www.tvtime.com Open in urlscan Pro
143.204.98.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tvtime.com/en/show/349733
Submission: On February 23 via manual (February 23rd 2022, 5:46:04 am UTC) from US — Scanned from DE

Summary HTTP 250 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 83 IPs in 10 countries across 58 domains to perform 250 HTTP transactions. The main IP is 143.204.98.90, located in United States and belongs to AMAZON-02, US. The main domain is www.tvtime.com. The Cisco Umbrella rank of the primary domain is 523727.
TLS certificate: Issued by Amazon on March 27th 2021. Valid for: a year.

This is the only time www.tvtime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	143.204.98.90 143.204.98.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:792::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	143.204.101.146 143.204.101.146	16509 (AMAZON-02) (AMAZON-02)
2	143.204.101.167 143.204.101.167	16509 (AMAZON-02) (AMAZON-02)
2	143.204.101.80 143.204.101.80	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:7200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	54.191.222.20 54.191.222.20	16509 (AMAZON-02) (AMAZON-02)
1	141.95.99.211 141.95.99.211	16276 (OVH) (OVH)
2	44.225.168.153 44.225.168.153	16509 (AMAZON-02) (AMAZON-02)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
3	3.214.91.80 3.214.91.80	14618 (AMAZON-AES) (AMAZON-AES)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
1	3.68.254.3 3.68.254.3	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
1	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2 10	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2602:803:c004... 2602:803:c004:200::155	26667 (RUBICONPR...) (RUBICONPROJECT)
2	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1 5	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
6	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
8	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
39	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 7	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:ceb4:b945:274f:b273	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
6	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.64.190.80 185.64.190.80	() ()
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 2	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:4700::68... 2606:4700::6810:78c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.202.105.32 67.202.105.32	() ()
1	185.64.190.81 185.64.190.81	() ()
250	83

14 143.204.98.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-90.fra50.r.cloudfront.net

www.tvtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:792::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 143.204.101.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-146.fra50.r.cloudfront.net

dg31sz3gwrwan.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.167 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-167.fra50.r.cloudfront.net

d1zfszn0v5ya99.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-80.fra50.r.cloudfront.net

d36rlb2fgh8cjd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4adc (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.222.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-222-20.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.99.211 (France)

ASN16276 (OVH, FR)
PTR: ns3213278.ip-141-95-99.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.225.168.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-168-153.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ecs.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.254.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-254-3.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.29.132.242 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c004:200::155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:ceb4:b945:274f:b273 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.236 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.102.174 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:78c3 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.32 (None, )

ASN- ()

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 3678 s1.adform.net — Cisco Umbrella Rank: 7462 c1.adform.net — Cisco Umbrella Rank: 529	427 KB
23	cloudfront.net dg31sz3gwrwan.cloudfront.net d1zfszn0v5ya99.cloudfront.net d36rlb2fgh8cjd.cloudfront.net	872 KB
17	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 436 beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 13444 eus.rubiconproject.com — Cisco Umbrella Rank: 512 pixel.rubiconproject.com — Cisco Umbrella Rank: 288 token.rubiconproject.com — Cisco Umbrella Rank: 593	38 KB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	161 KB
15	mathtag.com 5 redirects tags.mathtag.com — Cisco Umbrella Rank: 2834 pixel.mathtag.com — Cisco Umbrella Rank: 1050 sync.mathtag.com — Cisco Umbrella Rank: 387	9 KB
15	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420 ads.pubmatic.com — Cisco Umbrella Rank: 429 image6.pubmatic.com — Cisco Umbrella Rank: 582 image2.pubmatic.com — Cisco Umbrella Rank: 752 simage2.pubmatic.com image4.pubmatic.com — Cisco Umbrella Rank: 738 simage4.pubmatic.com	37 KB
14	tvtime.com www.tvtime.com — Cisco Umbrella Rank: 523727	2 MB
12	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31122 hal900027.redintelligence.net — Cisco Umbrella Rank: 228737 hal900021.redintelligence.net — Cisco Umbrella Rank: 223109	15 KB
10	googlesyndication.com 89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	39 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	49 KB
6	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419 ads.yahoo.com — Cisco Umbrella Rank: 835	3 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	149 KB
6	proper.io global.proper.io — Cisco Umbrella Rank: 7964 usync.proper.io — Cisco Umbrella Rank: 4627 bids.proper.io — Cisco Umbrella Rank: 8554 eb.proper.io — Cisco Umbrella Rank: 10756	120 KB
5	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 547 secure.adnxs.com — Cisco Umbrella Rank: 350	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	41 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	199 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	14 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1400	1 KB
3	mantisadnetwork.com mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 10471 ecs.mantisadnetwork.com — Cisco Umbrella Rank: 18416	989 B
3	google.de www.google.de — Cisco Umbrella Rank: 6342 adservice.google.de — Cisco Umbrella Rank: 9027	1 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 829 pixel.quantserve.com — Cisco Umbrella Rank: 374	11 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2370 log.pinterest.com — Cisco Umbrella Rank: 3179	19 KB
2	tynt.com de.tynt.com	578 B
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 6010	415 B
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1178 mwzeom.zeotap.com — Cisco Umbrella Rank: 1486	899 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	847 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4441	637 B
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 5958	25 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	76 KB
2	openx.net propermedia-d.openx.net — Cisco Umbrella Rank: 11235 u.openx.net	469 B
2	33across.com ssc.33across.com — Cisco Umbrella Rank: 1312	529 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 493 cdn.id5-sync.com — Cisco Umbrella Rank: 1505	11 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1902	24 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 443	18 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 747	137 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 691	610 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 619	362 B
1	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2502	1 KB
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 46991	1 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 439	706 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1451	594 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595	17 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 427	350 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1093	113 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1196	170 B
1	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1568	158 B
1	rlcdn.com api.rlcdn.com Failed ats.rlcdn.com — Cisco Umbrella Rank: 1336	38 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	2 KB
1	wisepops.com loader.wisepops.com — Cisco Umbrella Rank: 11568
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2206	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	40 KB
0	omnitagjs.com Failed hb-api.omnitagjs.com Failed
0	freegeoip.net Failed freegeoip.net Failed
250	58

	Domain	Requested by
39	s1.adform.net	track.adform.net s1.adform.net www.tvtime.com
19	dg31sz3gwrwan.cloudfront.net	www.tvtime.com
14	www.tvtime.com	www.tvtime.com
10	tags.mathtag.com	2 redirects www.tvtime.com tags.mathtag.com
8	track.adform.net	hal900021.redintelligence.net hal900027.redintelligence.net s1.adform.net
8	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net www.tvtime.com www.googletagservices.com
7	cm.g.doubleclick.net	5 redirects www.tvtime.com
6	cdnjs.cloudflare.com	s1.adform.net
6	eus.rubiconproject.com	www.tvtime.com eus.rubiconproject.com global.proper.io
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	image2.pubmatic.com	ads.pubmatic.com
5	match.adsrvr.org	4 redirects www.tvtime.com
5	token.rubiconproject.com	5 redirects
5	hal900021.redintelligence.net	1 redirects www.tvtime.com hal900021.redintelligence.net
5	hal900027.redintelligence.net	1 redirects www.tvtime.com hal900027.redintelligence.net
4	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
4	connect.facebook.net	www.tvtime.com connect.facebook.net
4	www.facebook.com	www.tvtime.com
4	platform.twitter.com	www.tvtime.com platform.twitter.com
3	pixel.onaudience.com	3 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	pixel.rubiconproject.com	www.tvtime.com
3	sync.mathtag.com	3 redirects
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	ups.analytics.yahoo.com	3 redirects
3	www.google.com	www.tvtime.com tpc.googlesyndication.com
2	de.tynt.com	global.proper.io
2	pre.glotgrx.com	mantodea.mantisadnetwork.com
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	pixel.yabidos.com	mantodea.mantisadnetwork.com pixel.yabidos.com
2	secure.adnxs.com	1 redirects
2	ads.pubmatic.com	global.proper.io ads.pubmatic.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	pixel.mathtag.com	tags.mathtag.com
2	hal9000.redintelligence.net	www.tvtime.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	beacon-fra2.rubiconproject.com	www.tvtime.com
2	ib.adnxs.com	1 redirects global.proper.io
2	mantodea.mantisadnetwork.com	global.proper.io
2	ssc.33across.com	global.proper.io
2	bids.proper.io	global.proper.io
2	pixel.quantserve.com	1 redirects www.tvtime.com
2	www.google.de	www.tvtime.com
2	syndication.twitter.com	platform.twitter.com www.tvtime.com
2	script.4dex.io	global.proper.io script.4dex.io
2	cdn.cookielaw.org	www.tvtime.com cdn.cookielaw.org
2	static.xx.fbcdn.net	www.facebook.com
2	www.google-analytics.com	www.tvtime.com www.google-analytics.com
2	global.proper.io	www.tvtime.com global.proper.io
2	d36rlb2fgh8cjd.cloudfront.net	www.tvtime.com
2	d1zfszn0v5ya99.cloudfront.net	www.tvtime.com
2	assets.pinterest.com	www.tvtime.com assets.pinterest.com
2	fonts.googleapis.com	www.tvtime.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	u.openx.net	global.proper.io
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	ecs.mantisadnetwork.com	mantodea.mantisadnetwork.com
1	image6.pubmatic.com	ads.pubmatic.com
1	biddr.brealtime.com	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	cdn.contentspread.net	hal900027.redintelligence.net
1	px.ads.linkedin.com	www.tvtime.com
1	ads.yahoo.com	www.tvtime.com
1	log.pinterest.com
1	eb.proper.io	global.proper.io
1	89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	geo.privacymanager.io	ats.rlcdn.com
1	cdn.id5-sync.com	www.tvtime.com
1	secure.cdn.fastclick.net	www.tvtime.com
1	ats.rlcdn.com	www.tvtime.com
1	htlb.casalemedia.com	global.proper.io
1	fastlane.rubiconproject.com	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	hbopenbid.pubmatic.com	global.proper.io
1	btlr.sharethrough.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	hb.emxdgt.com	global.proper.io
1	id5-sync.com	global.proper.io
1	usync.proper.io	www.tvtime.com
1	rules.quantcount.com	secure.quantserve.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	secure.quantserve.com	global.proper.io
1	googleads.g.doubleclick.net	www.googleadservices.com
1	loader.wisepops.com	www.tvtime.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.mxpnl.com	www.tvtime.com
1	www.googletagmanager.com	www.tvtime.com
0	hb-api.omnitagjs.com Failed	global.proper.io
0	api.rlcdn.com Failed	global.proper.io
0	freegeoip.net Failed	www.tvtime.com
250	98

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
api.tvtime.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
*.tvtime.com Amazon	`2021-03-27` - `2022-04-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-07-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-28` - `2022-05-27`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-10` - `2023-02-09`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
contentspread.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.tvtime.com/en/show/349733
Frame ID: 2139044F85C45333CB3349C19A1166A0
Requests: 109 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Ftvtimeapp&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=112713088809883
Frame ID: 10063BEE9E4B3F86E9F62CEE3440FAA2
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.tvtime.com
Frame ID: 513F405C2918EA3FA1C3A1B5634A76FD
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.a58e82e150afc25eb5372dd55a98b778.en.html
Frame ID: AC3F9FD1B819623C4301C24937F76FE6
Requests: 2 HTTP requests in this frame

