA8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
230908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9AA8 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 03:30:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8BCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXXk7Z9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBM0CT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBamQIwhaksG0tvVvUngnh8H0nzhU4c0yyelh6BFV3V6c4T7qC8YK4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NjQ4NDMyNzY5NzQ2NzE3GJPCcA&sigh=nT-qfOImf9k&uach_m=[UACH]&cid=CAQSPADUE5ymiONAQgJ4glp-6fjc7OS28bn_qhS-gKcDLwcWx6l85EP2PXlGheg4SKKIz9VYVViOqe5DdVVIYBgB
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 8BCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k4SxEuv_CsoH-gGdg2ICAgAAAHxIBnlSaiZr95VhkEq73t8QZ9HdY0CUTfdq05XAgP4bABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
229660
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame E609 		107 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e4af02542d29d8863caeab7c3659d78094da6beb43502c751a10967f32cde3d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:47 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2LAR9Bn2x6M6BdMsisNeMSmsE2ZyxuBeSu3IFDpfOV9WX3uBcOOUXYDd1RWUhIkbxZilHHsgrHg9ljjv7cp1XwEr3GavMKG56i-QN3YC8ozskFct4x5-jzdQahY7BhMiRy660oF-Bb-F9NBkrlBcFVWcSABf4fmuS1lGLioiNAiwLPjppWbbhThMfr2YYFFoUH_Tgob1SCWkTJ9N-MqgG7t24THyybeaIjS2dOzAiSjPyiMpzXqG4hUbysqCnnGx9TZWww"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
16511173
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 8BCA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 21:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 21:44:27 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D0C5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
76604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Sat, 04 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 8BCA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 21:44:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Feb 2023 21:44:27 GMT
l
www.google.com/ads/measurement/ Frame 8BCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJpiS-oYLxHXWvE7VfoM3hupiqF8P3u8Njm_J41Y9zUcEmWvd3vi0Lz-E-ZUOQbS59IzvhWGh6lBhAvVBFsbKWiMgXpg
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8BCA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
230908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8BCA 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 03:30:47 GMT
truncated
/ Frame 8BCA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d92c300bf2f684cee85ae0b63a52a1ff474f48ba6604a6714c05a2f9475bfb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal900014.redintelligence.net/ Frame 86B7
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1774583621799648541%26mt_id%3D11204420%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=9322340737059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
0e8d517e53f7e3aa356319af1f5203ef8a8e2025e85b9a670d7ac1fd885c322c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97657700010992106783199012225014
Connection
close
Content-Length
329
Expires
Sat, 04 Feb 2023 03:30:48 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1774583621799648541%26mt_id%3D11204420%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=9322340737059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 04 Feb 2023 03:30:48 +0100
request.php
hal900028.redintelligence.net/ Frame 8DDF
Redirect Chain
  • https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8692112649440730370%26mt_id%3D11204419%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=3760188451182&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
4ed92c6b3faa8871c197dd0d475d0798a5472059e8977884dd7b3a589fece4c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
92289200009565906783183012225028
Connection
close
Content-Length
331
Expires
Sat, 04 Feb 2023 03:30:48 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8692112649440730370%26mt_id%3D11204419%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=3760188451182&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 04 Feb 2023 03:30:48 +0100
pixel
cm.g.doubleclick.net/ Frame D0C5
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELoxEknBr06ldv_nhFhFJEw&google_cver=1&google_push=Aa02lx8fQLF9ZQV_-b0OJ8fMubk7CUYkY-f_8rM9fIQFtcLjzG_IXSaETL_RxAP3i-hRmW1XLg1Yy89jp52...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8fQLF9ZQV_-b0OJ8fMubk7CUYkY-f_8rM9fIQFtcLjzG_IXSaETL_RxAP3i-hRmW1XLg1Yy89jp52MYS8XhSg4dTdGya1N&google_hm=rN0D4-w8REC4G2UOokUS5BM
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8fQLF9ZQV_-b0OJ8fMubk7CUYkY-f_8rM9fIQFtcLjzG_IXSaETL_RxAP3i-hRmW1XLg1Yy89jp52MYS8XhSg4dTdGya1N&google_hm=rN0D4-w8REC4G2UOokUS5BM
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8fQLF9ZQV_-b0OJ8fMubk7CUYkY-f_8rM9fIQFtcLjzG_IXSaETL_RxAP3i-hRmW1XLg1Yy89jp52MYS8XhSg4dTdGya1N&google_hm=rN0D4-w8REC4G2UOokUS5BM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0C5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELGPedV_vW0M-rgsK5atjLc&google_cver=1&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N_...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELGPedV_vW0M-rgsK5atjLc&google_cver=1&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N__azKP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N__azKP
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ShINNlj9Ioea422BUgu8V2UD6NNcAJiYTvBRJMqrvqNyr8Kiq4WdDrUmKOBq2xMvvMvUEDD94l7t8BSPO81489N__azKP
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame D0C5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBBB8l0SdGnTbwVFkGFhhtA&google_cver=1&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z4Q...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBBB8l0SdGnTbwVFkGFhhtA&google_cver=1&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z4Q_0rqyHX_7ayzxeCLlziK
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx_ymA3V4DryVROGVfUnCSmVayYuXqr12HsRRRJ5X43OppQajnDMfQCoiliRovtcxkyjuDj02z4Q_0rqyHX_7ayzxeCLlziK
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame D0C5 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEL8LKEMCoZS_A3x5j2AygSA&google_cver=1&google_push=Aa02lx-g9US8a9xQMhf7oALC3W5kk4bqpu4fn7ILmd4DAd0MygY7xuLCIcKNh6BK8Wh2XTOWpBn3RVdlXn-7mp9qA4kAF-S1HS2few
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sg9krqgha83uhii56msa8uqjo42cin6r
pixel
cm.g.doubleclick.net/ Frame D0C5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-b48fe99a-1688-4efe-92c8-a16589ec190f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_PiFUKi3vp92l7wOWzM...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA&google_hm=A7SP6ZoWiE7-ksihZYnsGQ8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA&google_hm=A7SP6ZoWiE7-ksihZYnsGQ8
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_PiFUKi3vp92l7wOWzMuhvKNbhokAZJhWy9qdeZRpexLv0ZkuaeV1Zpvtl2J7ZwUlZM5H7cjUVTyInFQmHEPamt9_6iT_qDA&google_hm=A7SP6ZoWiE7-ksihZYnsGQ8
date
Sat, 04 Feb 2023 03:30:48 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb48fe99a16884efe92c8a16589ec190f003
content-type
text/html
/
onetag-sys.com/match/ Frame D0C5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIZMPEdcxsQKqa3ZGpJHt3Y&google_cver=1&google_push=Aa02lx9rWO9QZb6IMhuRYk3gv9WqRBrD2bYnAxvcTlXI977ZSsLmPgeo4j9qycyupqsdGec_zmdtoCnbCE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9rWO9QZb6IMhuRYk3gv9WqRBrD2bYnAxvcTlXI977ZSsLmPgeo4j9qycyupqsdGec_zmdtoCnbCE5xIkZJIe3QkKdRBqphVw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0C5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOmS-r8hZPApNZlNGYHRGw0&google_cver=1&google_push=Aa02lx8dVpm1Flpau...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQ4NTE4MzU0MjY0MjIxMDY5Nw%3D%3D&google_gid=CAESEOmS-r8hZPApNZlNGYHRGw0&google_cver=1&google_push=Aa02lx8dVpm1FlpauQIqpKm8dK-SDXmIr1...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQ4NTE4MzU0MjY0MjIxMDY5Nw%3D%3D&google_gid=CAESEOmS-r8hZPApNZlNGYHRGw0&google_cver=1&google_push=Aa02lx8dVpm1FlpauQIqpKm8dK-SDXmIr1Un-xe7HfzCcSumXO-oWTH9CC9MwO6klEEneBxc8HGxikV7L8RrCqudix6sJWINpN2S3t8
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9b3e21a0-4d12-4df6-92e1-2721a808208e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQ4NTE4MzU0MjY0MjIxMDY5Nw%3D%3D&google_gid=CAESEOmS-r8hZPApNZlNGYHRGw0&google_cver=1&google_push=Aa02lx8dVpm1FlpauQIqpKm8dK-SDXmIr1Un-xe7HfzCcSumXO-oWTH9CC9MwO6klEEneBxc8HGxikV7L8RrCqudix6sJWINpN2S3t8
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D0C5 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lykv61008T0skrOYmPYqN1fHzx5XA0qzW2Csnxh_CQ1AcBYLIXIQ90cibvYYbRkBDVbQS0Hk4
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
y39eto6m2jel
hal9000.redintelligence.net/zone/ Frame 9AA8 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=621662120420188902&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj3_L-eO6K367OvlOHSGcAQ%26exch_seat%3D20035004448%26mt_aid%3D621662120420188902%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_cid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%2526client%253Dca-pub-8648432769746717%2526adurl%253D%26redirect%3D
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6af58ab3955ef342dcd3fd08af83a8c0dae3a82458d55eea542d7af0f931bc66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3544
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 9AA8 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=621662120420188902&node_id=4017&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRBNU56Y3pZekV0TURjNU9DMDVNV0kzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTY2MjEyMDQyMDE4ODkwMi8xMTIwNDQxOS8xMjc4MDMzNi80LzBjcHZhMDRVdy1oMTlZV3VzZ2FRU1NUNlRmVVpVZzlhN2VXNFJlUzBFTXcvMS80LzAvMC8yMDM5MjE2LzAvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE2NjIxMjA0MjAxODg5MDIvYW1zLzAvNTA3NS81MS85OTkvMjU4LzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3NTQ4MTQ0Ny8xNjc1NDk0MDQ3LzQvcHViLTg2NDg0MzI3Njk3NDY3MTcv/Ylznr9bsFQ1D7AEMMIFL10hcoac&nodeid=4017&group=cdg&auctionid=621662120420188902&pbs_auctionid=621662120420188902&shardkey=621662120420188902&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.95&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MMBD/3.379.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x105, cdg-bidder-x164
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 04 Feb 2023 03:30:47 GMT
img
pixel.mathtag.com/event/ Frame 9AA8 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=621662120420188902&v3=1262142&v4=12780336&v5=11204419&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRBNU56Y3pZekV0TURjNU9DMDVNV0kzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTY2MjEyMDQyMDE4ODkwMi8xMTIwNDQxOS8xMjc4MDMzNi80LzBjcHZhMDRVdy1oMTlZV3VzZ2FRU1NUNlRmVVpVZzlhN2VXNFJlUzBFTXcvMS80LzAvMC8yMDM5MjE2LzAvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE2NjIxMjA0MjAxODg5MDIvYW1zLzAvNTA3NS81MS85OTkvMjU4LzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3NTQ4MTQ0Ny8xNjc1NDk0MDQ3LzQvcHViLTg2NDg0MzI3Njk3NDY3MTcv/Ylznr9bsFQ1D7AEMMIFL10hcoac&nodeid=4017&group=cdg&auctionid=621662120420188902&pbs_auctionid=621662120420188902&shardkey=621662120420188902&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.95&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 441 9053ffc master zrh-pixel-x31 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MT3 441 9053ffc master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 04 Feb 2023 03:30:47 GMT
img
tags.mathtag.com/event/ Frame 9AA8 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=621662120420188902&st=12780336&time=1675481448&nodeid=4017
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkRBNU56Y3pZekV0TURjNU9DMDVNV0kzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMTY2MjEyMDQyMDE4ODkwMi8xMTIwNDQxOS8xMjc4MDMzNi80LzBjcHZhMDRVdy1oMTlZV3VzZ2FRU1NUNlRmVVpVZzlhN2VXNFJlUzBFTXcvMS80LzAvMC8yMDM5MjE2LzAvMjE1NTQzLzEyNjIxNDIvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjE2NjIxMjA0MjAxODg5MDIvYW1zLzAvNTA3NS81MS85OTkvMjU4LzIwMDE6MWI2MDoyOjovMC4wMDAvMTY3NTQ4MTQ0Ny8xNjc1NDk0MDQ3LzQvcHViLTg2NDg0MzI3Njk3NDY3MTcv/Ylznr9bsFQ1D7AEMMIFL10hcoac&nodeid=4017&group=cdg&auctionid=621662120420188902&pbs_auctionid=621662120420188902&shardkey=621662120420188902&sid=12780336&cid=11204419&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.95&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.379.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
MMBD/3.379.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x26, cdg-bidder-x164
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 04 Feb 2023 03:30:47 GMT
request.php
hal900018.redintelligence.net/ Frame 9AA8 		611 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=9138551ce9&subid=&uid=013fda3befe70d36&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj3_L-eO6K367OvlOHSGcAQ%26exch_seat%3D20035004448%26mt_aid%3D621662120420188902%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_cid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%2526client%253Dca-pub-8648432769746717%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fe2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9230484642492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/y39eto6m2jel?subid=&gdpr=1&gdpr_consent=li&rnd=621662120420188902&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj3_L-eO6K367OvlOHSGcAQ%26exch_seat%3D20035004448%26mt_aid%3D621662120420188902%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_cid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%2526client%253Dca-pub-8648432769746717%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
fff051167b13153eed0be06ef97908bf9f48cfc7ef9b21e52899353ec3be3b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
11566000010630506783183012225018
Connection
close
Content-Length
330
Expires
Sat, 04 Feb 2023 03:30:48 +0100
privacy_small.svg
static.criteo.net/flash/icon/ Frame E609 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 03:30:48 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame E609 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 03:30:48 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E609 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 30 Jan 2024 03:30:48 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E609 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 30 Jan 2024 03:30:48 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame E609 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=eVggVZQ-mc9jo5mN-LQpJfyHxNZw8584-FU6JKEKkiAuWQUi4gBM4DzQ0uc5llewMi-ZkEYQZu_QwNZhSQmZEM-pcL4TwiZ20_SjftVAjtTJLeAaBRDmqW8uz_V1fwebxG3Fp-GgAobk9Dk8NB_RfaY6GFeME3rzw-3p2sMeGey49lTw_foLYP7Rf0ZzdE9STThPW7LZxlF-bDAAp8YVKnj8GVct8lvb-S4fRBbhRk1kUzGdfRl0S5vNdgK66YQUkmSotaghXxzMiVAf5V4ekvnyOgmLoF8SHcs8KiLh5M5pdglLlpu90kXduOTt3MyoqkUpY6GYLKCt5Wd6R6DzsbLkHnGjcDfBmfBnJeKZSAiSBLS48jCKl0HDVoHjRAJlGmD5OA992F8lI3R3iUVEC7fjw1doMz9UDrzp4ZGgltndOF5KkX42AV1gpM_rPP2Y2IR2Qw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3415151
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame E609 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 03:30:48 GMT
img
pix.eu.criteo.net/img/ Frame E609 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=93397&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F93397%2F230201%2F7c4db63bcfc0473999861e8d8d56e43c_taschen_logo.png&v=3&w=388&s=rEiaXThAYEFx3zUtWANYFOWM
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f4a6a0179bc6c2ee0e86c04890484455cb1d63c3652a6a242d6e784f4ca5fa9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30952086
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10699
expires
Sun, 28 Jan 2024 09:18:54 GMT
all
csm.eu.criteo.net/ Frame E609 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=2LAR9Bn2x6M6BdMsisNeMSmsE2ZyxuBeSu3IFDpfOV9WX3uBcOOUXYDd1RWUhIkbxZilHHsgrHg9ljjv7cp1XwEr3GavMKG56i-QN3YC8ozskFct4x5-jzdQahY7BhMiRy660oF-Bb-F9NBkrlBcFVWcSABf4fmuS1lGLioiNAiwLPjppWbbhThMfr2YYFFoUH_Tgob1SCWkTJ9N-MqgG7t24THyybeaIjS2dOzAiSjPyiMpzXqG4hUbysqCnnGx9TZWww&sds=2&rev=84569&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 04 Feb 2023 03:30:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E609 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 03:30:48 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E609 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y93RZwAHF2QKd_vtAAeoUWVQXjLsE0uW6TkKhA&u=%7C6YgMORo9nvIBpKNNk9Jzx2V%2F8BmHiaTPLs%2BQj9Xp%2FsU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku4wmHJd_D2NjsSU-h2e9oIH8hrfTV2StfEJLkKQKwpc82zPquW6PzrEsgmdca4h86H3JcH6N6ev-MMqcRiM0ldfBIwFfLPGXeXoTjht-hJjyxVUCccjBHRIii2w8cJH0g6GmWPzGXlsHCxz0waIeuVIHdctlVEC0Bt69Lc2UwVe1yo3MpIEZ0N5ismR_ipUzfREoEgSF3d0Eq_DEPuCuI9PixD1QGAMeEfysBIptrWlAYWK3vERnak74_hS5j06d_D_ISJkJms-bStQVRUDzbRktdrRxrMTPj4ROK4Qk1OxsIOgI_P2WPwv8qbZNFxunHULTLIJ3B-25q5YhHWjaW-UjVoSd7jHyQcw9RORFerRDWRCzok2Vu6_9PTWX7HaQP7UNsLtmXWahbfwV3SiqdgULq_0xY8lXPvjlRCTvo-gMX5KZf5cJqIymWaITO7JgFGOMDZpUbKnTFXgHQniAqdTJJ9RvK7FpP1cWVGL_BuVhJxKciAUvYG89HfXqcvxgdsWaEawezFkCmR-5oQPNVgzP8VLTW8qejwMTY2yscGsL5aV1KOMWSAJWbMgPBJvNItA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZv-QZ9HdY-SuHO333wPR0J7YBcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItODY0ODQzMjc2OTc0NjcxN8gBCakC3nDN8XAcsj7gAgCoAwGqBNACT9As_MbU5EdleDqXMAnXIlHJgzJA4Kwb5oJpvOs_7Vt3y682YoRuzGT4oByyeai99kvTooLvk0a3OKDrfnCvZtb7Q9Zoe_OOaG-uHutIrN-q7PnnMEqmLOUBZOL5-uuyx817zxp--SGDHxokcVin6wVkr01s8P7j7h9EKRQqNKKjh4PWPcnayAaTimyrlogKTgnyOqdkzLiR5eQYLbJ-Fs-KnfzyKyy_bd6wffrVOc626GTnDFRx2o_l9DxDL9LS7CAVgHp8gJ7zHS8dtSnxl8vaiBmQTh7Ym89h1k_goVpezeHPuQnN0rfzO0cqb8ey_WFuRhh-qRITT0UyVohqyH6OoDBBojUCOhcvDPT2ztftGx2pBIZ4cfSTknD1D3VEpPx4BjmEBeuSAprdHV2nCWl78agaITn9izLi6-MqS12p1benYkCw-btAj9W16oSh4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ucKH9Q-nauPQYW6Av-ZwsYa0xdA%26client%3Dca-pub-8648432769746717%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 30 Jan 2024 03:30:48 GMT
request_content.php
hal900028.redintelligence.net/ Frame 5F2E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=0eaf3d4425&subid=&uid=46b9c6f6fd97ddd0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8692112649440730370%26mt_id%3D11204419%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=3760188451182&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
9897adf24173c5ff8ae62f68d98df142fce17ad3fdbdd09198c71ee0c3e62c52