Frame: https://89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5565C172DB90C78218CEEE2C5CCCD432
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D276FBD18B19178B849629737EDFCCA2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4BA5010C0B50995A4B0082ABAA71D0C5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC6D6D718168E541BF0A29DEE78254DC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6TBHsjF3vPwXZWko1kgnEOx9ROl0joVP__9szWm8TLbaon-DlPtn3R1dny7A1FNKowaUN0Y36rIjnUwhbNPIZaNYd9JOmQwdbS3f-8s6QwNTGv9ML27384EXBXBh7WU_LI7-MwqlDgmUlUZ9rjsFuswYO_nLKihdxt5bfD5FQ6flZ3Lf0LAh6pezEcWkVDtyI4yL6zvqGaO7VySfbdFMCtHn1ByBdJsW108UiXy0v080mtvKad0LK6ygBNZTf6jbjpcwPvvDeAkpmgcuioZWMNPttlvBQPu7aDfSiFUWKN_jv4M7tDtcbq3l5O4aonA&sig=Cg0ArKJSzMeu8HRIqbQ3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B299DAF04F56AC920ED54A33092DA07C
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8h1_ipE2bbGLp8mOjkhfdBxVEGwGnQgkwNq1bcEtKB-yjm4dW3uWEqT-oRiuRQ3qZW03KHsG59PDFd42nvXM4I2DWI9JHUdrAakeoPa5Sz6DOcTXbSLYPSzhfzl6-bPFy5iaEu4oAkJ2C5pZNBrii5GIM-72TNvG2Jb5btshJ5KarIh1pvfvL3Do0rQw1qzJ7YstHz2OEfFfIjH6g7P6H5nMwITf_EJvDMuXDosF8MSBgQBGyjmix1Grqg_sSc1ebP3z2a6GfSLkMKuUBP04l7J6F6NioBzDYXogsjaexIQzk0GWSyF_-edI&sig=Cg0ArKJSzDSfIW6qCdwHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3593CB63B3F0AC1E00FD0C093DFF3DCE
Requests: 13 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70
Frame ID: 81E6608D05D75E0304354A4B63CEDC78
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1812F557AD57ADA630AC7F30A00AD332
Requests: 10 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
Frame ID: A7A4EA1DD2D59E1C273E11B57BFA5448
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F3A1CA76A09D80153C716291AACD3467
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10869934/10869934.js?ADFassetID=10869934&bv=259
Frame ID: E381FB9D130D08E89CAAE9D54B6BED59
Requests: 20 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10869921/10869921.js?ADFassetID=10869921&bv=259
Frame ID: F27D3A1E019C7D6C34C5CF7A1BD4D52F
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 22CFA30A75E68231577C78AA7544EF98
Requests: 2 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1645595157432&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733
Frame ID: 54F77E460AD9A60D37A98023D7EC4620
Requests: 6 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 695E53CF0395C738076AB6EA4451F998
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 06F333B163B3E6E75FEE7DBA6E59AE55
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 096BF04644880F8711A24994EAB1B633
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0C723088-EE8F-46F2-A48C-E43C8DE069E3
Frame ID: 181A39BBF2C4057BDD88F05171042EE6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9C73110505FC2BD2479725BCDD95146F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2405484865958646783
Frame ID: 501B394E636C48682D664C864B7E3C6F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:792e6215-ca16-4e01-bd5b-a86c4f12199f&gdpr=0&gdpr_consent=
Frame ID: A429260D353DA4B115816BFE3992EC92
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A42B321442E5D33B65564A323321AD56
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=a8W4cCPASr6Rr8aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: C6A51542DA34B40DF825983A38E20CA4
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bawBEYPASr6Rr8aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 57D2E3BB110A4B08CBCB020CA1F62B9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TV Time - Yarichin Bitch Club (TVShow Time)

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mixpanel (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mxpnl\.com/libs/mixpanel\-([0-9.]+)\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

250
Requests

89 %
HTTPS

34 %
IPv6

58
Domains

98
Subdomains

83
IPs

10
Countries

4248 kB
Transfer

10014 kB
Size

63
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/app/tvshow-time-guide-tv-2.0-pour/id431065232?mt=8
Title: iPhone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.tozelabs.tvshowtime
Title: Android

Search URL Search Domain Scan URL

URL: https://api.tvtime.com/doc
Title: Developers

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_59cc96ba_f1e69e9e_1 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_59cc96ba_f1e69e9e_1&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nkiom1FE2uEz6A4iHsJ6NNaEflZ1LTH8~A

Request Chain 124

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTc5MDkwMDYzNDc1MzYyMzQvOTk2NjQ2MS8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQVlMQXp6VXdRM01FSEkxcDVmdUZmRkkvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU3OTA5MDA2MzQ3NTM2MjM0L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/f4bg-PXEJQt_6sUg5ZaJFvQeros&nodeid=128&group=cdg&auctionid=6257909006347536234&shardkey=6257909006347536234&sid=10497469&cid=9966461&price=BA519A61F5431FB3&bp=a_cagefj&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.132.67 HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=6257909006347536234&node_id=128&exch_id=9

Request Chain 129

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NTIwNjU5OTcxMzM4NDIyNjkvOTk2NjQ1Ny8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWRMZ0c4cU5mbURJRzQ2NEVrdU5IbmsvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTUyMDY1OTk3MTMzODQyMjY5L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/s4utssgAiIykMA8SIeJkY_KJan8&nodeid=128&group=cdg&auctionid=3952065997133842269&shardkey=3952065997133842269&sid=10497469&cid=9966457&price=BA519A61F5431FB3&bp=a_cagefj&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.133.165 HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=3952065997133842269&node_id=128&exch_id=9

Request Chain 139

https://hal900027.redintelligence.net/request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D13bf0f3be58699ec6040f72408d4771dc16dc934_2%26mt_aid%3D6257909006347536234%26mt_id%3D9966461%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_cid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=2316538407449&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D13bf0f3be58699ec6040f72408d4771dc16dc934_2%26mt_aid%3D6257909006347536234%26mt_id%3D9966461%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_cid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=2316538407449&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 140

https://hal900021.redintelligence.net/request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Df22deea18188ad72f3f4139c5daf2335f0cb6c1f_10%26mt_aid%3D3952065997133842269%26mt_id%3D9966457%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_cid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=3148391457493&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Df22deea18188ad72f3f4139c5daf2335f0cb6c1f_10%26mt_aid%3D3952065997133842269%26mt_id%3D9966457%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_cid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=3148391457493&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 158

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=792e6215-ca16-4e01-bd5b-a86c4f12199f&expires=28

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBI4k10Db-2oCjuBzV6fghs&google_cver=1

Request Chain 160

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk3NTg1ODMyMjdhM2Q4NTc5ZjYwOWY4MjJkZTgwOGQxZWUwYzlmYQ

Request Chain 162

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/rVCj5BwBaFZAQyvLuCBo48n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5947777547472078485

Request Chain 163

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZZ4VA3T-1F-5LO4&sigv=1&esig=2~3062b4012ed0d3409c4fb107044a8c95f07a133d

Request Chain 164

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZZ4VA3T-1F-5LO4

Request Chain 165

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1paNFZBM1QtMUYtNUxPNA==

Request Chain 228

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 231

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=de3d236c-4f0f-4696-b828-aeeaebdc5e56

Request Chain 234

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2405484865958646783

Request Chain 235

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:792e6215-ca16-4e01-bd5b-a86c4f12199f&gdpr=0&gdpr_consent=

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DHIwiO6PRvKkjOQ8jeBp4w%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 237

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=792e6215-ca16-4e01-bd5b-a86c4f12199f

Request Chain 238

https://pixel.onaudience.com/?partner=214&mapped=0C723088-EE8F-46F2-A48C-E43C8DE069E3 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a5926eab68da785c6ddcc62638ef7f5d HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=de3d236c-4f0f-4696-b828-aeeaebdc5e56&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=b5f6b50b5963223a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=46462181-1774-46d3-4ea8-80d80ee7520a&reqId=39ce46b6-51be-44a2-649b-1c7f5c1a4766&zcluid=b5f6b50b5963223a&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEC2Th-b8uoFfFfJcAKuCtxU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=46462181-1774-46d3-4ea8-80d80ee7520a&reqId=39ce46b6-51be-44a2-649b-1c7f5c1a4766&zcluid=b5f6b50b5963223a&zdid=1332

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEM3MjMwODgtRUU4Ri00NkYyLUE0OEMtRTQzQzhERTA2OUUz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOp8FVBWsgi4HwiDq2LBWZQ&google_cver=1

Request Chain 242

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=482137815745959614

Request Chain 243

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de3d236c-4f0f-4696-b828-aeeaebdc5e56

Request Chain 244

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8864459094538754415&gdpr=0&gdpr_consent=

Request Chain 246

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C723088-EE8F-46F2-A48C-E43C8DE069E3&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQ5QSthE2uXGJbN7D.S65rlIK0.mpjE-~A&gdpr=0&gdpr_consent=

Request Chain 247

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f

250 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 349733 Show response
www.tvtime.com/en/show/ 668 KB
53 KB 185ms
157ms Document
text/html 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 / PHP/7.1.16
Resource Hash: 11d98050ed2be5fd5c42107e3e8d65f6cd3eaa8879e409112aca31293e634822

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
date: Wed, 23 Feb 2022 05:45:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.12.1
vary: Accept-Encoding
x-powered-by: PHP/7.1.16
x-cache: Miss from cloudfront
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _KMVtHcbIyeGswMrDR2ASKfcK87siRNrWxrg2XrpoD8ifZlHrBcllg==

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 43ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 05:45:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Feb 2022 05:45:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Feb 2022 05:45:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
653 B 45ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:100,300

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d2199a7d5a740df8e1137d1db0cfed24ff99ea858821e69e821f485a1a4ebd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 05:45:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Feb 2022 05:45:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Feb 2022 05:45:56 GMT

GET
H2 200 tvst.css
www.tvtime.com/css/dist/ 805 KB
192 KB 57ms
57ms Stylesheet
text/css 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5b707bb6515cf5dc4dc2fb9ed44ed533b2352fc906a365f75e915615a5b1b57f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/en/show/349733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 18:30:27 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: W/"6127ddc3-c93f5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-id: Fpu7NHKWvAvW0_1hOCT-xHrEAaHfLsFtOvMgZKL12i7llENfeaz58Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-861548560

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03e6445e3e31fa3f777b447340fdd92b8beb568d747c6e15d3c6eb440528561c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40724
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 66ms
7ms Script
application/javascript 2a02:26f0:1700:792::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:792::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=253
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H2 200 logo_flat.png
www.tvtime.com/images/ 1 KB
2 KB 61ms
57ms Image
image/png 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tvtime.com/images/logo_flat.png
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: c51189387f1a4ec32b591117423a65b4aa5c8dedf0c7a0519114f231308a0274

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/en/show/349733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd94-5d6"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1494
x-amz-cf-id: HztEp1H9xevt5OUg7fbaL6qrY067V48GCs3fMEHJzD3DOYr4Y_iwEw==

GET
H2 200 1306535-0-q80.jpg
dg31sz3gwrwan.cloudfront.net/fanart/349733/ 456 KB
456 KB 43ms
12ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/fanart/349733/1306535-0-q80.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1478433df02b4701950979708f8f7b8c85f18a3236395f60bb36ca80eff7c3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:45:31 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Wed, 12 Sep 2018 04:07:58 GMT
server: AmazonS3
age: 3798027
etag: "b5e139878118c0ce9d852a63d3204ab4"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 466504
x-amz-cf-id: WzKzhHmxEyT7Sz9VzUb3_uZELWAIMuh7nu5mPqKZ_LWo8FE80DG6eA==

GET
H2 200 5fe4fab0dac35_square.png
d1zfszn0v5ya99.cloudfront.net/user/596057/profile_picture/ 36 KB
36 KB 49ms
11ms Image
image/png 143.204.101.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zfszn0v5ya99.cloudfront.net/user/596057/profile_picture/5fe4fab0dac35_square.png
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-167.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 615367065b24c704359c4f13d0d6d3605329a3e022100613bbc12578ecee4009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:14:03 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified: Thu, 24 Dec 2020 20:31:45 GMT
server: AmazonS3
age: 495115
etag: "b81e1b31d01063e552dbde2e1ad1b4d1"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 36506
x-amz-cf-id: CXomvg_gY7nVYHMdcab2JEOas1FyWqYqmlvY0Ljiv7VRA-5SR2Oerw==

GET
H2 200 5577a03ca3db3_square.png
d1zfszn0v5ya99.cloudfront.net/user/741965/profile_picture/ 7 KB
7 KB 50ms
11ms Image
image/png 143.204.101.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1zfszn0v5ya99.cloudfront.net/user/741965/profile_picture/5577a03ca3db3_square.png
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-167.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 948506d80db69c98bc40e9bc38fddd4af0535fea4527ca99655a1bee449dcb17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 09:47:21 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jun 2015 02:26:03 GMT
server: AmazonS3
age: 1108717
etag: "f607960b521f1c029480e526ffad66b6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=300000000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7060
x-amz-cf-id: BFIUm9p1tgh3KsrljUkowtX56yinELM7XFSi61s6pQg8QYTJZTJw1A==

GET
H2 200 default-user-q80.png
d36rlb2fgh8cjd.cloudfront.net/default-images/ 1 KB
2 KB 39ms
7ms Image
image/png 143.204.101.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d36rlb2fgh8cjd.cloudfront.net/default-images/default-user-q80.png
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-80.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1d6f55bca06713c9dce94c9ae70aef1fdfcfcdf4ceccd3c6b3b4e38435c2a6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:53 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 21 Nov 2014 12:28:27 GMT
server: AmazonS3
age: 51182
etag: "f30d9c7e7e05ab51c87c030cd688fcf2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1312
x-amz-cf-id: 1kPWPry4vAxzV8Rw-heGfsCjjmCooYtZK-XiPsHaCJrpNgBTJzYuXw==

GET
H2 200 1.png
d36rlb2fgh8cjd.cloudfront.net/default-images/web/poster-340x500/ 1 KB
2 KB 39ms
8ms Image
image/png 143.204.101.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d36rlb2fgh8cjd.cloudfront.net/default-images/web/poster-340x500/1.png
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-80.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcfe9a2c74d661abc8e036611c9494832dadc3cc8d84f0955cc819f0f9ee2fc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 04:14:40 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 21 Nov 2014 12:26:36 GMT
server: AmazonS3
age: 8538
etag: "8b66b2ce5f964363b9e1edfc0a69db2a"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1386
x-amz-cf-id: kxv3VY-4_jysnhOZoeIYCotsyXRUIDlaY59j_TheDugFWclOzgJZ1g==

GET
H2 200 501992_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 24 KB
25 KB 43ms
12ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501992_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dda60acfd9c6477bceaae0e2cc73b020d932e6340d72656ab4543dffe4e869f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 06:14:03 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:11:15 GMT
server: AmazonS3
age: 27127915
etag: "21eb4f01aa8db75c1f6f951d7f327798"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25047
x-amz-cf-id: RaXC92_vCn_c5UvN7kUrhPYCo0_mbi9vFiZ8UefdnRFUgtrZu5spBg==

GET
H2 200 501986_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 19 KB
19 KB 48ms
17ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501986_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f525fe15e873a25f549e7dd8290229a105bf98874d4f0834a8dbf52b7e69a27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:05:57 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:11:11 GMT
server: AmazonS3
age: 25159201
etag: "5e099c1b16205d24279eca6568d36200"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19191
x-amz-cf-id: j1KdGOrU2bowh7atKs3rp8u_BjORXlkiDJ34fFdbamQwdJk8UfEe3w==

GET
H2 200 501976_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 18 KB
18 KB 73ms
43ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501976_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3e7e291ebeaccaeb1039cbf095aef68afbe61194559c872e00404de99e9c340

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:49:18 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:10:50 GMT
server: AmazonS3
age: 27259000
etag: "e8a3ac58b4a02ee56e9b1b9e64b1a7c6"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18319
x-amz-cf-id: SZwj_3d38O9z7bminv6AFj-pWmBO8CpM464AD9rFJNY60I0v8OVoVw==

GET
H2 200 501989_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 22 KB
23 KB 40ms
38ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501989_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fd6ba2e98f8a8bc973662bf1a030f2de722b23928f017f487f6740fdee5e430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 05:28:27 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:11:13 GMT
server: AmazonS3
age: 15034651
etag: "8f46063300456ada2dd082c4ded3cd95"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22942
x-amz-cf-id: aNZhRmHC-uIS9svnsC1-6EjVLuHJKc03z7cdQvR5vGNqEd9DFqJ4qg==

GET
H2 200 501977_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 17 KB
18 KB 46ms
44ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501977_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581453ce7edb9b2d133d36cd0b29b79d57b0cee5d53b43e39ca788c9640fbd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:25:31 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:10:53 GMT
server: AmazonS3
age: 13285227
etag: "e8b03d459db05357676237db5da28581"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17677
x-amz-cf-id: RqkCY_KU57GCEf6mbC9sn1qf-Mgw_cfTU_-_yhYN2Cqqby4AoGdO8Q==

GET
H2 200 501980_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 21 KB
22 KB 42ms
40ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501980_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 543ece6e4901ea299f3a7ead38cbe2908f679ae3ff123a28f32577b86e3d6f39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 20:07:17 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:10:57 GMT
server: AmazonS3
age: 25954721
etag: "9d9288a38a0dcffb0f9eea5f95994dbc"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21983
x-amz-cf-id: IHQuwi-mMbaqdmMEUBiBKtIdSOfTJoYeCoAi09oSItxYRALMqFNC9g==

GET
H2 200 65192258_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 24 KB
25 KB 39ms
37ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192258_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20073d3b83a0d0e26dc71bf49988f4cecaa40e3f66a2358877764513e3033045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 21:51:51 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:09:24 GMT
server: AmazonS3
age: 7113247
etag: "ee5c45beefb81bc022f6aefeb7f88620"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25027
x-amz-cf-id: uZbT9hbXrf2NHlZ_3SFF_2oVr-Mpr_zIUm7PhuH7uHPZyQUayafCVQ==

GET
H2 200 501978_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 20 KB
21 KB 42ms
40ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501978_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0419e8e6c5398c3599ea98c6b6a1dc2919f95f1af6ec63654cc62264264bb6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:35:25 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:10:55 GMT
server: AmazonS3
age: 7845033
etag: "508e9d95ab9cbbec3be1e01a4d7d457f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20604
x-amz-cf-id: PhlZPjF7r4mIQvk6NAsmWip68HYjVmApPKxh6qp6XPDHdt2U_pgfEA==

GET
H2 200 501984_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 20 KB
21 KB 40ms
39ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501984_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33f6c6e743cbc5444bedbb99152441ebd2729495114d5eff3593b9c13811b8cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 05 May 2021 20:49:26 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:11:06 GMT
server: AmazonS3
age: 25347392
etag: "71ba364a2aff8321d41e841285986fc0"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20818
x-amz-cf-id: szXi4l3aoy_mI8qGqfjITkoAvYf8yRvulYLpeY4ULtdvKhc3nqxdxA==

GET
H2 200 501982_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 19 KB
19 KB 44ms
43ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/501982_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65cbca409642e3effb1bfeba050af809de87a8ff167e4fb2ddebe7784e6ca3d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 08 May 2021 12:15:57 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Thu, 13 Sep 2018 02:11:01 GMT
server: AmazonS3
age: 25119001
etag: "e1237bec6cf599e8018bf0c56aae64a3"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19063
x-amz-cf-id: PhI1yJhjR5NMOWWV84wdBd9kd89gaHdqnutdvNvIe8mPxivqhhJ16w==

GET
H2 200 65192245_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 19 KB
19 KB 43ms
41ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192245_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 077be1a538d3ddc35aa0c3280a86d7e474287649d0cd5e31f5e33c48588f851c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 05:56:51 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:09:14 GMT
server: AmazonS3
age: 15205747
etag: "f666303e16121d9c2e375cd5817580c5"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19180
x-amz-cf-id: 5DfCAU68rdbuKBCxFHsQagEoGb4GidhklXBwRNdxYsUjW9_DIADV-w==

GET
H2 200 65192224_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 21 KB
22 KB 43ms
41ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192224_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 543ece6e4901ea299f3a7ead38cbe2908f679ae3ff123a28f32577b86e3d6f39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:37:12 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:09:00 GMT
server: AmazonS3
age: 15098926
etag: "9d9288a38a0dcffb0f9eea5f95994dbc"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21983
x-amz-cf-id: _4eZwtwFSNjf6Ek_kb4bl_nURaMkwC309BOHZkhaw6x-0dxLVdfaDg==

GET
H2 200 65192252_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 22 KB
23 KB 43ms
42ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192252_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ada374028a0ff4c4ae3a21c26f8162948dac7de70a2c1016540969f5a66cb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 00:38:32 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:09:19 GMT
server: AmazonS3
age: 12287246
etag: "26858ce1369c1c7e6b42b794f57990f3"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22944
x-amz-cf-id: 2Rngzz2xG5xJkdJKhD1N5xkbAUlg4PYn0rtgbKVeTiai6mwMiMIqyQ==

GET
H2 200 65192213_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 17 KB
18 KB 46ms
44ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192213_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8581453ce7edb9b2d133d36cd0b29b79d57b0cee5d53b43e39ca788c9640fbd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 11:57:30 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:08:50 GMT
server: AmazonS3
age: 29612908
etag: "e8b03d459db05357676237db5da28581"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17677
x-amz-cf-id: SeQM9RqgJf2s_TF8fUeFsiqmorVUom0A4Y0GzuqXzG7TNLXwrdhx9w==

GET
H2 200 65192210_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 18 KB
18 KB 44ms
42ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192210_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3e7e291ebeaccaeb1039cbf095aef68afbe61194559c872e00404de99e9c340

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 02:19:07 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:08:46 GMT
server: AmazonS3
age: 15305211
etag: "e8a3ac58b4a02ee56e9b1b9e64b1a7c6"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18319
x-amz-cf-id: yygTbXoAqlLGBn5tORMrYEGBcBmDuhd_JU9WdrzpG3Ge94ByIf3tiw==

GET
H2 200 65192240_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 20 KB
21 KB 44ms
43ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192240_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b0cbebff1ef62a58b3daf88d516f52ee55ea37f8eff3fba9c14ff65723d22ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 05:56:51 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:09:09 GMT
server: AmazonS3
age: 15205747
etag: "355ea9c195725b815d29b1cd5a64d5e4"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20851
x-amz-cf-id: NsONJCNNVnWYYK_f7Ju2ZsLceP7gOupdqZAA6UAgJFQtdevAigR73w==

GET
H2 200 65192217_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 20 KB
21 KB 45ms
43ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192217_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0419e8e6c5398c3599ea98c6b6a1dc2919f95f1af6ec63654cc62264264bb6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 20:07:18 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:08:55 GMT
server: AmazonS3
age: 25954720
etag: "508e9d95ab9cbbec3be1e01a4d7d457f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20604
x-amz-cf-id: H9HE83tvWw5KoWZAjqv31u72JraZWWSXoDVNDHXCLX22eDrXCScbOg==

GET
H2 200 65192231_medium-optimized-2.jpg
dg31sz3gwrwan.cloudfront.net/actor/349733/ 19 KB
19 KB 46ms
45ms Image
image/jpeg 143.204.101.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dg31sz3gwrwan.cloudfront.net/actor/349733/65192231_medium-optimized-2.jpg
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-146.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fea60cc1794d3366484285282592f50bf0aff5833d71b73bcf5d0ac3ec6168c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:43:11 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 05:09:05 GMT
server: AmazonS3
age: 7858967
etag: "3897b19f91211769586940e71c862f2b"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19085
x-amz-cf-id: 8_SLi5WSXGHLq9AJ_6NMLDbkFSlheage6TPvKLgoqnCBjBQm8vxObg==

GET
H2 200 tvtime.min.js Show response
global.proper.io/ 15 KB
5 KB 90ms
28ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/tvtime.min.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c35da4b2e9e8c78c43edec68b3773e4daa361cfe93701e6517b9646303ff63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 18:42:52 GMT
server: cloudflare
age: 8938981
etag: W/"618d642c-3b5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6e1e26a45f3259cb-MXP
expires: Wed, 23 Feb 2022 05:50:57 GMT

GET
H2 200 require.js Show response
www.tvtime.com/assets/vendor/requirejs/ 84 KB
26 KB 59ms
59ms Script
application/javascript 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/assets/vendor/requirejs/require.js?v=4.7.13
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: e5b715d969285fe4e4c359a8ca2089b210eee5c07797a3515a98296c5d2644d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/en/show/349733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 18:29:39 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: W/"6127dd93-150f6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
content-length: 26009
x-amz-cf-id: 7HAagdvj0lHp1IsWm57v6fRsBYFssReC52h_wUwHDQUxlrOKL4-fEQ==

GET
H2 200 config.js Show response
www.tvtime.com/js/dist/ 6 KB
2 KB 34ms
34ms Script
application/javascript 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/js/dist/config.js?v=4.7.13
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ac0133ff39a6a449506b6e8fa599b61afe2fd3d473d83b19ef586f3d5cc6a301

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/en/show/349733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 18:31:20 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: W/"6127ddf8-1910"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
content-length: 2027
x-amz-cf-id: b346xMED5kYX4lItb76ZWW-bxDBHXvvbO2MoP8b2bPYvTwth2-o6ow==

GET
H2 200 app.js Show response
www.tvtime.com/js/dist/ 1 MB
382 KB 58ms
58ms Script
application/javascript 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/js/dist/app.js?v=4.7.13
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9c8595b02e0cb40d2d282a45f7a849f6a2f31688f1c8166bfcb4c3e329736255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/en/show/349733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 18:31:17 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: W/"6127ddf5-114853"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-id: A3l20Q3WdQTanE4g_kSPf50ccmaaBf0ZUY6pTGnrvMDe-yE5MGW1aA==

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 27ms
7ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 18:46:17 GMT
etag: "f7f936f48944db7f829585c4368f33ae+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=1800
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 29178
tw-cdn: FT
x-served-by: cache-iad-kcgs7200104-IAD, cache-fra19163-FRA

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 1006 31 KB
14 KB 84ms
67ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Ftvtimeapp&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=112713088809883