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1505
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Feb 2023 03:30:48 GMT
Expires
Sat, 04 Feb 2023 03:30:48 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 8DDF 		0
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&e=wqT_3QLkEuhkCQAAAwDWAAUBCOai954GEIOflbvZy73oRBgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAA4HoUAkAhcA0SACkRJNAxAAAAYGZm1j8wtriJCzjvUUAdSAhQqKCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG9G4CmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCtPYB4AKSp0_qAmBodHRwczovL2xpYnJhcnkuYXZzaW0ubmV0L3NlYXJjaC5waHA_Q2F0SUQ9cm9vdCZTZWFyY2hUZXJtPWVtYi0xNDUrJlNvcnQ9U2l6ZSZTY2FuTW9kZT0wJlBhZ2U9MTXyAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM3NTM5MTkxMTQ0ODMzODgzMzgx8gLPAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SsAFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD04NDczNDEyNTA1ODc4NjY0OTM3Jm10X2FpZD03NTM5MTkxMTQ0ODMzODgzMzgxJm10X2lkPTExMjA0NDE5Jm10X2FkaWQ9MjE1NTQzJm10X3NpZD0xMjc4MDMzNiZtdF9leGlkPTEzJm10X2luYXBwPTAmbXRfb3M9JnJlZGlyZWN0PfICFwoTW0JJRF9BVFRSLmdkcHJfc3RyXRIA8gIZChRbQklEX0FUVFIuZ2Rwcl9mbGFnXRIBMPICHgoUW0FEX0FUVFIuYWR2ZXJ0aXNlcl0SBjIxNTU0M_ICHgoSW0FEX0FUVFIuY3JlYXRpdmVdEggxMTIwNDQxOfICKAoRW0JJRF9BVFRSLmJpZF9pZF0SEzc1MzkxOTExNDQ4MzM4ODMzODHyAtQKChJbTk9USUZJQ0FUSU9OX1VSSV0SvQo8aW1nIHNyYz1RQBB0YWdzLi52ARhub3RpZnkvMXckPWFwbiZzX2V4YwkL0GlkPTVhVzk1cTJqTHpJekx5QXZUbnBaTkU1SFVtaFplazEwVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPC8THpjMU16a3hPVEV4TkRRNE16TTRPRE16T0RFdk1URXlNRFEwTVRrdk1USTNPREF6TXpZdk1UTXZNR053ZG1Fd05GVjNMV2d4T1ZsWGRYTm5ZVkZUWW1SUVdqaEdhbkJNTkdWeGREZFVYMDl6VWt3eU9DOHhMekV6THpBdk1DOHlNRE01TWpFMkx6TTJORGd4T0RJNE1ETXZNakUxTlRRekx6RXlOakl4TkRJdk1TOHdMekF2VFVSQmQwMUVRCcQAMA3UAESm9AAFfAR3TAkIMDNOVE01TVRreE1UUTAJ_Cxnek16Z3hMMkZ0Y3kBKJBVeE16UXZOVEV2T1RrNUx6STFPQzh5TVRjdU1URTBMakl4T0M0AVDwbXVNREF3THpFMk56VTBPREUwTkRZdk1UWTNOVFE1TkRBME5pOHhNeTh4TURRM09TOC92Q3BsN3hwVEV2T0ZTZ2xqbWZqQzg3YWhkRlUmbm9kZWlkPTMyNjQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD03RvQDHCZwYnNfYXVjaiIAHHNoYXJka2V5UrUDAHMulAMAYwENDDEyMDRhwPSbAWJwPWFfYmpiYmdnJm1pbl9iaWRfd2luPSR7QVVDVElPTl9NSU5fVE9fV0lOfSZuZnlfYWN0PUxENXdldyZiZmlwPTE4NS4yOS4xMzUuOTUmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nIHN0eWxlPSdsZWZ0Oi0xMHB4O3RvcDotMTBweDsgcG9zaXRpb246YWJzb2x1dGUnIHNyYz0naHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9ldmVudC9pbWc_bXRfaWQ9MTM2ODg3NSZtdF9hZGlkPTIxNjc2NCZ2MT0xMyZ2Mj03NTM5MTkxMTQ0ODMzODgzMzgxJnYzPTEyNjIxNDImdjQ9MTI3ODAzMzYmdjU9MTEyMDQ0MTkmbXRfbnN5bmM9MSZub19hdHRyPTEnIHdpZHRoPScxJyBoZWlnaHQlGgAvVusACDlweAnqAQkIIHBvdukAQpIEGeglsShtbUltcFRyYWNrJpWWAGJaiwJoc3Q9MTI3ODAzMzYmdGltZT1bSU1QX0FUVFIuAQ8EXSZd4AgnIHdO4wEJ1PCkL2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOtijjgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEqKCdwgGIBQGYBQCgBemtgIL7-ObLdcAFAMkFAAAAAAAA8D_SBQkJAAAABQ9w2AUB4AUB8AWjgAP6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBvmrAdoGFgoQCRIZAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjYyMTQyyAfCiAbSBw0JAA0zATAI2gcGAWhwGADgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAE.&s=059462d7f5d7e53167adcb78bf56d10a10ca823e&bdref=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&bdtop=true&bdifs=1&bstk=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15,https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
AN-X-Request-Uuid
b05d6db2-9505-4b89-9b70-998c3177b4f8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
request_content.php
hal900014.redintelligence.net/ Frame ACD5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=97657700010992106783199012225014&a=2c20d6bc
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=h67p15kot2n3&nw=20&renderingType=javascript&namespace=01f5185951&subid=&uid=abd9d5631af7621c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1774583621799648541%26mt_id%3D11204420%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&ancestorOrigins=https%3A%2F%2Flibrary.avsim.net&random=9322340737059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
5f360a25b55e2f5bbbb1894a7bcec2795b66f0aad6d6063894c2591b824d86de