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ffdb01be57b024face588ccc50e34db95fad37cb8ca590a739fb80255c872bd5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: KLN6c9CMCkbQpE8XDSud1usHLlHYwRZ0kehl9OdBJFY9OIm4gHna9XAAbL026UPxQOStD1FN2ou1YgIyWOBE/Q==
date: Wed, 23 Feb 2022 05:45:57 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 tvst-icons.woff
www.tvtime.com/fonts/tvst-icons/ 16 KB
16 KB 61ms
61ms Font
application/font-woff 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/fonts/tvst-icons/tvst-icons.woff?-d0mbwu
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 6b75db5a4ebea409d8fc5247d6788fbc020ad11072b15f12e2ae17c6bebf7cd3

Request headers

Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:39 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd93-3fac"
x-cache: Miss from cloudfront
content-type: application/font-woff
accept-ranges: bytes
content-length: 16300
x-amz-cf-id: oxXsvesrqsfYymAOxd1ttlCC8bsZQV8eg-beS5A_2kPQt1i5uMnrLg==

GET
H2 200 ProximaNova-Reg.otf
www.tvtime.com/fonts/ 92 KB
93 KB 63ms
62ms Font
application/octet-stream 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/fonts/ProximaNova-Reg.otf
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Request headers

Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:39 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd93-171cc"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 94668
x-amz-cf-id: n0TJR8MYPf6W8FMrZGOTJbtsWGMHU9HZoB7zFzWVaO1lu8sssP7Kcg==

GET
H2 200 ProximaNova-Bold.otf
www.tvtime.com/fonts/ 94 KB
95 KB 61ms
60ms Font
application/octet-stream 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/fonts/ProximaNova-Bold.otf
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644

Request headers

Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:39 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd93-17980"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 96640
x-amz-cf-id: Fr8HEO-YjR2lOxmBgdiFAc6O9APO7cEh4Y6_rbMnykgaujmImtb7xw==

GET
H2 200 ProximaNova-Sbold.otf
www.tvtime.com/fonts/ 90 KB
91 KB 57ms
56ms Font
application/octet-stream 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/fonts/ProximaNova-Sbold.otf
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d

Request headers

Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:39 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd93-16700"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 91904
x-amz-cf-id: 7gbJTZYNJ4ISYzIhHYeRv34bomp7q3LHxlGLkwFyZfHKTjk1SJBpGw==

GET
H2 200 fontawesome-webfont.woff2
www.tvtime.com/css/fonts/ 70 KB
71 KB 66ms
65ms Font
application/octet-stream 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/css/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:30:26 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127ddc2-118d8"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 71896
x-amz-cf-id: DQBFFMI96OsnLRGF46D9hFhAN-LLLoPu_JXeubmFz87A44aJ3wnkqw==

GET
H2 200 ProximaNova-Xbold.otf
www.tvtime.com/fonts/ 94 KB
94 KB 56ms
55ms Font
application/octet-stream 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/fonts/ProximaNova-Xbold.otf
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b26d47814ff285c8b1107fc253643c0096ae248a516faac672a5467d5b9367b8

Request headers

Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:39 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd93-176fc"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 95996
x-amz-cf-id: G9jEUrjoJVkg0f5lESvNugP3_jB3qNg8IQgFj5_6-PlDXS13VsikfQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1969bbf3e63dc602bd011ef8e2cef3cdb08de43fa342a63b05886a5498b008b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ODB3TrtxA2oae4EpDC2Orw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 23 Feb 2022 05:48:51 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 6/T/Baf7Rj7Bh0MSwDz/7p4BLhAWhTNzJYN8Q2b7mDunHwKLl/EjIgCqljy3+UOHKPoyJjHXtomTJmPpBQGWrg==
x-fb-trip-id: 2050670934
x-fb-content-md5: fe3a49c7ae1cc88e90f0e381d6b5a4b5
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 23 Feb 2022 05:45:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "74af82069500286aedbc5887bd129c62"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 mixpanel-2.2.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 28ms
7ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2.2.min.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:41:46 GMT
content-encoding: gzip
age: 251
x-guploader-uploadid: ADPycdu955qw2kozU3DO7Cx8gFfDY4HMXRil1k0NheNavfOVnJouvClW8z4t4RXWu5VSqofuUHnIgyT4lNHBiJfF_jq1igJqaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:22:00 GMT
server: UploadServer
etag: "bea784dce86d30e1f2e59387f85cccb6"
vary: Accept-Encoding
x-goog-hash: crc32c=OghQVA==, md5=vqeE3OhtMOHy5ZOH+FzMtg==
x-goog-generation: 1645129320773308
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 23 Feb 2022 05:51:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6065
date: Wed, 23 Feb 2022 04:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Feb 2022 06:04:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: zlaB/C91JETh+buWgNyTdtPRbOMg/OY+ye/5Of8unlAwg/yTuPzM1mUdEeG90oD1NGe7ybP/R2WzVEPmAAYtwg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Wed, 23 Feb 2022 05:45:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 63ms
39ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-861548560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:792::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.3018542438782097
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:792::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=253
accept-ranges: bytes
content-length: 18679
access-control-expose-headers: X-CDN

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 1006 400 B
817 B 7ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Ftvtimeapp&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=112713088809883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: lwKVVCTnh9GWS0BWVpnFTkXrEofjsWRf6LfafGoXwjvA9wV3yv9+joWkWPB53ZTI309DkTX7lKMW4RyugTUO+Q==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 15 Feb 2023 17:07:11 GMT

GET
H3 200 SkN1VM23VLH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y-/l/de_DE/ Frame 1006 521 KB
136 KB 17ms
7ms XHR
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y-/l/de_DE/SkN1VM23VLH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dae3d45394340306f805d6cd86fc1981c1a378308e37910f3f242157f0abb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WpfbaLoo+hyr4GnolJQPRg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139203
x-fb-rlafr: 0
x-fb-debug: icMIrOmLbg9Hegu0rNePRoK9cfiBBQyQDCXvhuUIOFJQ592oYKtQKlmGDb6plJIARBr/ozM5mAcXp+rvOhbwDw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Feb 2023 01:51:01 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 446 KB
113 KB 43ms
43ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/tvtime.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jan 2022 20:36:58 GMT
server: cloudflare
age: 2880615
etag: W/"61e8766a-6f913"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6e1e26a4d80959cb-MXP
expires: Wed, 23 Feb 2022 05:50:57 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 295 KB
83 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=917e335050faf43b0bf53e1ae63acc02

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e86554c02068026afed3e389ad0fce9f4624bdb31d3d9e144ae1b33d9e1ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tvtime.com/
Origin: https://www.tvtime.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /KLJKjwxtVeof4uCk9kh2w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 23 Feb 2023 05:11:06 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 85150
x-fb-rlafr: 0
x-fb-debug: 6Qe7r7t5zpq6/cKVHEElO8vb6qhcL8DqcZR6t8rZlIxUku2DE3ZO7YhjtRXqDInCEoabkqE/nGLWcuY+da5Tcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1a2390577affc8c610a6ccaffff43031
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Feb 2022 05:45:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7895000bed7b63b4dc12ed0ec1d25bd9"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 404 get-loader.js
loader.wisepops.com/ 0
0 77ms
29ms Script
text/javascript 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&user_id=32573
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 439
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg375JoyMIv%2F8HhegvAXjGx1vT16kgKPFBfXcCeACipu92sr3lPlSxLUe0CmXEzMGQZQwiUVWEwFgSpf7bFWVWpJPm6aLQ0Tvq0ySXbSfuUW3lR3XAtcMySYAT08fijEcmdO1XvhpwFIDfYIrlB7f3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-cloud-trace-context: e07e32d084f5a9959b8456a2a473013a
cache-control: private, max-age=1800
cf-ray: 6e1e26a57ac23746-MXP

GET
H2 200 widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 513F 319 KB
103 KB 7ms
6ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.tvtime.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

last-modified: Wed, 16 Feb 2022 18:36:30 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Wed, 23 Feb 2022 05:45:57 GMT
x-served-by: cache-iad-kjyo7100122-IAD, cache-fra19163-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105433

GET
H2 200 00458fad-ad04-4df6-ae16-31d8997f9df1.js Show response
cdn.cookielaw.org/consent/ 50 KB
11 KB 57ms
22ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/00458fad-ad04-4df6-ae16-31d8997f9df1.js?_=1645595157286

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/js/dist/app.js?v=4.7.13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f9e216f32c0675a309f3e49b987b2b460587793d7699348e3ca7485b61e4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VOhqFWwikwtLDwYaahcxmw==
age: 7121
vary: Accept-Encoding
content-length: 11063
x-ms-lease-status: unlocked
last-modified: Fri, 03 Aug 2018 01:33:16 GMT
server: cloudflare
etag: 0x8D5F8E1165EC721
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bb79f6cc-b01e-0066-7415-b66abc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e1e26a57d3c3745-MXP
expires: Wed, 23 Feb 2022 09:45:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 34ms
16ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=382655879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ul=en-us&de=UTF-8&dt=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1336979672&gjid=1487543555&cid=1783998764.1645595157&tid=UA-30156008-2&_gid=1069828098.1645595157&_r=1&_slc=1&z=2123467834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tvtime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 261509224311038 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 228ms
219ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261509224311038?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbedd6cc7e5077c4e1b6c460c6e06348d5d2a5f6a056ae2f88fbb2b06470c3f2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pnGEnnOgyWpZbWaJoioAoQjP0FXvjv+x20f5PDuedJ8t8beKYTWMHf0ZpJoqaJF/wACE7T5532ikSlj7HUJ6fw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 23 Feb 2022 05:45:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
freegeoip.net/json/ 0
0

GET
H2 200 show.js Show response
www.tvtime.com/js/dist/pages/ 1 MB
375 KB 61ms
60ms Script
application/javascript 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tvtime.com/js/dist/pages/show.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/assets/vendor/requirejs/require.js?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 6f28245321d3c1da50c5e9064b0f8d565e2cc0177070f78e8c1d71b6201ab7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/en/show/349733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 18:32:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: W/"6127de32-114c17"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-id: OUhOtoLw82rcqPRaTo35L_IV1YGXg66FoC2OZ2Ps1YFs8OW30TE0Og==

GET
H2 200 flags.png
www.tvtime.com/images/ 106 KB
107 KB 63ms
62ms Image
image/png 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tvtime.com/images/flags.png
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 579a84d44cc8413de46ef46fb39bbe475bb57314edd7db4eba2e9f308e572b45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/css/dist/tvst.css?v=4.7.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 18:29:40 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA50-C1
etag: "6127dd94-1a7e8"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 108520
x-amz-cf-id: aLHhLScgvIsYfKbytYz2OWpGH7m9mJbJCP-Sh1A9qp0BxWjaX1m0pw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861548560/ 2 KB
2 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861548560/?random=1645595157404&cv=9&fst=1645595157404&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&tiba=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d4ec1926e1cbf1189f9ef27018f63ba31a996fdaeac062c28b749080eecf91d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 32ms
8ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 02 Mar 2022 05:45:57 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
943 B 76ms
24ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 807456
x-amz-request-id: tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2: tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified: Sun, 13 Feb 2022 21:27:35 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGtdvXsOJo9Xnubefygg83zVwTrS1DwHpMfoKwcmAnP20CN9B0%2Fx9W22qpQtaE4Z39xpV%2Fx%2Bx0MI9JQ8HecWcSD9kgzUECKKx4T49edc7aKGkR3F9BgZC%2BLnVgPqZVnMgyQbn2mbQoE%2Fr%2Bpb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1644787655409471
cf-ray: 6e1e26a65d113752-MXP

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30156008-2&cid=1783998764.1645595157&jid=1336979672&gjid=1487543555&_gid=1069828098.1645595157&_u=IEBAAEAAAAAAAC~&z=162343229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Feb 2022 05:45:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.tvtime.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/default_flat_bottom_two_button_black/v2/css/ 29 KB
7 KB 24ms
23ms Stylesheet
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/default_flat_bottom_two_button_black/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/00458fad-ad04-4df6-ae16-31d8997f9df1.js?_=1645595157286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d24940e4504235ee243e335762d699656d3be3106ed45c9b84a127a6fd0952a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HoSAz6Iu2TbrHQZliz4vBg==
age: 10542
vary: Accept-Encoding
content-length: 6836
x-ms-lease-status: unlocked
last-modified: Thu, 19 Sep 2019 20:24:22 GMT
server: cloudflare
etag: 0x8D73D3F5BD42723
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3a030862-601e-0009-236c-c4c268000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6e1e26a60deb3745-MXP

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 513F 232 B
447 B 131ms
116ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f118c0567eecd0fad8cc3a96cfed46dd7ffa5c59

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.tvtime.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 109
date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 05:45:57 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e14629d9032161d916dfa08eb79cf2413ba993460dc2ec72a6e9ca6e0919806c
content-length: 166