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1503
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Feb 2023 03:30:48 GMT
Expires
Sat, 04 Feb 2023 03:30:48 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 86B7 		0
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&e=wqT_3QLkEuhkCQAAAwDWAAUBCOai954GEIOflbvZy73oRBgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAA4HoUAkAhcA0SACkRJNAxAAAAYGZm1j8wtriJCzjvUUAdSAhQqKCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG9G4CmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCtPYB4AKSp0_qAmBodHRwczovL2xpYnJhcnkuYXZzaW0ubmV0L3NlYXJjaC5waHA_Q2F0SUQ9cm9vdCZTZWFyY2hUZXJtPWVtYi0xNDUrJlNvcnQ9U2l6ZSZTY2FuTW9kZT0wJlBhZ2U9MTXyAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM3NTM5MTkxMTQ0ODMzODgzMzgx8gLPAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SsAFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD04NDczNDEyNTA1ODc4NjY0OTM3Jm10X2FpZD03NTM5MTkxMTQ0ODMzODgzMzgxJm10X2lkPTExMjA0NDE5Jm10X2FkaWQ9MjE1NTQzJm10X3NpZD0xMjc4MDMzNiZtdF9leGlkPTEzJm10X2luYXBwPTAmbXRfb3M9JnJlZGlyZWN0PfICFwoTW0JJRF9BVFRSLmdkcHJfc3RyXRIA8gIZChRbQklEX0FUVFIuZ2Rwcl9mbGFnXRIBMPICHgoUW0FEX0FUVFIuYWR2ZXJ0aXNlcl0SBjIxNTU0M_ICHgoSW0FEX0FUVFIuY3JlYXRpdmVdEggxMTIwNDQxOfICKAoRW0JJRF9BVFRSLmJpZF9pZF0SEzc1MzkxOTExNDQ4MzM4ODMzODHyAtQKChJbTk9USUZJQ0FUSU9OX1VSSV0SvQo8aW1nIHNyYz1RQBB0YWdzLi52ARhub3RpZnkvMXckPWFwbiZzX2V4YwkL0GlkPTVhVzk1cTJqTHpJekx5QXZUbnBaTkU1SFVtaFplazEwVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPC8THpjMU16a3hPVEV4TkRRNE16TTRPRE16T0RFdk1URXlNRFEwTVRrdk1USTNPREF6TXpZdk1UTXZNR053ZG1Fd05GVjNMV2d4T1ZsWGRYTm5ZVkZUWW1SUVdqaEdhbkJNTkdWeGREZFVYMDl6VWt3eU9DOHhMekV6THpBdk1DOHlNRE01TWpFMkx6TTJORGd4T0RJNE1ETXZNakUxTlRRekx6RXlOakl4TkRJdk1TOHdMekF2VFVSQmQwMUVRCcQAMA3UAESm9AAFfAR3TAkIMDNOVE01TVRreE1UUTAJ_Cxnek16Z3hMMkZ0Y3kBKJBVeE16UXZOVEV2T1RrNUx6STFPQzh5TVRjdU1URTBMakl4T0M0AVDwbXVNREF3THpFMk56VTBPREUwTkRZdk1UWTNOVFE1TkRBME5pOHhNeTh4TURRM09TOC92Q3BsN3hwVEV2T0ZTZ2xqbWZqQzg3YWhkRlUmbm9kZWlkPTMyNjQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD03RvQDHCZwYnNfYXVjaiIAHHNoYXJka2V5UrUDAHMulAMAYwENDDEyMDRhwPSbAWJwPWFfYmpiYmdnJm1pbl9iaWRfd2luPSR7QVVDVElPTl9NSU5fVE9fV0lOfSZuZnlfYWN0PUxENXdldyZiZmlwPTE4NS4yOS4xMzUuOTUmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nIHN0eWxlPSdsZWZ0Oi0xMHB4O3RvcDotMTBweDsgcG9zaXRpb246YWJzb2x1dGUnIHNyYz0naHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9ldmVudC9pbWc_bXRfaWQ9MTM2ODg3NSZtdF9hZGlkPTIxNjc2NCZ2MT0xMyZ2Mj03NTM5MTkxMTQ0ODMzODgzMzgxJnYzPTEyNjIxNDImdjQ9MTI3ODAzMzYmdjU9MTEyMDQ0MTkmbXRfbnN5bmM9MSZub19hdHRyPTEnIHdpZHRoPScxJyBoZWlnaHQlGgAvVusACDlweAnqAQkIIHBvdukAQpIEGeglsShtbUltcFRyYWNrJpWWAGJaiwJoc3Q9MTI3ODAzMzYmdGltZT1bSU1QX0FUVFIuAQ8EXSZd4AgnIHdO4wEJ1PCkL2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOtijjgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEqKCdwgGIBQGYBQCgBemtgIL7-ObLdcAFAMkFAAAAAAAA8D_SBQkJAAAABQ9w2AUB4AUB8AWjgAP6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBvmrAdoGFgoQCRIZAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjYyMTQyyAfCiAbSBw0JAA0zATAI2gcGAWhwGADgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAE.&s=059462d7f5d7e53167adcb78bf56d10a10ca823e&bdref=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&bdtop=true&bdifs=1&bstk=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15,https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
AN-X-Request-Uuid
1398f38d-bcda-49a2-8612-8f7e2e365494
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8DDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusjnvKuVAEn700ZzEanzdVkOxoDcMY72jhumjKep9By9qWRS-zBpJB7dk_q6CbEy1qhPumdWYGS0gegU17GvVumIL1Bfu6xPLuCjtkN2HjEvt4ActjmDbOnpYjDcqc98OCo7vDB8_1TGFIbIIc1w_TucZ4BgxnNs8lvf4oeBKg5Wd_RLG-NxoHU3g39ibmuy2lTcRcKlK-NMe8C05-5O9xtCPpcXkHqk8W11Ag5rIFZS7wtWFLS25JjbgVkTKYN8E1Wjmugis6bwa5lrqK4zB_TCqO804Iwu1ma7yZ21r6Qyg2p0TI8FRT9qyCjsOVDosaNeDLUyhMrm80dNBufMtDsQiO-U7IdS4SdY_DYw&sai=AMfl-YSZyVhiiwkKm3EFAolapIydw6PoNTD3n9Lom5kpo8ChP4FsObMp77Q0lQsTEA1zitekU-2AejsIkdQW06rAbTsdc9HQh506ubUvDh1U1R3GqpLeGNArREh30gzgCro&sig=Cg0ArKJSzGURPeU7mEYWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Feb 2023 03:30:48 GMT
truncated
/ Frame 8DDF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60842ce68e8aec8a9061c33dcd277ac48305e1e40111f4173e116a7881391fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 8DDF 		0
958 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&e=wqT_3QKwC-iwBQAAAwDWAAUBCOai954GEPa8laWlkcP4QRgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAA4HoUAkAhcA0SACkRJNAxAAAAYGZm1j8wtriJCzjvUUAdSAhQqKCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG8KSYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK09gHgApKnT-oCYGh0dHBzOi8vbGlicmFyeS5hdnNpbS5uZXQvc2VhcmNoLnBocD9DYXRJRD1yb290JlNlYXJjaFRlcm09ZW1iLTE0NSsmU29ydD1TaXplJlNjYW5Nb2RlPTAmUGFnZT0xNYADAIgDAZADAJgDF6ADAaoD3wYKlQYBdqg6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19lEQvQaWQ9NWFXOTVxMmpMekl6THlBdlRucFpORTVIVW1oWmVrMTBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkg8LxMemcyT1RJeE1USTJORGswTkRBM016QXpOekF2TVRFeU1EUTBNVGt2TVRJM09EQXpNell2TVRNdk1HTndkbUV3TkZWM0xXZ3hPVmxYZFhObllWRlRWR0pLY2xjdE5FMW5UM2RuWVd4eU5uTlFSbTB6YXk4eEx6RXpMekF2TUM4eU1ETTVNakUyTHpNMk5EZ3hPREk0TURNdk1qRTFOVFF6THpFeU5qSXhOREl2TVM4d0x6QXZUVVJCZDAxRVEJxAAwDdQARKb0AAV8BHdMCQgQNE5qa3kB7FROalE1TkRRd056TXdNemN3TDJGdGN5ASiQVXhNelF2TlRFdk9UazVMekkxT0M4eU1UY3VNVEUwTGpJeE9DNAFQaHVNREF3THpFMk56VTBPREUwTkRZdk1UWTNOVAFc8GVBME5pOHhNeTh4TURRM09TOC9kWTdzRVhpN0V6d1dQMWM0b3Bablp3U2Y5T00mbm9kZWlkPTMyNjQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD04NjkyMTEyNjQ5NDQwNzMwMzcwJnBic192IgAcc2hhcmRrZXlWPwDwgXJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2JqYmJnZyZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMyLjQwJnNpZD0xMjc4MDMzNiZjaWQ9MTEyMDQ0MTkmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITODY5MjE20QBYGhM0NzUxNTkyODcwMTE3NzI3ODYyIgkB8DgyNjc2MCoGMTAxOTM2OggRZPCwwAOsAsgDANgDrYo44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKigncIBiAUBmAUAoAWEnP_krufWohfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWjgAP6BQQIABAAkAYAmAYAuAYAwQYABSUs8D_QBvmrAdoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjYyMTQyyAfCiAbSBw0JAA00ATAM2gcGCAUJaOAHAOoHAggA8AffzgGKCAIQAJUIAACAP5gIAQ..&s=a262c4897b50e832587338fc0c9efe01afa0974d&type=nv&nvt=5&jm=1003&px=436&py=11&bw=728&bh=90&sid=7291533251107804250&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23223350&sw=1600&sh=1200&pw=1600&ph=5577&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
AN-X-Request-Uuid
bceec687-5cb7-4eef-b935-7569026d5510
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://library.avsim.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 86B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstatL2Z9mgwHIAxJYrcqW1oKzOwe041ZnuXaVO1Jzl0J0ld2Hv4p3LSfQoJH5WBQpv5WP0ZLoZHCRXZHIVSNOP2PAcRd_Oq3W0mCANiQKi4Ngxze1jMqvTtR9GohTdc4v-rTKe6JmTIr8EYLU550bqM0miKninx-8uUJJ7TmdNLxvCBuzWTDQFrHXTWWMfTqG62bBZOg0dPkrCog7NPDWrNG_QshzgA8KfAmBilyrBLUSdwxh0kGTs2NTq4AgsNPxNtJB-y7zw_YN206xR6hdzx2fbDN3aj0u-fkU3aGb08-ZcmCYa6a6US1hm27nB9-ve_iW898DqPxTCNTjXkNUkbus-a0C2ohUQr_TA&sai=AMfl-YQ2-1YyJLuX5Q8hDLGX-OgTKG2iCDAVPlTsUnqoT2uHwh7HOBU2e4nl8whAVFeKXxoCG0N04Yw7_nJ4q16Di3deey8KhcNDcey3tAevGu_kQKxix2PnDL1VFQpeMwU&sig=Cg0ArKJSzBccUeXWFYXgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Feb 2023 03:30:48 GMT
truncated
/ Frame 86B7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0df3ed2755d53b2cd9ee9b7cacfcb19cda922846ede1b192b31c3c1b328a6264

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 86B7 		0
958 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&e=wqT_3QKxC-ixBQAAAwDWAAUBCOai954GELm96sf-xumCPhgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAAwB6F9z8hcA0SACkRJNAxAAAAoEfhyj8woriJCzjvUUAdSAhQ0qCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG8KSYAcoHoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK09gHgApKnT-oCYGh0dHBzOi8vbGlicmFyeS5hdnNpbS5uZXQvc2VhcmNoLnBocD9DYXRJRD1yb290JlNlYXJjaFRlcm09ZW1iLTE0NSsmU29ydD1TaXplJlNjYW5Nb2RlPTAmUGFnZT0xNYADAIgDAZADAJgDF6ADAaoD4AYKlgYBdqg6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19lEQvQaWQ9NWFXOTVxMmpMekl6THlBdlRucFpORTVIVW1oWmVrMTBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkg8LxMekUzTnpRMU9ETTJNakUzT1RrMk5EZzFOREV2TVRFeU1EUTBNakF2TVRJM09EQXpNell2TVRNdk1HTndkbUV3TkZWM0xXZ3hPVmxYZFhObllWRlRZVEI0WlV3dGNHNUtRM0JyUjNkeVlYazJaMjVwTUM4eEx6RXpMekF2TUM4eU1ETTVNakUyTHpNMk5EZ3hPREk0TURNdk1qRTFOVFF6THpFeU5qSXhOREl2TVM4d0x6QXZUVVJCZDAxRVEJxAAwDdQARKb0AAV8BHdMCQgkeE56YzBOVGd6TgFoQHprNU5qUTROVFF4TDJGdGN5ASiQVXhNelF2TlRFdk9UazVMekkxT0M4eU1UY3VNVEUwTGpJeE9DNAFQ8It1TURBd0x6RTJOelUwT0RFME5EWXZNVFkzTlRRNU5EQTBOaTh4TXk4eE1EUTNPUzgvcjluRTZXbTk5VG1tc01CM3ZkUnFSRTBwaWlzJm5vZGVpZD0zMjY0Jmdyb3VwPWNkZyZhdWN0aW9uaWQ9MTc3NDU4MzYyMTc5OTY0ODU0MSZwYnNfYXVjdGlvbloiACRzaGFyZGtleT0xTj8A8EZyaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iamJiZ2cmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4xNjgmcwF8IDI3ODAzMzYmYwENmDEyMDQ0MjAmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMUaTAKgaEzQ0NjkxNjA5NjQyOTcyMzYxNTMiCTQwNzMyNjgwMioGMTAxOTM2OggxDWTwsMADrALIAwDYA62KOOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4xOagEALIEDwgAEAEYygcgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATSoJ3CAYgFAZgFAKAFsZPQ_feus6EZwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFo4AD-gUECAAQAJAGAJgGALgGAMEGAAUlLPA_0Ab5qwHaBhYKEAURHQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTI2MjE0MsgHwogG0gcNCQANNAEwDNoHBggFCWjgBwDqBwIIAPAH384BiggCEACVCAAAgD-YCAE.&s=85dad94d117952722e357b7636ee7d163148534d&type=nv&nvt=5&jm=1003&px=315&py=1364&bw=970&bh=90&sid=7291533251107804250&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23223330&sw=1600&sh=1200&pw=1600&ph=5577&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:48 GMT
AN-X-Request-Uuid
c564822e-74f7-4156-afbf-3a6995361c74
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://library.avsim.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame 5F2E 		727 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=61227778;click=https://hal900028.redintelligence.net/c/pbpghoq1vxr4wej?tprd=
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
119037257babfd748692510719dd9c010db63f4c9e64297c4d3884876b775475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
526
expires
-1
/
track.adform.net/adfscript/ Frame ACD5 		727 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=61227804;click=https://hal900014.redintelligence.net/c/pjnbr7fb7dckvf5?tprd=
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=97657700010992106783199012225014&a=2c20d6bc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17748da4a15737e70d1792c88a71ead47adf17ae8ae28694b310a93afd18d1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
526
expires
-1
viewability
hal900028.redintelligence.net/ Frame 5F2E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=92289200009565906783183012225028&a=4478a636&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
request_content.php
hal900018.redintelligence.net/ Frame E3B1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=y39eto6m2jel&nw=20&renderingType=javascript&namespace=9138551ce9&subid=&uid=013fda3befe70d36&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dj3_L-eO6K367OvlOHSGcAQ%26exch_seat%3D20035004448%26mt_aid%3D621662120420188902%26mt_id%3D11204419%26mt_adid%3D215543%26mt_sid%3D12780336%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_cid%3D4bcb63dd-d168-4f01-bd52-76293eb8a556%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DChj5dZ9HdY-KuHO333wPR0J7YBc-HjptcwIbZgsYCwI23ARABIABglfrwgYwHggEXY2EtcHViLTg2NDg0MzI3Njk3NDY3MTfIAQngAgCoAwGqBNMCT9DMvfqDC0c-F5aZMEzBQV6AqQTTtAWDM8v1PWftUVo_L7lx6Bo4pTFG04Ic-QnYuJCCIKSPmwbAp9nQkvE20OGSbjTiof02b2RaFezuLC9iOAtJaBI1Zeq_rP3yxk1zplpqgqCf1GeM3Kmsqnhdz1KQIinxfhMaStOYWF0p2kcW3flJ1Io9UNr2JklSQO1vFNADmFmNC8HxKc2GBwEzyiDR-sgniI5vEbkpHUmkH_4JW8x8MzxfRnE8J5DHyjf2u0wkQhEi1YUF-F8BimWgZjFYmbd4N_-qBqvB0NBAUMAAom1uiM6N87J0obg0KNWmgYTu5_2v6SRuqLD9M2GBfirzXBUzwIM-ll2reV7gHIJk4NWtl9rRpIwSGLa27aGmMv4N7zqIzjNDkT_x1ZWVMEhhNLaMULPjQ-NC8RKn_x-le7X94csCh4NlxJ-NVTNBC4l74AQBgAbLv5um5ZPn2K8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tOTA3MzE4NTg5OTU1MzM3OPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2zX3-Z6UNzkA_L2SjO3D5u8QH3TA%2526client%253Dca-pub-8648432769746717%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fe2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9230484642492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5b1e486565c6b3338c47dc529d68cb1606374282f31030910b24a0fd8ee48022