GET
H2 200 /
www.google.com/pagead/1p-user-list/861548560/ 42 B
548 B 44ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861548560/?random=1645595157404&cv=9&fst=1645592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&tiba=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&async=1&fmt=3&is_vtc=1&random=491004860&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/861548560/ 42 B
548 B 49ms
24ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/861548560/?random=1645595157404&cv=9&fst=1645592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&tiba=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&async=1&fmt=3&is_vtc=1&random=491004860&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 KB
2 KB 36ms
7ms Script
application/javascript 2600:9000:2156:7200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:08:24 GMT
content-encoding: gzip
age: 2256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 22:03:49 GMT
server: AmazonS3
etag: W/"ebff52074a206856b4f1993710373d93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FU9-fkWt5c3BmoeSooweVirxwcXQUEuWh4IQjXkGuLbEKXRqINQqdg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30156008-2&cid=1783998764.1645595157&jid=1336979672&_u=IEBAAEAAAAAAAC~&z=1059374556

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30156008-2&cid=1783998764.1645595157&jid=1336979672&_u=IEBAAEAAAAAAAC~&z=1059374556

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1529143941;labels=type.video%20tv_show%2Ctitle.Yarichin%20Bitch%20Club%2Csite.%40tvshowtime;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733;uht=2;fpan=1;fpa=P0-...
pixel.quantserve.com/ 35 B
372 B 20ms
12ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1529143941;labels=type.video%20tv_show%2Ctitle.Yarichin%20Bitch%20Club%2Csite.%40tvshowtime;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733;uht=2;fpan=1;fpa=P0-48110838-1645595157525;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=tvtime.com;je=0;sr=1600x1200x24;dst=0;et=1645595157525;tzo=0;ogl=locale.en_US%2Clocale%3Aalternate.fr_FR%2Clocale%3Aalternate.en_US%2Ctitle.Yarichin%20Bitch%20Club%2Cimage.https%3A%2F%2Fdg31sz3gwrwan%252Ecloudfront%252Enet%2Fposter%2F349733%2F1306534-4-optimized%252Ejpg%2Csite_name.TV%20Time%2Cdescription.An%20all-boys%20boarding%20school%20deep%20in%20the%20mountains%20where%20love%20unfolds%252E%20Despite%20th%2Curl.https%3A%2F%2Fwww%252Etvtime%252Ecom%2Fen%2Fshow%2F349733%2Ctype.video%252Etv_show

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 59ms
25ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 807385
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx5909ec229bf145b488b2f-0062097838
x-amz-id-2: tx5909ec229bf145b488b2f-0062097838
last-modified: Sun, 13 Feb 2022 21:27:34 GMT
server: cloudflare
etag: W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FmT7PRu2TIeSKEEXGQ1FMID5dJp9adMBYTVx1JijZVJkq1I7OYg03ngbrq%2BO%2BjOT1BDJAG4G1aviSDU%2FyD%2FmINqBt1bp2JfhmTk6zQ3gUHmTv3xfiXfJXcAn8gr%2BcK2VNP%2B5rL%2FfJtF0Z9t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1644787654356307
cf-ray: 6e1e26a6c9be0f7a-MXP
access-control-allow-headers: Authorization

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 44ms
18ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f3c9dab359174e6990a3004ec7151dc6917c09424f8742b947e385f644ec51b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27578
x-xss-protection: 0
server: sffe
etag: "1140 / 580 of 1000 / last-modified: 1645571070"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 44ms
8ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 176
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0MTFKWEQKBYVY91YGA41
date: Wed, 23 Feb 2022 05:44:36 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bQHq1DTRIX7C4FFL52Aa2oJr0aU7iMGunQCppZe07Z3VbmnX2PQDpQ==

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_59cc96ba_f1e69e9e_1
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_59cc96ba_f1e69e9e_1&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nkiom1FE2uEz6A4iHsJ6NNaEflZ1LTH8~A

151 B
361 B

502ms
157ms

Script
text/javascript

54.191.222.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nkiom1FE2uEz6A4iHsJ6NNaEflZ1LTH8~A
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Server: 54.191.222.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-222-20.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: cc4421f072126144b38c49d64398ae8f35af0f5b7ba9d765ca5546242107a6e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
server: nginx/1.18.0
content-length: 151
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nkiom1FE2uEz6A4iHsJ6NNaEflZ1LTH8~A
date: Wed, 23 Feb 2022 05:45:57 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
532 B 25ms
7ms XHR
application/json 141.95.99.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.99.211 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3213278.ip-141-95-99.eu

Software

Resource Hash

9176183a67af440480887522f418edacbecbd6657379a126e5ac81037a3e00be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tvtime.com
date: Wed, 23 Feb 2022 05:45:57 GMT
access-control-allow-credentials: true
vary: Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 654ms
157ms XHR
application/octet-stream 44.225.168.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Feb 2022 05:45:58 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js Show response
platform.twitter.com/js/ 7 KB
2 KB 7ms
7ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 18:36:23 GMT
etag: "0fe442c8a1482a5540ef9bb91b588585+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2293
tw-cdn: FT
x-served-by: cache-iad-kjyo7100120-IAD, cache-fra19163-FRA

POST v1
hb-api.omnitagjs.com/hb-api/prebid/ 0
0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
350 B 122ms
95ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: d6278ec9c439a10ba59530f4f689971117cba51d16ce92f4809bf1f840f2447c

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tvtime.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 123ms
97ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 93e19d5a22f1f538ea2b78664ec950124604471293a35812d3b3339cd8692f7b

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tvtime.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 / Show response
hb.emxdgt.com/ 0
158 B 37ms
14ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1645595157674
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tvtime.com
date: Wed, 23 Feb 2022 05:45:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
340 B 320ms
109ms XHR
application/javascript 3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1645595157675&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&measurable=true&property=5b32cf14d866814de2efe8c2&bids[0][bidId]=tvtime_leaderboard_728x90&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[1][bidId]=tvtime_side_1_300x250&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[2][bidId]=tvtime_side_1_300x600&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=600&foo
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: 754be086a0f2d3f7c20a08e65607d5fa4d316177f93c65786dde42f5e200b0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-powered-by: Express
etag: W/"38-LLSJCYwyLDCy3aUy8Lhv/xdHUcQ"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.tvtime.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 204 mvo Show response
tag.1rx.io/rmp/72580/0/ 0
170 B 51ms
19ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/72580/0/mvo?z=1r&hbv=6.5,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tvtime.com
pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
113 B 35ms
9ms XHR
text/plain 3.68.254.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.254.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-254-3.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tvtime.com
date: Wed, 23 Feb 2022 05:45:57 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
694 B 60ms
30ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:57 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 38f373a8-14c4-4504-8d2e-6ea7d288c5d4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.tvtime.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 98ms
67ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tvtime.com
date: Wed, 23 Feb 2022 05:45:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 73 B
378 B 53ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%7C300x250%2C300x600&auid=539227723%2C539227725&aumfs=100%2C100&dddid=fd07d773-ca5a-430b-9aa3-e51812cf885d%2Caf5a5c2a-eb33-4e62-8c6a-6f8af782c93c&divIds=openx-7b0091a4-5b64-4ba3-bea9-9dbf668c142e%2Copenx-629a5943-cdc9-4765-92f4-1daf4acc3f5d&be=1&bc=hb_pb_3.0.1&nocache=1645595157680&schain=1.0%2C1!proper.io%2Ce5962129-eb92-11e9-a488-69e3386c7506%2C1&id5id=0&_pubcid=d93cec84-6c61-4afb-b857-e75de5375d2b
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: a004a09e7bdf8b5d1ccd9cbbc4666a80535a3ddd3bf454ab115633d44d1f8671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvtime.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 7 KB
3 KB 192ms
142ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=145552&zone_id=685170%3B690616&size_id=15%3B2&alt_size_ids=10%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=00ca7a2e-ddd0-4280-ae4d-20e8a95fa74f%3B26469b0e-1d9c-4178-bd79-930fc3432ce1&p_screen_res=1600x1200&tg_fl.eid=685170%3B690616&rf=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&x_source.pchain=proper.io%3Ae5962129-eb92-11e9-a488-69e3386c7506&ppuid=d93cec84-6c61-4afb-b857-e75de5375d2b&eid_id5-sync.com=0%5E1%5E&eid_sharedid.org=d93cec84-6c61-4afb-b857-e75de5375d2b%5E1%5E&eid_pubcid.org=d93cec84-6c61-4afb-b857-e75de5375d2b%5E1&rp_schain=1.0%2C1!proper.io%2Ce5962129-eb92-11e9-a488-69e3386c7506%2C1&slots=2&rand=0.09205850129678383
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9946cfa29554fc5a09b9aa0f73864ede2e3a2f2e6e5ddec36d6a55443f1819cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:57 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvtime.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2203
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 58 B
350 B 40ms
11ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=210794&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22fd9fcb69-e0bd-48b1-9c8a-cd66e7fd59d5%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-Sgm1K%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-Sgm1K%22%2C%22siteID%22%3A%22210794%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22300x250-1-tvI14%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-tvI14%22%2C%22siteID%22%3A%22210794%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-tjvSJ%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-tjvSJ%22%2C%22siteID%22%3A%22210794%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962129-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 24e99d448efb00188d42507e208842243292775fc3cf62bbf0790eed5376e26c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:57 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.20], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.tvtime.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 58
x-ak-client-geo: 12
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261509224311038&ev=PageView&dl=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&rl=&if=false&ts=1645595157695&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645595157695.1394199000&it=1645595157333&coo=false&rqm=GET

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261509224311038&ev=ViewContent&dl=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&rl=&if=false&ts=1645595157697&cd[value]=3.5&cd[currency]=USD&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645595157695.1394199000&it=1645595157333&coo=false&rqm=GET

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H3 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 24ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 03:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 03:23:55 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
73 B 33ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tvtime.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3aea688d5c0163e7ac403f7d42212265933fbd5c5996f4493647b45d4c4525e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 15556
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 19 Feb 2022 01:26:04 GMT
server: AmazonS3
date: Wed, 23 Feb 2022 03:34:11 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QV5-yMmX4ih2QNwtJUuLLtBXMBqZrPgSNpqN336TxWnVRXWHQhaKeg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 9ms
8ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tvtime.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 11c74e4fa3ec8e97b00ef9cae99b67f4455fef9f4abc1c767d47afa21ac323cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 03:28:03 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
server: Server
age: 8274
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.tvtime.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 1357
x-amz-cf-id: IFLzu5UUhW0GT0iP5r-dk_WrPTzlLJif5lLy18axgIzfDaw9u9benw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 47ms
46ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&pid=INph1gkcm6tVD&cb=0&ws=1600x1200&v=7.73.0&t=550&slots=%5B%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2Ce5962129-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: VXN1BXBA4QBPV6ACYJ5A
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tvtime.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3-2gIqkfrHHKYjfHNXtQymELyDsZ7F7K1uq2AuL001XSIQY2rXr4rg==

GET
H2 200 follow_button.a58e82e150afc25eb5372dd55a98b778.en.html Show response
platform.twitter.com/widgets/ Frame AC3F 36 KB
13 KB 6ms
6ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.a58e82e150afc25eb5372dd55a98b778.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d4986a6bdb4d19d5095ad685fde0706cbce94f595e73c075af864c1f3bb860d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

last-modified: Wed, 16 Feb 2022 18:36:24 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "98b2d7ecf6349eb74d0597c0810ad35e+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Wed, 23 Feb 2022 05:45:57 GMT
x-served-by: cache-iad-kcgs7200163-IAD, cache-fra19163-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13629

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 26ms
8ms Script
application/x-javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-49.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding: gzip
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age: 14890
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
date: Wed, 23 Feb 2022 01:37:48 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: aYvIud2qgqMWVdPoZg83z-5sPVR2Hffu-n5XRJngbcZB5x1Pi1i0QQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 70ms
18ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Wed, 23 Feb 2022 06:00:57 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 38 KB
11 KB 54ms
18ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 23 Feb 2022 05:18:21 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10638
x-request-id: 175770578