Request headers

Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1503
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Feb 2023 03:30:48 GMT
Expires
Sat, 04 Feb 2023 03:30:48 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
viewability
hal900014.redintelligence.net/ Frame ACD5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=97657700010992106783199012225014&a=caafae9e&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=97657700010992106783199012225014&a=2c20d6bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=97657700010992106783199012225014&a=2c20d6bc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 644E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
76605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 06:14:03 GMT
etag
48472445140208031
expires
Sat, 04 Feb 2023 06:14:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9AA8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e389aa78fa1a93bd6d515e308c7397a2d8493b2fb7c0d6e2424c0a096590002

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 644E
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPwOwnmj5FuZawl6sGuDNhU&google_cver=1&google_push=Aa02lx_c39y-Qrej81zEAX8xenoddKbB0SsioFgQglUZWQ7qph96KBJRrbQrC-WcgmdFLGpK8LTyz16pDwAtMjhUZQcJMbnMi2d_
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2764D2291CD248A3BFAF41A6842FDBB9&google_push=Aa02lx_c39y-Qrej81zEAX8xenoddKbB0SsioFgQglUZWQ7qph96KBJRrbQrC-WcgmdFLGpK8LTyz16pDwAtMjh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2764D2291CD248A3BFAF41A6842FDBB9&google_push=Aa02lx_c39y-Qrej81zEAX8xenoddKbB0SsioFgQglUZWQ7qph96KBJRrbQrC-WcgmdFLGpK8LTyz16pDwAtMjhUZQcJMbnMi2d_
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2764D2291CD248A3BFAF41A6842FDBB9&google_push=Aa02lx_c39y-Qrej81zEAX8xenoddKbB0SsioFgQglUZWQ7qph96KBJRrbQrC-WcgmdFLGpK8LTyz16pDwAtMjhUZQcJMbnMi2d_
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 03 Feb 2023 03:30:48 GMT
google
match.adsrvr.org/track/cmf/ Frame 644E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDHIOgzyqhLi9eT0lJ-fvAU&google_cver=1&google_push=Aa02lx9nqN8oAoD9xbDptQU3Wo3QMiXSLumwr7zjAPSIDyZCxplyoLYzkWQEZcj7cbN1QIX8m_vUuZDAyKjXIxM5uLVXSHMh8oOI
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 644E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKrg4UVIRaaJETYuyRM-O5g&google_cver=1&google_push=Aa02lx-hLaBoCqHqkKPXe-t3ZbtItw9D3Ep_I_ZupCpests50BrF2WJxJFK2DPuTejXuMJsZYZqZmB1Rwxhanm...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjEzODAyNDIyNTYwMTY4Ng%3D%3D&google_push=Aa02lx-hLaBoCqHqkKPXe-t3ZbtItw9D3Ep_I_ZupCpests50BrF2WJxJFK2DPuTejXuMJsZYZqZmB1RwxhanmicpO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjEzODAyNDIyNTYwMTY4Ng%3D%3D&google_push=Aa02lx-hLaBoCqHqkKPXe-t3ZbtItw9D3Ep_I_ZupCpests50BrF2WJxJFK2DPuTejXuMJsZYZqZmB1RwxhanmicpOF9lIImGEo
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NjEzODAyNDIyNTYwMTY4Ng%3D%3D&google_push=Aa02lx-hLaBoCqHqkKPXe-t3ZbtItw9D3Ep_I_ZupCpests50BrF2WJxJFK2DPuTejXuMJsZYZqZmB1RwxhanmicpOF9lIImGEo
Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 644E
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELGPedV_vW0M-rgsK5atjLc&google_cver=1&google_push=Aa02lx_5MgSa5_tLRTGbQq7zNQmjE_lOTy09mV4BebQafFl9YThMOfivgRqyCozYNfCjlbGelgOEPVDcqC8RvRJMH0ZREWJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_5MgSa5_tLRTGbQq7zNQmjE_lOTy09mV4BebQafFl9YThMOfivgRqyCozYNfCjlbGelgOEPVDcqC8RvRJMH0ZREWJiuKYa
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_5MgSa5_tLRTGbQq7zNQmjE_lOTy09mV4BebQafFl9YThMOfivgRqyCozYNfCjlbGelgOEPVDcqC8RvRJMH0ZREWJiuKYa
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_5MgSa5_tLRTGbQq7zNQmjE_lOTy09mV4BebQafFl9YThMOfivgRqyCozYNfCjlbGelgOEPVDcqC8RvRJMH0ZREWJiuKYa
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 644E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBBB8l0SdGnTbwVFkGFhhtA&google_cver=1&google_push=Aa02lx8PCmCD1UiAJf6t489F2d-QoMd4AzLIfLm-kiC2FX6GDHmoO6UN5oWF7ZOzGZn2KgRWdC2P72Dz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx8PCmCD1UiAJf6t489F2d-QoMd4AzLIfLm-kiC2FX6GDHmoO6UN5oWF7ZOzGZn2KgRWdC2P72...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx8PCmCD1UiAJf6t489F2d-QoMd4AzLIfLm-kiC2FX6GDHmoO6UN5oWF7ZOzGZn2KgRWdC2P72DzCRvzcpAp60oyPLXYv3TD
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjU2NjEzODE1MDkwNDk2Mw&google_push=Aa02lx8PCmCD1UiAJf6t489F2d-QoMd4AzLIfLm-kiC2FX6GDHmoO6UN5oWF7ZOzGZn2KgRWdC2P72DzCRvzcpAp60oyPLXYv3TD
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 644E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FP2HAxbwSYqGrPMgAVpfqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FP2HAxbwSYqGrPMgAVpfqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx93X5dqFeDMrT4Axz6jIcdit2g4mfuTPPSJIYSFqAzlOTehcInFXJtN9kO8SzZsI0cygofgd6mpZ3ZHovv8E4girKr8_Qk
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FP2HAxbwSYqGrPMgAVpfqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx93X5dqFeDMrT4Axz6jIcdit2g4mfuTPPSJIYSFqAzlOTehcInFXJtN9kO8SzZsI0cygofgd6mpZ3ZHovv8E4girKr8_Qk
date
Sat, 04 Feb 2023 03:30:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame 644E 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKY2wRlZslk04gQ6W4k0TsY&google_cver=1&google_push=Aa02lx9O_lv75_ILxFb2jGDiwNxk7QGW5J3oEErYNoMsxvsrBqFC9hHTXfsBqr0eLA9HB8EH2gB8aA4tZYEznW81fT4ktADP56Q
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:47 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 644E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPe75-Wov-4kSuicmRIG6pYj0LYcxAc1NEC_oe2jiANkWLsmqeoMj6G4fWIN6Hoi8xN1GO
Requested by
Host: e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
track.adform.net/adfscript/ Frame E3B1 		727 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=61227796;click=https://hal900018.redintelligence.net/c/pfxamnoq3778biu?tprd=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5a93946f612081f5f4751cb4bd39c751616450a58a28b23f5046b92eb474b0ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
526
expires
-1
viewability
hal900018.redintelligence.net/ Frame E3B1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=11566000010630506783183012225018&a=539a546b&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame ACD5 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61227804;click=https://hal900014.redintelligence.net/c/pjnbr7fb7dckvf5?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:46:59 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5F2E 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61227778;click=https://hal900028.redintelligence.net/c/pbpghoq1vxr4wej?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:46:59 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E3B1 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61227796;click=https://hal900018.redintelligence.net/c/pfxamnoq3778biu?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:46:59 GMT
/
track.adform.net/adfserve/ Frame ACD5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=61227804;click=https://hal900014.redintelligence.net/c/pjnbr7fb7dckvf5?tprd=;js=1;adfxid=1x;4483;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Flibrary.avsim.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bd8a631186ec1ceab583f6a30b6e411ea13dd00d26024e319bc9c4a53ba769a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2044
expires
-1
/
track.adform.net/adfserve/ Frame 5F2E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=61227778;click=https://hal900028.redintelligence.net/c/pbpghoq1vxr4wej?tprd=;js=1;adfxid=1x;10543;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Flibrary.avsim.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04cc7ae9e331836c274b4bc7a0b024a3d052630e505de8aa608f30032232215d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2027
expires
-1
/
track.adform.net/adfserve/ Frame E3B1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=61227796;click=https://hal900018.redintelligence.net/c/pfxamnoq3778biu?tprd=;js=1;adfxid=1x;9038;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Flibrary.avsim.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
032832845aa47ae899e5d390a89b84f3ba87bcbc6e7386cf2971a93aede55dd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2032
expires
-1
truncated
/ Frame ACD5 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame ACD5 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=97657700010992106783199012225014&a=2c20d6bc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
truncated
/ Frame 5F2E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame 5F2E 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
truncated
/ Frame E3B1 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame E3B1 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:48 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame ACD5 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:40:40 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 5F2E 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:40:40 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame E3B1 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:40:40 GMT
/
track.adform.net/csimpr/ Frame ACD5 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=61227804&csi=n6YqOOshW_XEHwiIojXAfsh7ESYBVCrBm-bBKnWUJwIJDwKV3Zer3MHiu4D_VKKpfPQ0RPYryE_R8zGaYm2gbN6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900014.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900014.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12320352.js
s1.adform.net/Banners/Elements/Files/160090/12320352/ Frame AB47 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/12320352.js?ADFassetID=12320352&bv=258
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2653614c0457a7f9f40d825e71f3234bfbab69a3024e96718347e59f896bb5d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000a5eda784936df130-0063ddcb56-32952663-default
etag
W/"61fbad1fd58bb4128c1855e62247b51f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/csimpr/ Frame 5F2E 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=61227778&csi=0ak3CnfMTWdnwB6WIr1GZy18LiCjlua0yaAtxHw6v8kJDwKV3Zer3MHiu4D_VKKpWur-lxvmLUyCb28T55rehN6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900028.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900028.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12320274.js
s1.adform.net/Banners/Elements/Files/160090/12320274/ Frame B1B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/12320274.js?ADFassetID=12320274&bv=258
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000005a90f1b6d997e764-0063ddcaa3-3295c42b-default
etag
W/"bb7571baa31c395d64904fd014b94179"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/csimpr/ Frame E3B1 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=61227796&csi=_OtBCRbiufbhTTe8QMXdZHAPuV-HgsCvm-bBKnWUJwIJDwKV3Zer3MHiu4D_VKKpCZRVP9C2I_hXMOvD_Z0ept6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900018.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900018.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12320325.js
s1.adform.net/Banners/Elements/Files/160090/12320325/ Frame D502 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/12320325.js?ADFassetID=12320325&bv=258
Requested by
Host: library.avsim.net
URL: https://library.avsim.net/search.php?CatID=root&SearchTerm=emb-145+&Sort=Size&ScanMode=0&Page=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx000003f819121a8b91e44-0063ddcabe-32952663-default
etag
W/"bb7571baa31c395d64904fd014b94179"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		1 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fdf7bdf767de4e3d075878639fbcf6dc30dd04b33390cbdbfee171fa9fba9a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000d61e17c74ae16249-0063ddcb56-32957437-default
etag
W/"f18135fdd9c6d9f7ef098f5cb579dbba"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame AB47 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000496f57c7341b8671-0063766147-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		104 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
123cc1d2037e661a7407aa87e142e1739a1c150e7cf96da0296ef7ee54327cc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx000000fe252b667bf9e32-0063ddcb57-32952663-default
etag
"56a353f1326703fbdff854874778b508"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
104
text0.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4c547f5619b0538da7afde371a48a5d471ae1e22de94545652e93084134664f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx000004847cd34a2c47f69-0063ddcb57-32952663-default
etag
"fc6ffa983eb7efdc74b3c888244a18e5"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5823
text1.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
aab6a19169d5e507a4e6bb5fb4d729566f92ce8a7494403ac79a898b6a8133f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx0000053d955d173be5fa9-0063ddcb57-32952663-default
etag
"1c2383d1c7b63fd6af475132a71dacfb"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8047
text2.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
55dfb0c2aa1b37a0b51127443c74062de5c896cb55001ad37dbfd55206da65cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000f10564596dec97bb-0063ddcb57-3294fed7-default
etag
"646605aaa2c7288b937eb945186537a3"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3090
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b02f1d465ce5fa29df5a067414b9aff8b1bc90ad1576199af0f74ce40c333e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000966816eebdd553e8-0063ddcb57-3295c42b-default
etag
"175daece9a47fb5862ac6e83149200dd"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9710
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
72e5bd3b305059f7054fedc7cd91cf44766d8ef021d02c893bf69ead906a28d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx000003a2d4e7f00446cae-0063ddcb58-32952663-default
etag
"4fe8f036d435815f72d1f054febcddb6"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5175
date.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
976a2d91546df03ee644ccf1ba585a862f1376190ab939f9af0bc06285f1b1d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx000002a7ce70cb256ddfd-0063ddcb58-3295c42b-default
etag
"e08e6ed455672558866a7001f54713e1"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2709
cta.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6eea93f4a19197851225d466b5609d3ae8101de7ca748227c69221eaad0d60db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000db67bb2f80c8dbc5-0063ddcb58-32957437-default
etag
"c065f9b8f6beb62dd3a5446dda956208"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1688
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
610c2f3b188e4a3a6fa82e838c555e393083ba706bcbceaab3f7176db1d7c5b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx000004d3340348aacc275-0063ddcb58-3295c471-default
etag
"5216d5f4f71c04e89c67e47daf0d57bf"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4930
logo.png
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7aec7747c8d7328cc3d38c83f96f1ec380f11ae631b47c29b9263240cf7571d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx0000068ea801fd35adb76-0063ddcb58-32952663-default
etag
"8e6814dc8589818f8ba488861ba5a779"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4931
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be800dc012620d91cf2be9ae2b830eb2aff75ca9d2b0e428eba77a91956d53af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx000009569153c76407dc9-0063ddcb57-3295c42b-default
etag
"ff04bde25354482cf5d4143383cdee1a"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11072
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be800dc012620d91cf2be9ae2b830eb2aff75ca9d2b0e428eba77a91956d53af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000495a4c03e90156fe-0063ddcb57-32952663-default
etag
"ff04bde25354482cf5d4143383cdee1a"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11072
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame AB47 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
44660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqF2f0AVAgMoG1Y%2FBZtICEJrnOyk5KknjrA8YbCl7t5nH37gE24bmiF9vV4mldlJ3b5DmJB3hY%2Funh8EJIQj%2FGv06%2FHWscwgsUlLUSJHOBgGPhlva%2BXdy8vz7S%2Fdi41QTadEVQdP167v26sWoXZB7yub"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca3c9bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame AB47 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
708270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fe0QoUm%2F1FfjBIZZL%2Bah6UnAzPaGg7JGEzsQ1XDaMIH8zebSmZy2ydlLHmkL7WbYutgoB%2BSocYI416eC6SyvbgSt07T8p32JMxLzv4w9sWTjaKz90irbEr3HwqtHUJYW4rkucLiwwE7Q0fZTC%2BpoR1TP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca3a9bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame AB47 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmhNuQOc%2BHCO79IakdD4%2B1zcgxJgBSpKhpI9cMrnSWLeExtFHL29XLgEtUH9KrcBGeM9uRjax8yRuvDZ2YfJ7Mus9AGUgsxlltWVRbNm7fOTPBmFWX0LdLKUXRwCBXyYytCmKC3Sc5vx607LWbKermnL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca3d9bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/ Frame AB47 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320352/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b66a0b006a7085e67e75317da43b0b68569dfd2f7bea033798195cfdbfaa93ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:29:11 GMT
server
nginx
x-amz-request-id
tx00000412eeb51d9fc0383-0063ddcb56-329527e9-default
etag
W/"0ce7c9cf2518e9e1946223979d0e0a2d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		1 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f2f998bd4c7061cb0a1e3a01f1f5de7d4f42b2b959a026f544cdc6c7202e02bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000e8027904d4a808ea-0063ddcaa3-3295c42b-default
etag
W/"4ff91c739552a99b8c4bc3df2061de76"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame B1B1 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000496f57c7341b8671-0063766147-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		103 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000f6435714a50a7829-0063ddcaa3-329527e9-default
etag
"eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103
text0.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000245f4af346e6abd8-0063ddcaa3-3295c471-default
etag
"b40bca9f571a135a168188a0310caad3"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4939
text1.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000001a0becd9a1a66162-0063ddcaa3-329527e9-default
etag
"a56c343a6550b231bbebd7cd72bf5bd3"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7981
text2.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000550b5626625df875-0063ddcaa3-3295c42b-default
etag
"4181f5f32caca226a0d8ad7a53c1ae50"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2442
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e0c24819276a1c6f8a8cedc925e114763711b86e1adb3bf62e32d5175fb7c4f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000f2b4dfe3b6de2eff-0063ddcaa3-329527e9-default
etag
"94a361d8178c08f774ff6fa38aac39ab"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8518
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx0000058a9855ce040856c-0063ddca90-3294fed7-default
etag
"2163627c7872afe2a6e2ee6a39d09a7f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5633
date.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000003364c356eb16b429-0063ddcaa3-32952663-default
etag
"a10336568f378491c6b2b47cbab27726"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2587
cta.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
047e018d798826855bb8ad1513ab90bb2b1241b07297da2f382f1d3f4832b314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000000af6f74d8bf071cc-0063ddcaa3-3295c42b-default
etag
"44a0f94d2c4c45a43aa2bb26a0fbeeb5"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1604
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000006c9d59c96a6fc866-0063ddcaa3-32952663-default
etag
"0539ca6530d6756126aee292b52e0cf8"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4815
logo.png
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000006a786d5f66c9318f-0063ddca90-32952663-default
etag
"926213b1f44a9786a29d0fa8b723023f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3791
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
39ad1ba4e4a887e3dc50f4f0626b2e3e51edd012071fce4d21b5af513a0c5704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000b4c38a92d0720e19-0063ddcaa3-3295c471-default
etag
"190ef16849b6a4a092feef32e9d7558b"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17447
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
39ad1ba4e4a887e3dc50f4f0626b2e3e51edd012071fce4d21b5af513a0c5704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx000001fec17f98a843ea9-0063ddcaa3-3295c471-default
etag
"190ef16849b6a4a092feef32e9d7558b"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17447
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame B1B1 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
44660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eqrf1%2Fa4aJj%2BA4s0wYGOgsc5BWEST3dq1t%2Bgd89Ch3ndXxskBeFDAwodBFrTNwiY2AU7%2B3JAstjFxQ56EwmY6HyrjPA%2F1IueYDTdgPpTHxRM5JAxuQ2kk8Da9YmYrjLzoYNEnSWG%2B5UrrVqpcdchz172"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca359bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame B1B1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
708270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTH5oKVySuKUsvmKsZ6Rz1bzt4ng9WaOAEn2k4K3VxTfPt3WURR4Blfw9MEs0S2lr8B1wqFW4ewlLjCI93EozR1%2BrgRZPaoT%2BJ75D0Ws%2BsHGnh4oemlElkgcUlunkpV15MOi%2FJj0twisF5uBIc2AYoND"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca379bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame B1B1 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCxq3FGXi%2Fg8RfMMKxmRLUkOwnc3cz7TZ9U6LpldpkilAWJDP0S0jfz3vV%2BlE7rXRY8irJc4%2F4eYflTTIuAZSB5ldSNUAEfFlTYYpTVa8Jq7r4grc1ah5i77MSKJl7P6mCAq9gpE4QU0l3yKTNxodzP7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca399bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/ Frame B1B1 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320274/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:25:32 GMT
server
nginx
x-amz-request-id
tx00000b86aa645e1ecac96-0063ddcaa3-3295c471-default
etag
W/"921b0be880dcfcc231e80d970a2248af"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		1 KB
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000336d7d20e4aec696-0063ddcabe-3295c471-default
etag
W/"2718286dd1c324429c3275c918a7d109"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame D502 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000496f57c7341b8671-0063766147-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		103 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000106235c2fde6a5d2-0063ddcabe-32957437-default
etag
"eeb9c35d55092b02bf5fa183ecd734f8"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103
text0.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000f43aa22d19f3b4a8-0063ddcabe-3294fed7-default
etag
"b40bca9f571a135a168188a0310caad3"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4939
text1.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx0000078f4fd5f547ae06b-0063ddcabe-3295c471-default
etag
"a56c343a6550b231bbebd7cd72bf5bd3"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7981
text2.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000a91e17dd48ebb78a-0063ddcabe-329527e9-default
etag
"4181f5f32caca226a0d8ad7a53c1ae50"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2442
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx000006a80978f96bbf377-0063ddcabe-32957437-default
etag
"d14eb5ec94009a4aab46ce7a5211ca15"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8832
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000cde2b0af03f40342-0063ddcabe-329527e9-default
etag
"2163627c7872afe2a6e2ee6a39d09a7f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5633
date.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx000009e5befafd23cc6da-0063ddcabe-3295c471-default
etag
"a10336568f378491c6b2b47cbab27726"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2587
cta.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dc09db8e176e12a83a4f1b4b8bbcf4e130d51182cf6e66889d91f9e83e0040e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx000008c9eb327db8f9d58-0063ddcabe-3295c471-default
etag
"51a99c1aed5feb9089f9af8c15eec059"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1604
logostart.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000f258d87d847a977f-0063ddcabe-32952663-default
etag
"0539ca6530d6756126aee292b52e0cf8"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4815
logo.png
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx0000001ea7a5e0a65bcc9-0063ddcabe-32952663-default
etag
"926213b1f44a9786a29d0fa8b723023f"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3791
model.jpg
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx000008b7f424071b282c6-0063ddcabe-3295c42b-default
etag
"d01dbf544d6187b62332444035791eff"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9352
background.jpg
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx00000d9799874162cdd17-0063ddcabe-3294fed7-default
etag
"273432ea3cb408bfbad853f34722e5e8"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12092
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame D502 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
44660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h517vg0s5VNxEbfnzoER%2Fpy4fslaYLvgRy2IokDmZ8bqu17D%2BJrQbkiXOZHCGFeplMU5KU%2FbWeBZ3gM0xElnI6JTMpNSolPOpnJ%2FodrcDd50X2j6Y6QvbKIupMI9IEQ0ZxKUNo6xmRLMgFMG0OD5ybuF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca3e9bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame D502 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
708270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9Q2rMobkLXmhcQE8xLjJIuJu6quoYkt0vT0hlJggjl7wJpRMZ%2B%2F59AojL3PcDKh8%2BAiWwCBs8eB%2BUhs7oHfOPVwwA%2Fe3Y85AgLir7ktA185fkGkbqPuvMxYT%2Byc9kyASeWs3GyCckd4qF%2BqwdQUQ54U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca3f9bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame D502 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbcVaaTaGch%2FWWTo5vVydPkQVQWsaoQa16uF%2BL9wdoFkCf%2BET%2FegV3aThRhk1RK2jBF%2B6fX4UVbHD5aBJrRLxx4bREtVdusTjiIYNrAG7X9wFxeluxdsv2ashkFZ%2F4hmBz2wp%2By045PEJ%2BhNUdDeBekQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7940546fca409bf2-FRA
expires
Thu, 25 Jan 2024 03:30:48 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/ Frame D502 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/12320325/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:48 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 13:28:01 GMT
server
nginx
x-amz-request-id
tx0000016add81983d5dcc8-0063ddcabe-32957437-default
etag
W/"921b0be880dcfcc231e80d970a2248af"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
activeview
pagead2.googlesyndication.com/pcs/ Frame 8DDF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuu2p8NegKZUOe2Ofmv7YsgUX-RVAZfnIVKs6gc3RUi1-VBhb1JFUH0eUsxPeV3MCD-eV3D8r8ORhAbsbrAKFeLhBDxQj9xOK9wmMWlT_n8730oCjKm&sig=Cg0ArKJSzNLxKzvOYgBpEAE&id=lidar2&mcvt=1000&p=11,436,101,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3638245234&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675481447849&rpt=467&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 8DDF 		0
958 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Flibrary.avsim.net%2Fsearch.php%3FCatID%3Droot%26SearchTerm%3Demb-145%2B%26Sort%3DSize%26ScanMode%3D0%26Page%3D15&e=wqT_3QKwC-iwBQAAAwDWAAUBCOai954GEPa8laWlkcP4QRgAKjYJorYNoyB4yD8RcA4yJILMxD8ZAAAA4HoUAkAhcA0SACkRJNAxAAAAYGZm1j8wtriJCzjvUUAdSAhQqKCdwgFYwf-XAWAAaKbftQF4wogGgAEBigEDVVNEkgUG8KSYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AK09gHgApKnT-oCYGh0dHBzOi8vbGlicmFyeS5hdnNpbS5uZXQvc2VhcmNoLnBocD9DYXRJRD1yb290JlNlYXJjaFRlcm09ZW1iLTE0NSsmU29ydD1TaXplJlNjYW5Nb2RlPTAmUGFnZT0xNYADAIgDAZADAJgDF6ADAaoD3wYKlQYBdqg6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19lEQvQaWQ9NWFXOTVxMmpMekl6THlBdlRucFpORTVIVW1oWmVrMTBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkg8LxMemcyT1RJeE1USTJORGswTkRBM016QXpOekF2TVRFeU1EUTBNVGt2TVRJM09EQXpNell2TVRNdk1HTndkbUV3TkZWM0xXZ3hPVmxYZFhObllWRlRWR0pLY2xjdE5FMW5UM2RuWVd4eU5uTlFSbTB6YXk4eEx6RXpMekF2TUM4eU1ETTVNakUyTHpNMk5EZ3hPREk0TURNdk1qRTFOVFF6THpFeU5qSXhOREl2TVM4d0x6QXZUVVJCZDAxRVEJxAAwDdQARKb0AAV8BHdMCQgQNE5qa3kB7FROalE1TkRRd056TXdNemN3TDJGdGN5ASiQVXhNelF2TlRFdk9UazVMekkxT0M4eU1UY3VNVEUwTGpJeE9DNAFQaHVNREF3THpFMk56VTBPREUwTkRZdk1UWTNOVAFc8GVBME5pOHhNeTh4TURRM09TOC9kWTdzRVhpN0V6d1dQMWM0b3Bablp3U2Y5T00mbm9kZWlkPTMyNjQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD04NjkyMTEyNjQ5NDQwNzMwMzcwJnBic192IgAcc2hhcmRrZXlWPwDwgXJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2JqYmJnZyZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMyLjQwJnNpZD0xMjc4MDMzNiZjaWQ9MTEyMDQ0MTkmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITODY5MjE20QBYGhM0NzUxNTkyODcwMTE3NzI3ODYyIgkB8DgyNjc2MCoGMTAxOTM2OggRZPCwwAOsAsgDANgDrYo44AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKigncIBiAUBmAUAoAWEnP_krufWohfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWjgAP6BQQIABAAkAYAmAYAuAYAwQYABSUs8D_QBvmrAdoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjYyMTQyyAfCiAbSBw0JAA00ATAM2gcGCAUJaOAHAOoHAggA8AffzgGKCAIQAJUIAACAP5gIAQ..&s=a262c4897b50e832587338fc0c9efe01afa0974d&type=pv&jm=1003&px=436&py=11&bw=728&bh=90&sf=1&sid=7291533251107804250&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23223350&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://library.avsim.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:49 GMT
AN-X-Request-Uuid
03186afd-a25e-414e-bae0-b96c2afe77a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://library.avsim.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9AA8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVr2X1R7AFglwDfPCS8Q5FpL5cCt3VsrITwEpoLuOs-G6pGIdYOlVQhLyrr_hcS5GEaG09LjDMtuZ7YwG1-JKmWEVA&sig=Cg0ArKJSzENgpcIWeBHFEAE&cid=CAASF-RoOZAPg2aWOxuN52JqjF6va1DdKdsQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1234413246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675481447828&rpt=595&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900028.redintelligence.net/ Frame 5F2E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=92289200009565906783183012225028&a=4478a636&vb=v
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=92289200009565906783183012225028&a=f37af4cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900018.redintelligence.net/ Frame E3B1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=11566000010630506783183012225018&a=539a546b&vb=v
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=11566000010630506783183012225018&a=5653ad6b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
track.adform.net/serving/unload/ Frame 5F2E 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3056566138150904963@@61227778,7449154403391220517,100|1165|0|0|0|0|0|0|0||40|1|||||1|0|0|0X9t6p79UWTxBx_RTJEBJ7OKpR2_LSRCMxxfiwBaWEiWUeS03nzICvL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900028.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900028.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E3B1 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3056566138150904963@@61227796,2228140326677473056,100|1200|0|0|0|0|0|0|0||41|1|||||1|0|0|l4F0g-DCskLxBx_RTJEBJ7OKpR2_LSRCMxxfiwBaWEgH8ueAnB_r4fL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900018.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900018.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		81 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=2003840872&pt=17&dpn=1&iiqidtype=2&iiqpcid=b1b0d258-cfe7-4ca0-a923-d9b1365ef27f
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-69.ams54.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
a18cadbd30e5b1413e88af651a190ede8eeffaf24bb915cf25e4710a14a13894