GET
DATA 200
OK truncated
/ Frame AC3F 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 37ms
7ms Fetch
application/json 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 14:33:25 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront), 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
age: 54752
x-amzn-requestid: 285ea3a3-a77e-49ed-835f-4ed3aa6cf3e7
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6214f435-1c8662a20e75adb358ff214a;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: N8sYVE1CjoEF78A=
content-length: 30
x-amz-cf-id: Uu5hUs2EHg0luXpLi5BWkrGdSR9phcOR15k9dhfUv9Zz61p6KfuPzw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
333 B 115ms
115ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22tvshowtime%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1645595157895%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 23 Feb 2022 05:45:57 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e14629d9032161d916dfa08eb79cf2413ba993460dc2ec72a6e9ca6e0919806c
x-transaction: 1eee3900d634e1d7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 59ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tvtime.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tvtime.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
9 KB 432ms
432ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2094555608406832&correlator=2139678147980651&output=ldjh&impl=fifs&eid=31064954%2C31061165%2C31063247%2C44756894%2C44756896%2C31064019&vrg=2022021701&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220223&iu_parts=5376056%2Ctvtime_leaderboard%2Ctvtime_side_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C728x90%2C1x1%7C300x250%7C300x600&ppid=d93cec84-6c61-4afb-b857-e75de5375d2b&prev_scp=proper_slot%3D1%26proper_floor%3D0.10%26proper_bidder%3Dtvtime_rubicon%26proper_bid%3D0.20%26refresh_count%3D0%7Cproper_slot%3D2%26proper_floor%3D0.10%26proper_bidder%3Dtvtime_rubicon%26proper_bid%3D0.20%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26split_version%3D7696%26proper_site%3Dtvtime%26proper_page%3D1%26s_depth%3D1%26tags%3Dunknown_desktop%252Cunknown&cookie_enabled=1&bc=31&abxe=1&dt=1645595158157&lmt=1645595158&dlt=1645595156853&idt=931&frm=20&biw=1600&bih=1200&oid=2&adxs=240%2C1270&adys=310%2C794&adks=2411650123%2C1311284527&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&vis=1&scr_x=0&scr_y=0&psz=1360x0%7C310x10&msz=1360x0%7C310x0&ga_vid=1783998764.1645595157&ga_sid=1645595158&ga_hid=382655879&ga_fc=true&fws=4%2C4&ohw=1600%2C1360&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

aea389eb45356548fbdcbf9cbe5037ea34684bfb5fcff2038253bdd3b725bf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9307
x-xss-protection: 0
google-lineitem-id: 941644216,941644216
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 87376630096,87376626136
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvtime.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5565 6 KB
4 KB 82ms
17ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 23 Feb 2022 05:45:58 GMT
expires: Thu, 23 Feb 2023 05:45:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D276 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.tvtime.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.tvtime.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Wed, 23 Feb 2022 05:45:58 GMT

POST
H2 200 s2s Show response
eb.proper.io/ 322 B
761 B 339ms
298ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b8db24bce1193363c9f3feb1c2700830305d31d78b2e590adc9287af46670c

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tvtime.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dur:263
cf-ray: 6e1e26ab197959cb-MXP
expires: -1

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 48ms
22ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51cd38ecdc4ed94518320d6ca8c75f088101bc8d5dc9a2981ca58e36312138c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9750
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 05:45:58 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 121ms
100ms Image
text/plain 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=wMvpqm0qnuK2&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 0
x-cache-hits: 0
content-length: 0
x-served-by: cache-hhn4072-HHN
pragma: no-cache
server: envoy
x-timer: S1645595158.361022,VS0,VE94
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 1807067904670475
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4BA5 13 KB
5 KB 26ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Feb 2022 21:34:34 GMT
expires: Wed, 22 Feb 2023 21:34:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 29484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC6D 783 B
533 B 38ms
19ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10d07f64fd909971b7f5985e24a8d0ad6f82276ecd8e405363849a216a0d3deb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vvvFPSnw2e3Xltl/0TuvUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Feb 2022 05:45:58 GMT
date: Wed, 23 Feb 2022 05:45:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-vvvFPSnw2e3Xltl/0TuvUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BA5 35 KB
13 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 20:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 20:19:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC6D 0
0 68ms
59ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=2094555608406832&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4BA5 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fLRcng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=2094555608406832&bg=!8fKl8rbNAAbf-5Dq3_s7ACkAdvg8Wq2Ot9nmfw_bzK09NONmv-u5W9LXNtabVDWeumHzc6W26eT3DAIAAABUUgAAAAJoAQeZArfvnYoupiTf0q4H0xH_ICA75AeotvSZLBge3ZyO6RZ2W_nbIg2N8DRnNULk6--NUC_FDZG1FxtaPFdofdyy_rt2fSOf0Ys0H4Kp4OZMb5hg8FCgTCat2kI1tQd8BQVqqLbTqMqI8eFM-XjIy_CQdGh8szXHqUPeYjwchJxwioBQjI9t3XjgtzT17ArtFsZsYrFrqL0pASHgIX_uBiaCQFz539YkNTfJ22uXjqd_DDW9NBVMHguWWBN5LfhD9TiQAlcEXYkhBoiQgxhwFGuTtuv28A46bTGRGImSyMK1ZnJZqzY-KfR1SGlgAatSVYe5B3_J3J3j_gfa_ZcITfNkRNk42mhNY3Z65zjyg20hrf3Nbi9jF0GEdrItRpnyMoUly9zmOm4f4bN1hXh3azQaopNf2p8t-nEFfN6S-LD28iN8sGG7cjdCJ3qZtpf_qmdIXXpK9Rnt0ppXyjvH1YaQtWYk4kwfEjy8cmoykE2dx0oomtaUl-AImnx2Kmr9oiSnJy00rIceWI5AyeiTHsea1gAbfBsmmIIBhhqt5ZQkjU_ti8nMLSq2ZMjl1ryfIhvo_nmugV0Mkp_PqCjFNfL3EWsAUvT-RHXhSpD1E1ar5hz8Pzel9K8xAJAAYhC6-3xNqK4waJopDARgT6CYQ9KhA9SzUpAnoEkkiXFG7BWOVE3YgCBjbiUK2EM0EN8YPB1MeKwCof-M4tW5CcvgxCriioaqLhCqagajY9SkqwYzH34XkRDNSNPMltQz3XKSl1tE865SspeejzndxG9yaiFsu_LE0Be69o27qhqOqceXI-lX_RHCgXbSfBGv4Nrm-3nOzJ7KHmmwX_IIQUzj82KcQTqMidGy68gBu7cdOIBn52tFKtwWObV648qqEBUHqmNZrDJvNkfdIl3BrkXaXR5OBZ4omUMjcseodQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B299 0
0 18ms
18ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6TBHsjF3vPwXZWko1kgnEOx9ROl0joVP__9szWm8TLbaon-DlPtn3R1dny7A1FNKowaUN0Y36rIjnUwhbNPIZaNYd9JOmQwdbS3f-8s6QwNTGv9ML27384EXBXBh7WU_LI7-MwqlDgmUlUZ9rjsFuswYO_nLKihdxt5bfD5FQ6flZ3Lf0LAh6pezEcWkVDtyI4yL6zvqGaO7VySfbdFMCtHn1ByBdJsW108UiXy0v080mtvKad0LK6ygBNZTf6jbjpcwPvvDeAkpmgcuioZWMNPttlvBQPu7aDfSiFUWKN_jv4M7tDtcbq3l5O4aonA&sig=Cg0ArKJSzMeu8HRIqbQ3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame B299 2 KB
2 KB 62ms
29ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTc5MDkwMDYzNDc1MzYyMzQvOTk2NjQ2MS8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWNHaHg0djNIcGlNSW0zQ1dyYVhpOHcvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU3OTA5MDA2MzQ3NTM2MjM0L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/yytX5N2ULvOKFvemrcMailbIXLo&nodeid=128&group=cdg&auctionid=6257909006347536234&shardkey=6257909006347536234&sid=10497469&cid=9966461&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1621228ec5ad1cd8f4a3e1e63101406dd1c1fb6f01368889326f79ba20444b35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1645595157
Last-Modified: Wed, 23 Feb 2022 05:45:57 GMT
Server: MMBD/3.302.0
x-mm-latency: 16 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x84, cdg-bidder-x19
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200 e0a83d7d-7928-4eaa-8020-46012beddc71
beacon-fra2.rubiconproject.com/beacon/d/ Frame B299 43 B
354 B 55ms
8ms Image
image/avif 2602:803:c004:200::155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/e0a83d7d-7928-4eaa-8020-46012beddc71?oo=0&accountId=8777&siteId=145552&zoneId=690616&sizeId=2&e=6A1E40E384DA563B2213E63ED115C2575074FBD92C6BA6C2A9B927AC5497C6EC7C81451B184D642FAEE2575BA42F1F3C172DB22D3B21A9B531F8198B25B083E22B50795E27AE58402A0F5CCC19E00452C4A7B3C4768250451CE686935BDE31D8EEDF51F48124BD3DF02BE3693B47099FAEC8FF5578E5067312F6A03E867BB04752F2556DBCA7D8C27B84DAACCD8F2C9E4746E24C7673952F48FD6784566636BE132F8031C6A26CEEBC2DC0846989B4243ED9FE7DCC458DF7

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame B299
Redirect Chain

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTc5MDkwMDYzNDc1MzYyMzQvOTk2NjQ2MS8xMDQ5NzQ2OS85LzBaN1...
https://tags.mathtag.com/ck-confirm?bid_id=6257909006347536234&node_id=128&exch_id=9

49 B
329 B

66ms
48ms

Image
image/gif

185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6257909006347536234&node_id=128&exch_id=9
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MMBD/3.302.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x23, cdg-bidder-x19
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 23 Feb 2022 05:45:57 GMT

Redirect headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
x-mm-bid-request-time: 1645595157
Last-Modified: Wed, 23 Feb 2022 05:45:57 GMT
Server: MMBD/3.302.0
x-mm-latency: 22 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=6257909006347536234&node_id=128&exch_id=9
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x36, cdg-bidder-x19
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 84
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B299 124 KB
38 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 05:45:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3593 0
0 16ms
16ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8h1_ipE2bbGLp8mOjkhfdBxVEGwGnQgkwNq1bcEtKB-yjm4dW3uWEqT-oRiuRQ3qZW03KHsG59PDFd42nvXM4I2DWI9JHUdrAakeoPa5Sz6DOcTXbSLYPSzhfzl6-bPFy5iaEu4oAkJ2C5pZNBrii5GIM-72TNvG2Jb5btshJ5KarIh1pvfvL3Do0rQw1qzJ7YstHz2OEfFfIjH6g7P6H5nMwITf_EJvDMuXDosF8MSBgQBGyjmix1Grqg_sSc1ebP3z2a6GfSLkMKuUBP04l7J6F6NioBzDYXogsjaexIQzk0GWSyF_-edI&sig=Cg0ArKJSzDSfIW6qCdwHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3593 2 KB
2 KB 74ms
47ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NTIwNjU5OTcxMzM4NDIyNjkvOTk2NjQ1Ny8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWFJSkk3OVJyaGV5WDRSazNNYW5FRUUvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTUyMDY1OTk3MTMzODQyMjY5L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/44o1DmA_MIB1WOeUpIEk3JlhTYo&nodeid=128&group=cdg&auctionid=3952065997133842269&shardkey=3952065997133842269&sid=10497469&cid=9966457&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.165&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 94a01aa899781014aec9b6feaa2177d2d72dc9cc10255c76eccf8aaa423fb164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1645595157
Last-Modified: Wed, 23 Feb 2022 05:45:57 GMT
Server: MMBD/3.302.0
x-mm-latency: 34 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x30, cdg-bidder-x19
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200 471449d6-a4db-45ae-b2f5-963df1105d34
beacon-fra2.rubiconproject.com/beacon/d/ Frame 3593 43 B
354 B 52ms
9ms Image
image/avif 2602:803:c004:200::155
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/471449d6-a4db-45ae-b2f5-963df1105d34?oo=0&accountId=8777&siteId=145552&zoneId=685170&sizeId=10&e=6A1E40E384DA563BCCFF056DA91B1F372160E50682ED132E381568E70D42DAFC99BD7ECE601AC2EA2716E1CADABA70AC172DB22D3B21A9B531F8198B25B083E22B50795E27AE58402A0F5CCC19E00452C4A7B3C476825045BD99F3F649E83061EEDF51F48124BD3DF02BE3693B47099FAEC8FF5578E5067312F6A03E867BB04752F2556DBCA7D8C22E3AF33C53AC300BF552F5152CA78A706416E23FF4F0FE291DBA35D7E6183AEDA8DAB70331173700C25174F0CDC83B5D

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c004:200::155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:58 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 3593
Redirect Chain

https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NTIwNjU5OTcxMzM4NDIyNjkvOTk2NjQ1Ny8xMDQ5NzQ2OS85LzBaN1...
https://tags.mathtag.com/ck-confirm?bid_id=3952065997133842269&node_id=128&exch_id=9

49 B
329 B

27ms
26ms

Image
image/gif

185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=3952065997133842269&node_id=128&exch_id=9
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MMBD/3.302.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x65, cdg-bidder-x19
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 23 Feb 2022 05:45:57 GMT

Redirect headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
x-mm-bid-request-time: 1645595157
Last-Modified: Wed, 23 Feb 2022 05:45:57 GMT
Server: MMBD/3.302.0
x-mm-latency: 12 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://tags.mathtag.com/ck-confirm?bid_id=3952065997133842269&node_id=128&exch_id=9
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x31, cdg-bidder-x19
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=360
Content-Length: 84
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3593 124 KB
38 KB 56ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Feb 2022 05:45:58 GMT