Request headers

Referer
https://library.avsim.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
via
1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://library.avsim.net
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
QSDrk62uMRgfZpcv5687j1LuwQWwNgLMJCiM_DQn_xeweZU1e6gG9w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 03AA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
85698
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 04 Feb 2023 03:30:50 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
15, 829499
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220090-HHN
X-Timer
S1675481450.478986,VS0,VE0
sync.html
public.servenobid.com/ Frame FA8B 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-119.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52260
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 03 Feb 2023 12:59:51 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
x-amz-cf-id
r6fAyiVG3pX42z0cbiYebsy7fhxqW6mnS8fo-HU_WqvN0eNuN_fRsQ==
x-amz-cf-pop
AMS50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
visitormatch
bh.contextweb.com/ Frame 1812 		27 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5ffd6ccc57-n99s7
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
pd
u.openx.net/w/1.0/ Frame 93F1 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: scripts.atmtd.com
URL: https://scripts.atmtd.com/yetijs/prebid_vxTfCt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://library.avsim.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 03AA 		0
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
AN-X-Request-Uuid
b00289b9-eeb7-4d65-a6f0-ccf58bd68f8b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame F58B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.26.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-26-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
47cdaeb8ccaf344dcac40d9028c3fd3d9698655d66a6789c8e45841994a65704

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 04 Feb 2023 03:30:50 GMT
etag
W/"01618a50a209bac0159f9e9b5410543d2"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 01D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8F59 		901 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
248a3973d592528de1f122069ac236c908a2eae9cbaf9d1640a812228ec76b5f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
901
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 65F5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a76f0daf3bdce1b8d35b76abae9e45be5ea2c62e5be9fc5f594e6276133a8e64

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7940547a5d243654-FRA
content-encoding
br
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV1p1bUZzepwsh%2FTyipPC8n0t4KppzBK%2FX7110HdI5xMO3dC2SbxhT8BbUl0vLvkQv7FIi%2Bx%2FubNMlkwznPF1UiK86Uw8hmD67GWzdr%2BoqGmipbhAGb8b5x0j%2FrKC50x4mSCnGZ2dquxnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7940547a2d093654-FRA
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfQnhs96yYXSV9oqz7VGgvWe7wkTHeZZOJxGjFoekebiUxtujKpQ14vsL8MlCXCLYv6lUedGzZFGZJt1%2FWyZGhqk7o3TpRDXLY8mHKgv4P8JZRs43lrtKN%2Bcy9PzfnfqR7CUOAuleqhPJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AED6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Feb 2023 03:30:50 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A4C4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=106135
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
Sun, 05 Feb 2023 08:59:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame E5E6 		0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-id
RdaVfZdoS3jfwOhcOTQVDubWy_U06MmSkb8_rRooiHB41xhnbGhLqQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame FA8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6485183542642210697
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6485183542642210697
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 04 Feb 2023 03:30:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5266a858-7333-409e-aab9-0335079d8e7c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=6485183542642210697
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame FA8B
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GGSSvRZHthckY0tOSHKW9OQk
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GGSSvRZHthckY0tOSHKW9OQk
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GGSSvRZHthckY0tOSHKW9OQk
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame FA8B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 04 Feb 2023 03:30:50 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame FA8B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4656614547
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4656614547
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
etag
RXb48fe99a16884efe92c8a16589ec190f003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4656614547
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame FA8B
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5133329524133119617
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5133329524133119617
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5133329524133119617
Date
Sat, 04 Feb 2023 03:30:50 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame FA8B 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-102
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame FA8B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=91f72cfe-c88d-48de-b8fb-7de8aa1111cc&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=91f72cfe-c88d-48de-b8fb-7de8aa1111cc&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=91f72cfe-c88d-48de-b8fb-7de8aa1111cc&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame FA8B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-zq3jqOlE2uE1_jJE8VjvezIkQ47MRjs64_k1s9g-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-zq3jqOlE2uE1_jJE8VjvezIkQ47MRjs64_k1s9g-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-zq3jqOlE2uE1_jJE8VjvezIkQ47MRjs64_k1s9g-~A
date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame FA8B
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc...
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc1YWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc1YWEyAhIaOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-102
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc1YWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iODE2MTRlYi04ZDU0LTM1ZDgtYjU0Zi00ZDlmOTY4Mzc1YWEyAhIaOAE=
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:51 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame FA8B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-Be.M6r5E2uHt0xxhuOQRmCt1siK9xJHrOoLVmJ8-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-Be.M6r5E2uHt0xxhuOQRmCt1siK9xJHrOoLVmJ8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-Be.M6r5E2uHt0xxhuOQRmCt1siK9xJHrOoLVmJ8-~A
date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 8F59 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4314567512815899255&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8F59
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=45a519db-c274-4071-93bb-47e4ef66f9c7&gdpr_consent=null&gdpr=0
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=45a519db-c274-4071-93bb-47e4ef66f9c7&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=45a519db-c274-4071-93bb-47e4ef66f9c7&gdpr_consent=null&gdpr=0
date
Sat, 04 Feb 2023 03:30:50 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8F59
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y93RagAAA8JOCgAh&gdpr=0&gdpr_consent=&_test=Y93RagAAA8JOCgAh
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y93RagAAA8JOCgAh&gdpr=0&gdpr_consent=&_test=Y93RagAAA8JOCgAh
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:49 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-hhn-etou8220040-HHN
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675481451.755496,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y93RagAAA8JOCgAh&gdpr=0&gdpr_consent=&_test=Y93RagAAA8JOCgAh
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame 8F59
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDMxNDU2NzUxMjgxNTg5OTI1NQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGN7YcHCxx-02n3rKPnNRM8&gdpr=0&gdpr_consent=&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGN7YcHCxx-02n3rKPnNRM8&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:49 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGN7YcHCxx-02n3rKPnNRM8&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8F59
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=N6bpy2Wku84srOyeZ_egmTitv5gspevKMffaq3I1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=N6bpy2Wku84srOyeZ_egmTitv5gspevKMffaq3I1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=N6bpy2Wku84srOyeZ_egmTitv5gspevKMffaq3I1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 65F5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 65F5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
187XZM4F5YT18T9D3TS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
987PYKG10HEK9869XRC7
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 65F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENadtDizWOqD-GlyXRitSlA&google_cver=1
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENadtDizWOqD-GlyXRitSlA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QThy4LflkU3tQgKXr8ryZMCLkDKOjlHswGiwarAhq%2BqazEZw2kWbFFmQMTGM15BzKkQCJK2OtvI%2FBjUJTg8lLbUxs0NjDhweov72w0P%2BG8QsQNX9PynugToyPgt6tnuOW1PX7LZ7s3K3BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7940547b0e719bf8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENadtDizWOqD-GlyXRitSlA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 65F5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y93Rarch38KdPQf7dHfjsQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0626JxokNMw4EGksMB3mQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0626JxokNMw4EGksMB3mQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP0626JxokNMw4EGksMB3mQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 65F5 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.86.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-86-28.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 65F5 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 65F5
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y93Rarch38KdPQf7dHfjsQAA%261136
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bdeb4a30-2252-4bcf-8765-aad7d7fed388-tuctad756ea
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bdeb4a30-2252-4bcf-8765-aad7d7fed388-tuctad756ea
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=bdeb4a30-2252-4bcf-8765-aad7d7fed388-tuctad756ea
date
Sat, 04 Feb 2023 03:30:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25484
rum
dsum.casalemedia.com/ Frame 65F5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675567850
43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675567850
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3W6uPYZJBsThmv8QC9dPrZ5COjDAPeR0PNQQv7cap19n6U3%2FXmMNOaAPM97PleQ01XSgc%2Fk5ZVZgMIsmaapTxd5s76EdGHzYMinhsAN4F1JYvmVkiHoTDbCNVDpuUt%2F07mE%2Fqbm"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7940547ca96337fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1675567850
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 65F5 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y93Rarch38KdPQf7dHfjsQAABHAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A4C4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41406438&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dd540130bb69bd28d6e1160cd8dd674e7fd25e19bbdd6307d5c3187aa7b8c6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 04 Feb 2023 03:30:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 8A53 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6F6C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:51 GMT
Expires
Sat, 04 Feb 2023 03:30:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 441 9053ffc master cdg-pixel-x33 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 58C9 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
Sat, 04 Feb 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
492780
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 6F14
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8268509275789687133
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8268509275789687133
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8268509275789687133
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 5ADD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 047B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6485183542642210697&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6485183542642210697&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
993b7f64-7744-4123-bcb7-4fb65ab3142b
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Feb 2023 03:30:50 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6485183542642210697&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
sync
ads.servenobid.com/ Frame 6B73 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=14FD8703-16F0-498A-86AC-F320015A5FA9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 04 Feb 2023 03:30:50 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A4C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FP2HAxbwSYqGrPMgAVpfqQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=106135
accept-ranges
bytes
content-length
5554
expires
Sun, 05 Feb 2023 08:59:45 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=208e3e2a031ceb69/gdpr=0/ Frame A4C4
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=7978424162bd6a835b93b35bf1ac3069&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=208e3e2a031ceb69/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=208e3e2a031ceb69/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
54.76.136.152 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.203
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=208e3e2a031ceb69/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame A4C4
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=14FD8703-16F0-498A-86AC-F320015A5FA9&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=14FD8703-16F0-498A-86AC-F320015A5FA9&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=14FD8703-16F0-498A-86AC-F320015A5FA9&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Sat, 04 Feb 2023 03:30:50 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=14FD8703-16F0-498A-86AC-F320015A5FA9&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame A4C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTRGRDg3MDMtMTZGMC00OThBLTg2QUMtRjMyMDAxNUE1RkE5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A4C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIOknVkOM4pgFrEOUy6KSWg&google_cver=1
42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIOknVkOM4pgFrEOUy6KSWg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIOknVkOM4pgFrEOUy6KSWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A4C4 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 03 Feb 2023 03:30:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A4C4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3056566138150904963
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3056566138150904963
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3056566138150904963
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A4C4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6485183542642210697
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6485183542642210697
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Sat, 04 Feb 2023 03:30:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f727e550-42e2-425c-80dc-bed1676fd561
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=6485183542642210697
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidswitch
event.clientgear.com/cookie/ Frame F58B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e886b860-05bd-4f55-a0f1-fd35370ec282&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e886b860-05bd-4f55-a0f1-fd35370ec282&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e4feb7af-0e87-49bb-a63b-ee505e72b965
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e4feb7af-0e87-49bb-a63b-ee505e72b965
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
47.252.78.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:51 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
//event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e4feb7af-0e87-49bb-a63b-ee505e72b965
date
Sat, 04 Feb 2023 03:30:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2ae916df-f925-40fb-669b-079be422360a$ip$217.114.218.19
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2ae916df-f925-40fb-669b-079be422360a$ip$217.114.218.19
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2ae916df-f925-40fb-669b-079be422360a$ip$217.114.218.19
Date
Sat, 04 Feb 2023 03:30:51 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e886b860-05bd-4f55-a0f1-fd35370ec282&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=aVfqaY45QILRD9wQ6nGH&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YKWMZYWCWJUGVIUSTCSIQ4XOUJWNZDUQ...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aVfqaY45QILRD9wQ6nGH&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aVfqaY45QILRD9wQ6nGH&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=aVfqaY45QILRD9wQ6nGH&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=GckvKWImnj2Y&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=GckvKWImnj2Y&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.14.v20181114)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=GckvKWImnj2Y&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5ffd6ccc57-cpz9n
expires
-1
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F58B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28xk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e886b860-05bd-4f55-a0f1-fd35370ec282&obuid=ENC(xk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bus...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3Dxk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
98.98.134.242 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 04 Feb 2023 03:30:51 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

Location
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3Dxk8AeMBjvtGAe_w5Tt3dYwmOceeitXWdzkHOxxCMYjsl_9Al9Xffk2jWZHgQovxH%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Date
Sat, 04 Feb 2023 03:30:51 GMT
X-TraceId
e48b48482c6d82bcbd2b446bfbdc9107
Content-Length
782
Content-Type
application/json
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b918c906-8ef1-44da-94a1-7e63dfa5fb0b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b918c906-8ef1-44da-94a1-7e63dfa5fb0b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 04 Feb 2023 03:30:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b918c906-8ef1-44da-94a1-7e63dfa5fb0b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-QoT.TWxE2peiO7c1BWJgTWnFT75tl4jsichO~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-QoT.TWxE2peiO7c1BWJgTWnFT75tl4jsichO~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 04 Feb 2023 03:30:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-QoT.TWxE2peiO7c1BWJgTWnFT75tl4jsichO~A
content-length
0
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=a0007e78-e425-40dc-8279-2b26873fe7b4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=a0007e78-e425-40dc-8279-2b26873fe7b4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=a0007e78-e425-40dc-8279-2b26873fe7b4
Date
Sat, 04 Feb 2023 03:30:51 GMT
Connection
keep-alive
X-CI-RTID
8993d6b3-be55-45ba-9645-2c8cc0d1c34e
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame F58B 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:1bd0:3d54:e1f3:90af -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:51 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
11834625
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame F58B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=5a866abf-47cb-49d0-8cf4-19812bb198aa
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=5a866abf-47cb-49d0-8cf4-19812bb198aa
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=5a866abf-47cb-49d0-8cf4-19812bb198aa
access-control-allow-origin
*
date
Sat, 04 Feb 2023 03:30:51 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame F58B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4314567512815899255
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4314567512815899255
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4314567512815899255
date
Sat, 04 Feb 2023 03:30:50 GMT
content-length
0
sync
ads.servenobid.com/ Frame F58B 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_e886b860-05bd-4f55-a0f1-fd35370ec282
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.226.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-226-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
0.gif
id5-sync.com/i/495/ Frame 100C
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 04 Feb 2023 03:30:51 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sat, 04 Feb 2023 03:30:51 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BFE2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=106135
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
Sun, 05 Feb 2023 08:59:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame EF18 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 04 Feb 2023 03:30:50 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame CFC3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:51 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:51 GMT
Expires
Sat, 04 Feb 2023 03:30:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 441 9053ffc master cdg-pixel-x14 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=9bb463dd-d168-4f00-806c-b285de5189cb&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 4A28
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF
  • https://usersync.gumgum.com/usersync?b=atm&i=Y93RagAEcUjJigAF&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y93RagAEcUjJigAF&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y93RagAEcUjJigAF&gdpr=0&gdpr_consent=&_test=Y93RagAEcUjJigAF
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220040-HHN
x-timer
S1675481451.853390,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 3006 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lODg2Yjg2MC0wNWJkLTRmNTUtYTBmMS1mZDM1MzcwZWMyODI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 17C7
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=6485183542642210697&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=6485183542642210697brt51591675481450839519f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=6485183542642210697brt51591675481450839519f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Sat, 04 Feb 2023 03:30:50 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=6485183542642210697brt51591675481450839519f1
usersync
usersync.gumgum.com/ Frame DCDD
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y93Ra8Co8YUAAKcsLNEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y93Ra8Co8YUAAKcsLNEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 04 Feb 2023 03:30:51 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y93Ra8Co8YUAAKcsLNEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
199
X-SO-Cluster-ID
0
X-SO-HostName
m-ad387.dc4p.scaleout.jp
X-SO-IP
217.114.218.19
X-SO-Key
Y93Ra8Co8YUAAKcsLNEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y93Ra8Co8YUAAKcsLNEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad387"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad387
usersync
usersync.gumgum.com/ Frame B2D3
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_e886b860-05bd-4f55-a0f1-fd35370ec282&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=807aaaa0-cc9f-46b0-b3d7-3a1b4f8704da
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=807aaaa0-cc9f-46b0-b3d7-3a1b4f8704da
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:51 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sat, 04 Feb 2023 03:30:51 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=807aaaa0-cc9f-46b0-b3d7-3a1b4f8704da
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame 7F2C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y93Rarch38KdPQf7dHfjsQAA%261136
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y93Rarch38KdPQf7dHfjsQAA%261136
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7940547b2e8a9bf8-FRA
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y93Rarch38KdPQf7dHfjsQAA%261136
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpQIVQvWJ5V1z0X2vWvd9WoYk64gdZrZlhFHJnDZJPndMlz5aqJ7xI5dr6o31VhGFIfLkA55Ji1ZD2ay4XEGv6gfHckdLin8SsIEM%2FhvTzgdlZ7mVnRtDOOLU5EPWAmfbX79%2FFPqZgzGOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0450
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=KTRtD9LMuweSHnm1GYCR&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=KTRtD9LMuweSHnm1GYCR&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 04 Feb 2023 03:30:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT Sat, 04 Feb 2023 03:30:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=KTRtD9LMuweSHnm1GYCR&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame DA15
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Feb 2023 03:30:50 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 04 Feb 2023 03:30:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame AED6 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
240ada8a06176fceb2a32814db009d7e449be46bd7f3e8a54d03acba18d039f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 08:46:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19014
Connection
keep-alive
Content-Length
10009
Expires
Sat, 04 Feb 2023 08:47:44 GMT
khaos.jpg
token.rubiconproject.com/ Frame AED6 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame DA15 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
240ada8a06176fceb2a32814db009d7e449be46bd7f3e8a54d03acba18d039f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 04 Feb 2023 03:30:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Feb 2023 08:46:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19014
Connection
keep-alive
Content-Length
10009
Expires
Sat, 04 Feb 2023 08:47:44 GMT
khaos.jpg
token.rubiconproject.com/ Frame DA15 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 03AA 		0
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Feb 2023 03:30:51 GMT
AN-X-Request-Uuid
fabcc74c-3724-4799-9ffd-242875572ccb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A4C4 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 03:30:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontentvisibilityautostatechange object| dataLayer object| googletag object| apstag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| google_tag_manager boolean| apstagLOADED object| apscustom function| onYouTubeIframeAPIReady function| _docReady object| pbjs object| atdpbjs boolean| isUserActive boolean| windowActive object| _yetiAXTInstances object| _yetiAXTUnitConfig function| Sizzle object| _fiBackupData object| atdpbjsChunk string| nobidVersion object| nobid function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| GoogleGcLKhOms object| google_image_requests number| lnt_z

86 Cookies

Domain/Path Name / Value
.avsim.net/ Name: __gads
Value: ID=f99a763db398925b:T=1675481446:S=ALNI_MY5fbDFoeKayBQ7JOVxFxDWQKnClA
.avsim.net/ Name: __gpi
Value: UID=00000baf784083b8:T=1675481446:RT=1675481446:S=ALNI_MagBykeveVsEIPAuz3hLEb3-T50WQ
.avsim.net/ Name: _ga_X9WG1KE85T
Value: GS1.1.1675481446.1.0.1675481446.60.0.0
.avsim.net/ Name: _ga
Value: GA1.1.446818801.1675481446
.doubleclick.net/ Name: IDE
Value: AHWqTUnVO8CQ5xqDNB-9un13Lnt7niiLjCwruTPswOKOnotjqKpD3ueTxGRnAgBr7ys
library.avsim.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
library.avsim.net/ Name: _iiq_fdata
Value: %7B%22pcid%22%3A%22b1b0d258-cfe7-4ca0-a923-d9b1365ef27f%22%7D
.adnxs.com/ Name: icu
Value: ChgIvZ98EAoYASABKAEw5qL3ngY4AUABSAEQ5qL3ngYYAA..
.adnxs.com/ Name: uuid2
Value: 6485183542642210697
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 9bb463dd-d168-4f00-806c-b285de5189cb
.ctnsnet.com/ Name: gid_CAESELoxEknBr06ldv_nhFhFJEw
Value: 1
.ctnsnet.com/ Name: cid_acdd03e3ec3c4440b81b650ea24512e4
Value: 1
.adform.net/ Name: uid
Value: 3056566138150904963
.de17a.com/ Name: guid
Value: 1.8268509275789687133
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: d3bc0f462e9dc93f
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b48fe99a-1688-4efe-92c8-a16589ec190f-003%22%7D
.simpli.fi/ Name: suid
Value: 2764D2291CD248A3BFAF41A6842FDBB9
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 14FD8703-16F0-498A-86AC-F320015A5FA9
.adfarm1.adition.com/ Name: UserID1
Value: 7196138024225601686
.adform.net/ Name: TPC
Value: 1675481448692
.smartadserver.com/ Name: pid
Value: 4314567512815899255
.casalemedia.com/ Name: CMID
Value: Y93Rarch38KdPQf7dHfjsQAA
.casalemedia.com/ Name: CMPS
Value: 1136
.casalemedia.com/ Name: CMPRO
Value: 1136
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b48fe99a-1688-4efe-92c8-a16589ec190f-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.servenobid.com/ Name: pid_317
Value: 4314567512815899255
.servenobid.com/ Name: pid_312
Value: 6485183542642210697
.lijit.com/ Name: ljt_reader
Value: GGSSvRZHthckY0tOSHKW9OQk
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~29sr
.yahoo.com/ Name: A3
Value: d=AQABBGrR3WMCEJnjphqj8Bw4m1NtR1F07FAFEgEBAQEi32PnYwAAAAAA_eMAAA&S=AQAAAmFnOKWfQBsj-cG_dIdA3BA
.intentiq.com/ Name: IQver
Value: 1.9
.quantserve.com/ Name: mc
Value: 63ddd16a-9a1fb-69827-0fe0b
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_339
Value: y-Be.M6r5E2uHt0xxhuOQRmCt1siK9xJHrOoLVmJ8-~A
.servenobid.com/ Name: pid_337
Value: y-zq3jqOlE2uE1_jJE8VjvezIkQ47MRjs64_k1s9g-~A
.servenobid.com/ Name: pid_327
Value: 91f72cfe-c88d-48de-b8fb-7de8aa1111cc
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:3
.pubmatic.com/ Name: DPSync3
Value: 1676678400%3A201_197_219_221
.pubmatic.com/ Name: SyncRTB3
Value: 1676678400%3A21_13_8_220_56_7_54_161_3%7C1676764800%3A35
.gumgum.com/ Name: vst
Value: e_e886b860-05bd-4f55-a0f1-fd35370ec282
.csync.loopme.me/ Name: viewer_token
Value: 45a519db-c274-4071-93bb-47e4ef66f9c7
.servenobid.com/ Name: pid_310
Value: GGSSvRZHthckY0tOSHKW9OQk
.servenobid.com/ Name: pid_333
Value: Y93Rarch38KdPQf7dHfjsQAABHAAAAAB
.quantserve.com/ Name: d
Value: EPEBEgGbKPijCP_8EA
.servenobid.com/ Name: pid_316
Value: 14FD8703-16F0-498A-86AC-F320015A5FA9
.openx.net/ Name: i
Value: 9d89522f-0f63-437b-a90c-a66673d2c9b0|1675481450
.servenobid.com/ Name: pid_309
Value: e_e886b860-05bd-4f55-a0f1-fd35370ec282
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MgEyDA0tzQzNhfgMdYOM_Y0Ss5JKLYwDywFRbLcoJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5qYmFoYmpgbm4CAFzgFREQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MgEyDA0tzQzNhfgMdYOM_Y0Ss5JKLYwDywFRbLcoJQAAAA
.smartadserver.com/ Name: csync
Value: 76:CAESEGN7YcHCxx-02n3rKPnNRM8|94:Y93RagAAA8JOCgAh
.onaudience.com/ Name: cookie
Value: 208e3e2a031ceb69
.onaudience.com/ Name: done_redirects161
Value: 1
.bidswitch.net/ Name: tuuid
Value: e4feb7af-0e87-49bb-a63b-ee505e72b965
.bidswitch.net/ Name: c
Value: 1675481450
.bidswitch.net/ Name: tuuid_lu
Value: 1675481450
.fiftyt.com/ Name: fifid
Value: e12cc173-7a22-4238-7064-c6cb9428fd11
.fiftyt.com/ Name: cs
Value: MTY3NTQ4MTQ1MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJD7qZ4cMFQBNZwu5ukVMTjYXDlUbvzb4WGdNNs4Z052
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEIOknVkOM4pgFrEOUy6KSWg&KRTB&22987-CAESEIOknVkOM4pgFrEOUy6KSWg&KRTB&23025-CAESEIOknVkOM4pgFrEOUy6KSWg&KRTB&23386-CAESEIOknVkOM4pgFrEOUy6KSWg
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw&KRTB&19420-NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw&KRTB&22979-NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw&KRTB&23403-NyiIWWUq2lwsIo0MZ3nBCzgj3gosK4pYMXmnFMLw
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8268509275789687133
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y93RagAEcUjJigAF
.servenobid.com/ Name: pid_324
Value: 5133329524133119617
.emxdgt.com/ Name: euid
Value: 51591675481450839519f1
.fiftyt.com/ Name: fppm
Value: 20230204033050
.creativecdn.com/ Name: u
Value: KTRtD9LMuweSHnm1GYCR
.creativecdn.com/ Name: ts
Value: 1675481450
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b4627e3500355cd5
.emxdgt.com/ Name: eapn_id
Value: 6485183542642210697
.outbrain.com/ Name: obuid
Value: b43cd13d-f744-4205-acad-896b3faf0e72
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3056566138150904963&KRTB&23263-3056566138150904963
.pubmatic.com/ Name: PugT
Value: 1675481449
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6485183542642210697&KRTB&23339-6485183542642210697
.go.sonobi.com/ Name: HAPLB8S
Value: s85102|Y93Rb
.admanmedia.com/ Name: admtr
Value: 807aaaa0-cc9f-46b0-b3d7-3a1b4f8704da
.admanmedia.com/ Name: ac_r
Value: CS71
.amazon-adsystem.com/ Name: ad-id
Value: A725V84DbEwFl4BsMdxESyY|t
.onaudience.com/ Name: done_redirects104
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-b81614eb-8d54-35d8-b54f-4d9f968375aa
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.360yield.com/ Name: tuuid
Value: 5a866abf-47cb-49d0-8cf4-19812bb198aa
.360yield.com/ Name: tuuid_lu
Value: 1675481451
.zemanta.com/ Name: zuid
Value: aVfqaY45QILRD9wQ6nGH