GET
H/1.1 200
OK v8quqvfwoyww Show response
hal9000.redintelligence.net/zone/ Frame B299 10 KB
3 KB 42ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/v8quqvfwoyww?subid=&gdpr=0&gdpr_consent=&rnd=6257909006347536234&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D13bf0f3be58699ec6040f72408d4771dc16dc934_2%26mt_aid%3D6257909006347536234%26mt_id%3D9966461%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_cid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F%26redirect%3D
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ec074cd593448e34487fc110d82ab3998c5af08973d07a1791df55cc9777d71c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2961
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame B299 49 B
329 B 55ms
47ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6257909006347536234&node_id=128&exch_id=9
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTc5MDkwMDYzNDc1MzYyMzQvOTk2NjQ2MS8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWNHaHg0djNIcGlNSW0zQ1dyYVhpOHcvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU3OTA5MDA2MzQ3NTM2MjM0L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/yytX5N2ULvOKFvemrcMailbIXLo&nodeid=128&group=cdg&auctionid=6257909006347536234&shardkey=6257909006347536234&sid=10497469&cid=9966461&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MMBD/3.302.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x78, cdg-bidder-x19
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame B299 43 B
405 B 90ms
33ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=6257909006347536234&v3=1073227&v4=10497469&v5=9966461&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTc5MDkwMDYzNDc1MzYyMzQvOTk2NjQ2MS8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWNHaHg0djNIcGlNSW0zQ1dyYVhpOHcvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU3OTA5MDA2MzQ3NTM2MjM0L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/yytX5N2ULvOKFvemrcMailbIXLo&nodeid=128&group=cdg&auctionid=6257909006347536234&shardkey=6257909006347536234&sid=10497469&cid=9966461&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4172 645ee8c master cdg-pixel-x13 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MT3 4172 645ee8c master cdg-pixel-x13 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame B299 49 B
329 B 53ms
28ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=6257909006347536234&st=10497469&time=1645595158&nodeid=128
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTc5MDkwMDYzNDc1MzYyMzQvOTk2NjQ2MS8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWNHaHg0djNIcGlNSW0zQ1dyYVhpOHcvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU3OTA5MDA2MzQ3NTM2MjM0L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/yytX5N2ULvOKFvemrcMailbIXLo&nodeid=128&group=cdg&auctionid=6257909006347536234&shardkey=6257909006347536234&sid=10497469&cid=9966461&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MMBD/3.302.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x23, cdg-bidder-x19
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200
OK ty4hfcvzush0 Show response
hal9000.redintelligence.net/zone/ Frame 3593 10 KB
3 KB 34ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ty4hfcvzush0?subid=&gdpr=0&gdpr_consent=&rnd=3952065997133842269&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Df22deea18188ad72f3f4139c5daf2335f0cb6c1f_10%26mt_aid%3D3952065997133842269%26mt_id%3D9966457%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_cid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F%26redirect%3D
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 613ecad73a45da9715119d3e74b0954a1e2434965a2bc62767767507a0ac426f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2960
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3593 49 B
329 B 40ms
30ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=3952065997133842269&node_id=128&exch_id=9
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NTIwNjU5OTcxMzM4NDIyNjkvOTk2NjQ1Ny8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWFJSkk3OVJyaGV5WDRSazNNYW5FRUUvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTUyMDY1OTk3MTMzODQyMjY5L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/44o1DmA_MIB1WOeUpIEk3JlhTYo&nodeid=128&group=cdg&auctionid=3952065997133842269&shardkey=3952065997133842269&sid=10497469&cid=9966457&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.165&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MMBD/3.302.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x68, cdg-bidder-x19
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3593 43 B
405 B 88ms
42ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=3952065997133842269&v3=1073227&v4=10497469&v5=9966457&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NTIwNjU5OTcxMzM4NDIyNjkvOTk2NjQ1Ny8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWFJSkk3OVJyaGV5WDRSazNNYW5FRUUvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTUyMDY1OTk3MTMzODQyMjY5L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/44o1DmA_MIB1WOeUpIEk3JlhTYo&nodeid=128&group=cdg&auctionid=3952065997133842269&shardkey=3952065997133842269&sid=10497469&cid=9966457&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.165&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4172 645ee8c master cdg-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MT3 4172 645ee8c master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3593 49 B
329 B 38ms
24ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=3952065997133842269&st=10497469&time=1645595158&nodeid=128
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT1RBMVpXVTRNekF0WVRKak1TMWlaRFkzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NTIwNjU5OTcxMzM4NDIyNjkvOTk2NjQ1Ny8xMDQ5NzQ2OS85LzBaN1BqYjYtSnkyVG9NTTNuN3dFQWFJSkk3OVJyaGV5WDRSazNNYW5FRUUvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTUyMDY1OTk3MTMzODQyMjY5L2Ftcy8wLzgzNjcvNzYvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NTU5NTE1Ny8xNjQ1NTk4NzU3LzkvODc3Ny8/44o1DmA_MIB1WOeUpIEk3JlhTYo&nodeid=128&group=cdg&auctionid=3952065997133842269&shardkey=3952065997133842269&sid=10497469&cid=9966457&bp=a_cagefj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.165&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.302.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: MMBD/3.302.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x70, cdg-bidder-x19
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 23 Feb 2022 05:45:57 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame B299
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

609 B
935 B

82ms
59ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D13bf0f3be58699ec6040f72408d4771dc16dc934_2%26mt_aid%3D6257909006347536234%26mt_id%3D9966461%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_cid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=2316538407449&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 0856122305cc6c4278456164e0e4653be66f36fc66304d09d551845e6abbb205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 93532800028808904189727011879027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Wed, 23 Feb 2022 05:45:58 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D13bf0f3be58699ec6040f72408d4771dc16dc934_2%26mt_aid%3D6257909006347536234%26mt_id%3D9966461%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_cid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=2316538407449&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 23 Feb 2022 05:45:58 +0100

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 3593
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

74ms
52ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Df22deea18188ad72f3f4139c5daf2335f0cb6c1f_10%26mt_aid%3D3952065997133842269%26mt_id%3D9966457%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_cid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=3148391457493&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 2baa22d4f0d8bfa1ac3e1a0b93049f33ae81dbc2c23a8ef77b3ae6b597cbd0c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52182000030815704189737011879021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Wed, 23 Feb 2022 05:45:58 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Df22deea18188ad72f3f4139c5daf2335f0cb6c1f_10%26mt_aid%3D3952065997133842269%26mt_id%3D9966457%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_cid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=3148391457493&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 23 Feb 2022 05:45:58 +0100

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 81E6 4 KB
2 KB 35ms
12ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=ty4hfcvzush0&nw=20&renderingType=javascript&namespace=34c8696ada&subid=&uid=9e58588f0d3de28f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Df22deea18188ad72f3f4139c5daf2335f0cb6c1f_10%26mt_aid%3D3952065997133842269%26mt_id%3D9966457%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_cid%3D792e6215-ca16-4e01-bd5b-a86c4f12199f%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F471449d6-a4db-45ae-b2f5-963df1105d34%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=3148391457493&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c830996490ca0a2f698c304df33ec7c937b287a7c6e6dabe1d5a416286f34ac5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 23 Feb 2022 05:45:58 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1420
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1812 281 B
554 B 25ms
7ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Feb 2022 05:45:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3593 0
0 18ms
17ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgAnbCr2ExpvmRzEoCzd-cjyitu3GAWIkrNnDhN-9j8bRWQvfBmIBLq5isb6BWLu3pariSKU4NdqWIaJbRS2zMPGE_moB1dSozv4JxVeyzpwKi_7cC3aofRsMHmz7_EU9qv3SMsm3-eq0fa4Hd81_d82P7PRbnKFjXVzTYgLTcohXX0zA1Q2aLyV53Z9zOzHUHW1Tc6m9ZfAOhec-JImC1Yr0VhkxQ_di4Yer7pVrDWobX1Pwh125rurji8W6Nw_fYxVmUBtr5Rgb5H7Ix103oeAEi4gb9Kzir4dkaLn6ue1DlWkpg-U5W00W6nw&sig=Cg0ArKJSzJfSiulfOHiqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 05:45:58 GMT

GET
DATA 200
OK truncated
/ Frame 3593 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39a99499a4986d3ac7cad1233cc2fa66b88018c9448300fcb494b32cd0015e73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame A7A4 4 KB
2 KB 33ms
11ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=v8quqvfwoyww&nw=20&renderingType=javascript&namespace=280b97053e&subid=&uid=9d770781bdf902f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D13bf0f3be58699ec6040f72408d4771dc16dc934_2%26mt_aid%3D6257909006347536234%26mt_id%3D9966461%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_cid%3D782e6215-ca16-4601-96e7-b06ffbec733d%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fe0a83d7d-7928-4eaa-8020-46012beddc71%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&ancestorOrigins=https%3A%2F%2Fwww.tvtime.com&random=2316538407449&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: f1f1d5a7f65dbc5e1628b3448bf93d36601cf8a61425b7d024caa981cd49fc46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 23 Feb 2022 05:45:58 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1523
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F3A1 281 B
554 B 7ms
7ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Feb 2022 05:45:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B299 0
0 17ms
17ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCew2mp4aHR0NkTKkZgoe0CQibcXmPaaE5s6aFTzTfRa2CxAuZg0itg_6rSzSt1ae-oMPnF6P9Dxg4pXNGRog_mVlN7OFZdNwPBPdf7FCRuBHiqJVq6AAeff3I0RPFN_Zs5taxUoPsESApI0ruuODcPjj8PPr8ehbfBtvZw7Ih220HkmS_mmd2C3r4ESovCssAX8KBoCumumQrtSCQDjivesa6FICRV8_o-tFnfiOZRa7bQfO5d-foNgDqWrFWerbfR6RWXUjP2O1qDYnqRkS7AermLjYpH-1RSgY_eeRG2lI-iFvFZY9WYQWpZ0hN3Bmk&sig=Cg0ArKJSzPVth3Ey8WepEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 05:45:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 23 Feb 2022 05:45:58 GMT

GET
DATA 200
OK truncated
/ Frame B299 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 991e862d406ecc874db0d04880c2abef9d139b10380d108c3da62ba4d84391ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 157ms
157ms XHR
application/octet-stream 44.225.168.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvtime.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Feb 2022 05:45:58 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1812 33 KB
10 KB 8ms
7ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8d18f9ec05575124acfe4ac532664786fb22177a0547912d9a8ea7054bdecc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=82396
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9762
Expires: Thu, 24 Feb 2022 04:39:14 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 81E6 747 B
940 B 73ms
19ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=53084590;click=https%3A%2F%2Fhal900021.redintelligence.net%2Fc%2Fpre7mv3md4smt78%3Ftprde%3D

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

221db59f0baae36b89018cf4a1e6c6f83723e40740452a2adfdb4d5f1c642218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 548
expires: -1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F3A1 33 KB
10 KB 15ms
7ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8d18f9ec05575124acfe4ac532664786fb22177a0547912d9a8ea7054bdecc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=82396
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9762
Expires: Thu, 24 Feb 2022 04:39:14 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 81E6 0
150 B 33ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=52182000030815704189737011879021&a=6426e1f2&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A7A4 747 B
941 B 67ms
18ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=53084582;click=https%3A%2F%2Fhal900027.redintelligence.net%2Fc%2Fpa8ihc7s5szbw8l%3Ftprde%3D

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

5fbb010c37f76f9cbac77c5fae8ffbfbcdd4e5fdb9e0e7b5e02d36a109134900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 548
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame A7A4 0
150 B 33ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=93532800028808904189727011879027&a=7827e056&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A7A4 33 KB
16 KB 127ms
38ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53084582;click=https%3A%2F%2Fhal900027.redintelligence.net%2Fc%2Fpa8ihc7s5szbw8l%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Feb 2022 08:47:35 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 81E6 33 KB
16 KB 133ms
45ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53084590;click=https%3A%2F%2Fhal900021.redintelligence.net%2Fc%2Fpre7mv3md4smt78%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Feb 2022 08:47:35 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1812
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=792e6215-ca16-4e01-bd5b-a86c4f12199f&expires=28

0
239 B

30ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=792e6215-ca16-4e01-bd5b-a86c4f12199f&expires=28
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

Date: Wed, 23 Feb 2022 05:45:59 GMT
Server: MT3 4172 645ee8c master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=792e6215-ca16-4e01-bd5b-a86c4f12199f&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 23 Feb 2022 05:45:58 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1812
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBI4k10Db-2oCjuBzV6fghs&google_cver=1