2 Console Messages

Source Level URL
Text
other warning URL: https://e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=208e3e2a031ceb69/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.intentiq.com
aud.pubmatic.com
automatad-d.openx.net
b1sync.zemanta.com
bh.contextweb.com
bid.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cat.nl.eu.criteo.com
cdn.adnxs.com
cdn.automatad.com
cdn.contentspread.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e2dcf7e06b48310312548daa8c73c6b0.safeframe.googlesyndication.com
eus.rubiconproject.com
event.clientgear.com
fra1-ib.adnxs.com
g2.gumgum.com
gcm.ctnsnet.com
go.automatad.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900018.redintelligence.net
hal900028.redintelligence.net
hb-api.omnitagjs.com
hb.yellowblue.io
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
library.avsim.net
loada.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg8.smartadserver.com
public.servenobid.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s1.adform.net
scripts.atmtd.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.mathtag.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.109.78.125
108.138.4.150
124.146.215.51
13.227.219.69
138.201.84.245
141.226.228.48
141.94.170.64
141.95.33.111
144.76.91.199
147.75.85.234
15.197.193.217
151.101.193.108
151.101.2.49
151.101.65.108
172.217.16.194
172.64.154.237
176.9.26.250
178.250.0.163
178.250.2.148
18.156.0.31
18.158.8.202
185.184.8.90
185.255.84.150
185.29.134.244
185.29.134.249
185.64.189.110
185.64.189.115
185.64.189.229
185.64.190.80
185.80.39.216
185.86.138.122
185.86.139.101
185.86.139.89
193.0.160.129
198.148.27.133
198.148.27.140
198.47.127.20
2.19.35.65
20.127.253.7
20.13.96.71
2001:4860:4802:32::36
213.155.156.185
213.19.147.44
216.52.2.39
216.52.2.91
23.35.236.201
2400:52e0:1e00::1077:1
2600:9000:223f:9400:1f:4c18:bd40:93a1
2603:c020:400d:3000:1bd0:3d54:e1f3:90af
2606:4700:10::6816:35c7
2606:4700:10::6816:45f0
2606:4700::6811:190e
2607:f108:300:8:21a:4aff:fe16:11a
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2001
2a00:1450:4001:809::2004
2a00:1450:4001:811::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400d:802::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2008
2a00:1450:4025:401::9d
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::c
2a02:fa8:8806:12::1400
2a05:d018:d29:3605:904b:84a6:a3bc:1a71
3.67.29.124
34.231.81.182
34.233.108.47
34.250.26.242
34.254.143.3
34.255.226.52
34.98.64.218
35.157.49.84
35.175.157.122
35.186.193.173
35.201.96.126
35.204.158.49
35.214.223.115
35.227.252.103
37.157.2.238
37.157.6.235
37.157.6.247
37.252.171.149
37.252.171.53
38.91.45.7
47.252.78.131
51.89.9.251
52.210.15.1
52.222.139.119
52.46.151.131
52.48.86.28
52.87.37.104
54.228.83.115
54.76.136.152
64.95.96.108
65.9.97.56
69.166.1.10
69.173.144.139
69.192.160.219
70.42.32.255
80.77.87.161
85.114.159.93
88.99.165.19
88.99.65.215
92.123.37.164
98.98.134.242
01ac6adfa0e215d1ae60b6188465939c146470c99c499ddffa4de50d22dbc5a0
032832845aa47ae899e5d390a89b84f3ba87bcbc6e7386cf2971a93aede55dd1
047e018d798826855bb8ad1513ab90bb2b1241b07297da2f382f1d3f4832b314
04cc7ae9e331836c274b4bc7a0b024a3d052630e505de8aa608f30032232215d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
07773674da8a5d7de6575be849321af69c60333d821b2e531b8b6aad8cb8deba
07da465111e7fde87a9e179912b630c9556cf2e6c0360bc119de228948e84040
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df3ed2755d53b2cd9ee9b7cacfcb19cda922846ede1b192b31c3c1b328a6264
0e8d517e53f7e3aa356319af1f5203ef8a8e2025e85b9a670d7ac1fd885c322c
119037257babfd748692510719dd9c010db63f4c9e64297c4d3884876b775475
123cc1d2037e661a7407aa87e142e1739a1c150e7cf96da0296ef7ee54327cc6
14fd46c79ea2ec3ee979acd36fda0dc96b5483c6bd936f8c5f310a3aefa44947
17748da4a15737e70d1792c88a71ead47adf17ae8ae28694b310a93afd18d1e6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cdfc0b9a46f950118e2c5a1c811d1e5fc8e28e187b3ab00bed0bffc570726d9
1d83a5155f4dc85b8c7dabe133fd80f8c761525c8d6050e90654c8d99b99d415
1e4ba2b9943af56b9826707b55d94597f5288981e4b1ead596709e42c479afd8
1f00f7401c1f4a38d36047ab0292fd869538b950343c2e353760e8062ad947a1
240ada8a06176fceb2a32814db009d7e449be46bd7f3e8a54d03acba18d039f8
248a3973d592528de1f122069ac236c908a2eae9cbaf9d1640a812228ec76b5f
25ba8c34b21a7aea36e59cc0a84e9382dfa8c186b5c9db0ff0839a2340bf46a1
2653614c0457a7f9f40d825e71f3234bfbab69a3024e96718347e59f896bb5d3
2aceb6834d98e6f332a7751249ca55289246d8756cd476d42945af2af3627ccf
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2d473464782e3555b884e7f93375b1ef5c73fe9589b5413625cd426b4baeacbd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e389aa78fa1a93bd6d515e308c7397a2d8493b2fb7c0d6e2424c0a096590002
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3333a0f8f104b7986ea461b270b4eed8e66022d379dad3067b7156d8dfabeb3c
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3970e9644153e54a40508af8a225fba38e53f8e227278d1db1030e0f63a07ff4
39ad1ba4e4a887e3dc50f4f0626b2e3e51edd012071fce4d21b5af513a0c5704
3a2132d48e23588b97e2795c26f1915126fdab93ec829d562d8344711113b56d
3c1b32857beb2b62b8855633827a93ba1aaccc8fe0990fed81bac9aa173b5094
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f00b566c3dc6fa6afad7adfcf139394095cc15e6037f28912c78542cee99fe0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40da5aa4e97f60b0920d7e88b9f8eb39510d77d4c856e6a1fcda96fa9df5d236
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4729ebbfc9b34bb34e849720a5cfb3c2e456a3640dfa7bed72bd4f8bfb856a11
47cdaeb8ccaf344dcac40d9028c3fd3d9698655d66a6789c8e45841994a65704
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c547f5619b0538da7afde371a48a5d471ae1e22de94545652e93084134664f7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed92c6b3faa8871c197dd0d475d0798a5472059e8977884dd7b3a589fece4c4
4f69e3e7b5c2bfac3a41d6e361a81d3ca796db1bbcf0cc5fc1444adf21c34d2c
520ab18d78e948bbc9c7c7968c76116a88cc80cd4d40174eef88e6aeeadcb857
52590f74b17880b7c1bdb1e251e5b5c291b0cb79cc429f9413fbe759655a1995
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dfb0c2aa1b37a0b51127443c74062de5c896cb55001ad37dbfd55206da65cf
58c20072e3e8c2457829c3014d82771e7b1d642c3bff2fcd1466637f913e7fa2
5a93946f612081f5f4751cb4bd39c751616450a58a28b23f5046b92eb474b0ae
5b1e486565c6b3338c47dc529d68cb1606374282f31030910b24a0fd8ee48022
5f1ecf4f62c963756443e3c809ee1f0a288c682adbda32786a0798ac068bedb4
5f360a25b55e2f5bbbb1894a7bcec2795b66f0aad6d6063894c2591b824d86de
60842ce68e8aec8a9061c33dcd277ac48305e1e40111f4173e116a7881391fe3
6106b2e9f9edacec5706de53c2998a2c147fe1cec72b9fc860f34b069def8067
610c2f3b188e4a3a6fa82e838c555e393083ba706bcbceaab3f7176db1d7c5b2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af58ab3955ef342dcd3fd08af83a8c0dae3a82458d55eea542d7af0f931bc66
6eea93f4a19197851225d466b5609d3ae8101de7ca748227c69221eaad0d60db
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72e5bd3b305059f7054fedc7cd91cf44766d8ef021d02c893bf69ead906a28d7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
791b3a40f134436ca5287d36d57dc1a3484f0ca3fe7a9cf16ff2d8c603a47cff
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7aec7747c8d7328cc3d38c83f96f1ec380f11ae631b47c29b9263240cf7571d1
7b5e4bf73229b1a30dfc5611631c94fca060cf49df9d72ec01133ba16322cd83
7b9c8179e5a8bec9dba5ed353eae05022e7a80f9f3ad6bd620653fa584798a48
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80f777aa646fd9913d73105a90a336151d9a28142e87764e20ff4b3d9dce4ce2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834787ab97d63c18ac6455b79322cb127f2fb7fb98a9385994e3763d7efbc45a
8736d2c6e0a313b405c823a53824ef1585f5cf46552ddc189b45a0cb12a0d477
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1d9340eccc886f08b2f3b02675b424f45863321e53d7f04bf8b64ede36cc2a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d92c300bf2f684cee85ae0b63a52a1ff474f48ba6604a6714c05a2f9475bfb1
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed932d07bbb87676f4626f5e19a299964e3c308299b554a77b29d22a190605c
92bae191813192b0d6a8d3cb1ec6efc572e390f75c4af3f10fc07a1690171478
9316fdcdb37769689c4cbb6552ad3a4c0230ab436f7e09ae93f288e3244e722c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
976a2d91546df03ee644ccf1ba585a862f1376190ab939f9af0bc06285f1b1d6
9897adf24173c5ff8ae62f68d98df142fce17ad3fdbdd09198c71ee0c3e62c52
9a323ce0f71c5033a0a79500f77d2d772890cedbec53ebe9924472ab0bf8b2d6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e75af797016be7de1ca73ffe30677bf0324d286d2604e9a128808bfdbd2d295
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a14c7e70e74ef846c905e60a107b44d3f10a454f35e8d6c5a538d12cc14ed44f
a18cadbd30e5b1413e88af651a190ede8eeffaf24bb915cf25e4710a14a13894
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a76f0daf3bdce1b8d35b76abae9e45be5ea2c62e5be9fc5f594e6276133a8e64
aab6a19169d5e507a4e6bb5fb4d729566f92ce8a7494403ac79a898b6a8133f3
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
b02f1d465ce5fa29df5a067414b9aff8b1bc90ad1576199af0f74ce40c333e37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18500cbbbeaab27a9c5cb5be393f5668a7420831811cd7e27ba86b4137f1ce3
b4bc2e190ba0f6eb5ef4e1d56ee98b9739c3703ed08c9d67814c79898f40fdb6
b66a0b006a7085e67e75317da43b0b68569dfd2f7bea033798195cfdbfaa93ae
b99180d2ae8aa763d93c5c50da9ac3e600488cb1257148071b86960ec90d6c55
bd8a631186ec1ceab583f6a30b6e411ea13dd00d26024e319bc9c4a53ba769a5
be800dc012620d91cf2be9ae2b830eb2aff75ca9d2b0e428eba77a91956d53af
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf4b1f45d28a9e8414f7aa7060736e0f2964d3e487cc4748c3ee98b3886b3089
bf9cd51bdd8dea0f45d3b6b40395eb7c7a530ac23b191ae2adae0d320b2c8cd9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4851667915f50e3a0f7bc46326f0c18ed0fe28b16efa2d1ea639612382dce7c
c5d9f11f95196250f6797acef21bd147fe22a802940735d88ac2a7a9308247ac
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7
cc5f57a885200dd046baee4ebc817c449bee856d10fe2ada9ee2bc544d812211
cc8ec06bacb56ae9d0910e1397ae48be81aaa6a0ae333f0edf4316add5fe8ce7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3eb9619d310dd7606fb4bdb7b14970661ee3ae7458961d97800f0fcab359e5c
dc09db8e176e12a83a4f1b4b8bbcf4e130d51182cf6e66889d91f9e83e0040e8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd540130bb69bd28d6e1160cd8dd674e7fd25e19bbdd6307d5c3187aa7b8c6db
df6e4baf4a27a1faf3ab926ef934de3db9c44283422cb786a3b4eb16801574b2
e0c24819276a1c6f8a8cedc925e114763711b86e1adb3bf62e32d5175fb7c4f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4af02542d29d8863caeab7c3659d78094da6beb43502c751a10967f32cde3d0
e558b1defefd835e433bed35393b9d560a029a5e656a325d27840cc3d2587fe7
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ee6d3b54a9065c8ff1c55528d83a8b11aa932915d3004f3dab2c5355027bbf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f2f998bd4c7061cb0a1e3a01f1f5de7d4f42b2b959a026f544cdc6c7202e02bd
f324377940583ba7a0f81123404cc032334edf5ace8e9f5d58da1cc340e41027
f4a6a0179bc6c2ee0e86c04890484455cb1d63c3652a6a242d6e784f4ca5fa9a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fd14a8f83028ec0c6d4db5b50cec35d124c466efb8fa57a73aa278d747a3a4b0
fdcdb4e51d4e3d1e90364b2a888a701bce4ebc059f5e692993412992c6aba4f4
fdf7bdf767de4e3d075878639fbcf6dc30dd04b33390cbdbfee171fa9fba9a9a
fff051167b13153eed0be06ef97908bf9f48cfc7ef9b21e52899353ec3be3b2b