0
239 B

30ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBI4k10Db-2oCjuBzV6fghs&google_cver=1
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBI4k10Db-2oCjuBzV6fghs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1812
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk3NTg1ODMyMjdhM2Q4NTc5ZjYwOWY4MjJkZTgwOGQxZWUwYzlmYQ

170 B
232 B

25ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk3NTg1ODMyMjdhM2Q4NTc5ZjYwOWY4MjJkZTgwOGQxZWUwYzlmYQ

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjk3NTg1ODMyMjdhM2Q4NTc5ZjYwOWY4MjJkZTgwOGQxZWUwYzlmYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1812 70 B
265 B 100ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1812
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/rVCj5BwBaFZAQyvLuCBo48n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5947777547472078485

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5947777547472078485
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Wed, 23 Feb 2022 05:45:59 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5947777547472078485
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1812
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZZ4VA3T-1F-5LO4&sigv=1&esig=2~3062b4012ed0d3409c4fb107044a8c95f07a133d

0
194 B

36ms
8ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZZ4VA3T-1F-5LO4&sigv=1&esig=2~3062b4012ed0d3409c4fb107044a8c95f07a133d

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZZ4VA3T-1F-5LO4&sigv=1&esig=2~3062b4012ed0d3409c4fb107044a8c95f07a133d
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1812
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZZ4VA3T-1F-5LO4

0
706 B

217ms
184ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZZ4VA3T-1F-5LO4
Requested by: Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 481982B967334CFEAD95952D00D60100 Ref B: FRAEDGE0810 Ref C: 2022-02-23T05:45:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXYqProgJjCdPzipjElLA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZZ4VA3T-1F-5LO4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1812
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1paNFZBM1QtMUYtNUxPNA==

170 B
243 B

23ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1paNFZBM1QtMUYtNUxPNA==

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1paNFZBM1QtMUYtNUxPNA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A7A4 4 KB
2 KB 19ms
19ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=53084582;click=https%3A%2F%2Fhal900027.redintelligence.net%2Fc%2Fpa8ihc7s5szbw8l%3Ftprde%3D;js=1;adfxid=1x;8937;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.tvtime.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

b6520c81a1a02db603ed6071da5c912ebe19a8bba484e06f4f48ec99b66da1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1991
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 81E6 4 KB
2 KB 19ms
19ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=53084590;click=https%3A%2F%2Fhal900021.redintelligence.net%2Fc%2Fpre7mv3md4smt78%3Ftprde%3D;js=1;adfxid=1x;3726;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.tvtime.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

9a70f3da176f000add1fa9561f60112ebb4d9d414f214bf5340a176365570261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1995
expires: -1

GET
DATA 200
OK truncated
/ Frame A7A4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame A7A4 851 B
1 KB 62ms
16ms Script
application/javascript 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:45:59 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
DATA 200
OK truncated
/ Frame 81E6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame A7A4 90 KB
39 KB 26ms
26ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Feb 2022 08:47:44 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 81E6 90 KB
39 KB 36ms
36ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Feb 2022 08:47:44 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A7A4 35 B
478 B 19ms
19ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=53084582&csi=B4O-eRNVQDjT1-dfdPuL9Vk5kjd3WX8ovQ5DEPxSDrjrygPkIxxfk4AXvEhA_lfwx8WgOIY_bTtYxgALEIvr5N6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900027.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900027.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame 81E6 35 B
478 B 19ms
18ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=53084590&csi=kJuT9CKP-3KbFVxfjxAa26fmjWJZtPRDvQ5DEPxSDrjrygPkIxxfk3pwhQBAzmm0vYS6lx64QOU4wcflcCpYCt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900021.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10869934.js Show response
s1.adform.net/Banners/Elements/Files/160090/10869934/ Frame E381 3 KB
1 KB 20ms
20ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/10869934.js?ADFassetID=10869934&bv=259

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c2b7fe9c35ca1a09f0f1d28b10c54000e16bd56a64dc5c66f5d456160b95e31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: W/"62026ae6-d8c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 10869921.js Show response
s1.adform.net/Banners/Elements/Files/160090/10869921/ Frame F27D 4 KB
1 KB 20ms
19ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/10869921.js?ADFassetID=10869921&bv=259

Requested by

Host: www.tvtime.com
URL: https://www.tvtime.com/en/show/349733

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f1449231e1fcdab05f780f60b36fcbeb02c6dd936222ccb33ed90ccf92d90a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: W/"62026ae0-e20"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 1 KB
898 B 20ms
20ms Stylesheet
text/css 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f4aecdb8e84d117ec3769a8f7eac0e8167a8eea6917faf73999c9841ac364430

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: W/"62026ae6-5c5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame E381 30 KB
13 KB 20ms
20ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:38 GMT
server: nginx
etag: W/"609e6e9a-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 117 B
413 B 20ms
20ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 17 KB
17 KB 22ms
21ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f94c0a85e9b6d694af39f5e4d6c4bca7b8aac13ec83143cb93c986776e09966a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-424a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 16970

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 34 KB
34 KB 24ms
23ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a646f1d289e2156d15d45626ce801ba0ccf1f0f97aea067fb27cf80e353ef3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-87e4"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 34788

GET
H2 200 text1b.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 27 KB
27 KB 29ms
28ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/text1b.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f2592359036ceeb02f4b8ea848c828f0a82fac93b26f7151666a5b3d13d16342

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-6a69"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 27241

GET
H2 200 b1.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 15 KB
15 KB 41ms
39ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/b1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ef46ad3f607de0faf6917b0450be6c191c3a70a7cc78f260e06632e88f7480df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-3abd"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 15037

GET
H2 200 b2.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 16 KB
16 KB 41ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/b2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a5c528da13fc207230f3e69a275e88d1bac8be1fe8af843302d725429aba7804

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-3e88"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 16008

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 3 KB
4 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5b055d50360134b588aae9e8b0e4f4cf90c29308ad310a5c3b6a84b6702b32dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-dec"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3564

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 2 KB
3 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c8887ec80fe3539e649b60988db7913e6a187e9afcaf6da504ed7e91b5d07e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-992"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2450

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 2 KB
2 KB 40ms
37ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ab800813794f609fd3fc430bb0557c121d944a64848eca0538d13af851eac9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-8ce"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2254

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 4 KB
4 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8801fd6b018fa8b0c6fa01c0e7838c184b64df6557c97baeb0d9041bdf657083

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-ea3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3747

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 4 KB
4 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d0a0a94ad4f9c90d139c619d2d4db0ee85d63b39d7c856f127d432467b7b365d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-ea5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3749

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 7 KB
7 KB 41ms
38ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/model.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

407c6646d109977a77045a4313d666bfa014a94a11b24dfbac732f87a4823a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-1ab5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 6837

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 6 KB
6 KB 41ms
38ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e58901a2b23da45cd1323515a4465540b2ee860a99539fdeee3d1125879ce66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: "62026ae6-17e0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 6112

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame E381 38 KB
14 KB 32ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2497886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BcbaGGv%2Fdk3UmNnyHW81pvqx3DtP5ALdl8w9jzodcccK5YjOs2FvS%2FMgqj0XvsOEYC85uVnpvoRMIqKvEEcwanxKtexRHta%2BUcuahUCFHsgdBb08cgygUpPsOFagv%2FKpYjGUIQXQ5lEVfxsIJ78%2Fn%2Bd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1e26b1f8f29040-FRA
expires: Mon, 13 Feb 2023 05:45:59 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame E381 5 KB
2 KB 34ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 470130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h29tQLVp0dKzbkA5O7zuB3T8ZXnxSiRLgwVeH%2FYQQ0y4PCaGteBAgeNqEjZ5OrgH8d%2B2I%2FHOGPWy4f94BdmY%2F%2FEm3IWTpR1RsRoLwVO9s%2F37hTUo%2F2xGuOP9wyfeBNgLmzYbJiz3ThcN5jQQbL86Fm6V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1e26b1f8f89040-FRA
expires: Mon, 13 Feb 2023 05:45:59 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame E381 26 KB
9 KB 34ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2497886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE1lPx8LVgHcujEMN6V%2FpJ1v38aSWRCvhnyYa%2FAuNbXXMbYpsbX%2BCn%2FasHHWYH%2BRLUdhHgVOtQWwiN1gl%2BoaouhBZl3ERwEw4bFhPabmRAvHXU3f5q6fyQQzSDcixxf4pcrtzQnqEgC7rzWhNr5XIt46"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1e26b1f8f59040-FRA
expires: Mon, 13 Feb 2023 05:45:59 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/ Frame E381 9 KB
2 KB 40ms
37ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869934/bvpath_259/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

98d63b6ba877ea1a6508b8742e3bb96d5bcc080516090bc56d052908eb9f81b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 13:06:46 GMT
server: nginx
etag: W/"62026ae6-245f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 1 KB
905 B 40ms
37ms Stylesheet
text/css 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b4ef97b6710987c2f118ac1575c98dac0681b156f6fe8e74c8a481e4338f2312

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: W/"62026ae0-5ef"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame F27D 30 KB
13 KB 40ms
37ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:38 GMT
server: nginx
etag: W/"609e6e9a-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 117 B
412 B 40ms
37ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:41 GMT
server: nginx
etag: "62026ae1-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 10 KB
11 KB 40ms
37ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

14a096e1dbd8ed60b3e4d579d2c78693347707ccfb74ddd076ffe42ba47024ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-29ff"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 10751

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 36 KB
37 KB 40ms
37ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dd280c57f8ecf807b2be7faef11e5c32e0959ad8c3ac3888867ff215f732d221

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-90c5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 37061

GET
H2 200 b1.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 9 KB
9 KB 40ms
37ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/b1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

87b45a4f1776d21bcfb2223d8450e59bd519dbe6711c43083c3f176fec987334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:41 GMT
server: nginx
etag: "62026ae1-2361"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 9057

GET
H2 200 b2.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 9 KB
10 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/b2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

85da94c6f158953cc9bc36f8b84feb2c00143a1310496746e33f668342cc660d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-2527"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 9511

GET
H2 200 b3.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 10 KB
10 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/b3.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b414e91381087d2f6ce56ffd2e12e1102ce903fed68343cc71cb9a53e46f893d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-275e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 10078

GET
H2 200 b4.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 9 KB
9 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/b4.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fce10a4299d2c0ab3edec5a4b9813338e0dcb6494d36a90554292b3fb58f8351

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:41 GMT
server: nginx
etag: "62026ae1-240e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 9230

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 3 KB
3 KB 40ms
38ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d5cca2ec5a7bc4eb62a541b3f4dbbe59befc244b084b9d0e10dc09ce8f3f9091

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-c31"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3121

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 3 KB
3 KB 40ms
39ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1dd528c4ec5929f4ad48a249d24236385424f3fb89b6a6c070bf72fcc22380bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-b20"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2848

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 3 KB
3 KB 40ms
39ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

972602971f8e9f683f30d75ed9c286e3f6e5348d9c0344e2697e1755c2cc62aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:41 GMT
server: nginx
etag: "62026ae1-a13"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2579

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 8 KB
8 KB 40ms
39ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a8c8995cc57c9a63658cae412ea3c8c09de66991fb21243f84fb4f973ce4ec48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-1e8a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7818

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 5 KB
5 KB 40ms
39ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

692c6804c2969340d18442758f61d1c62686f5c7aca070464293c6741628a489

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-14cb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5323

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 21 KB
21 KB 41ms
39ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/model.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dd3db3a6472d6719ec793bee54e0fae33073ef1d200911298ff620a35ba4a8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:41 GMT
server: nginx
etag: "62026ae1-5354"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 21332

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 5 KB
5 KB 41ms
40ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

069d05fe8ee9bc7c10d60dfc35fddd9d7b3e19ec06993b20b1efdec708619742

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: "62026ae0-13ac"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 5036

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame F27D 38 KB
14 KB 27ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2497886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofj1jWntZ5aJD33Bp6UhlHen1Q87UgW0XAHG2%2F9YwGp0ymhb1HOMaUzqhpao1AOBc9gvxFtXrriv7NlENhFI0h1%2FNNWGmXU3gi066DqUDOAQPf46QQ7q3PUK03DDrJi%2B6wIZAQ8Q1SxQGMZgq35Za8uf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1e26b1f8fa9040-FRA
expires: Mon, 13 Feb 2023 05:45:59 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame F27D 5 KB
2 KB 31ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 470130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4BpzhPI9ExM9FsE3KyXAPaxJW90VoTHGFoyf7A15OCkaFllHcdx75aSVPgZe6E6JRXZ6YotkVCRMQqsKSuY37FUQ38G%2BkyeMY6%2FBFFZDTZ7%2F6fDpHkHMtkZQCQmuJcH3Y6XFrO7VpusBI1eQMTClSdi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1e26b1f9029040-FRA
expires: Mon, 13 Feb 2023 05:45:59 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame F27D 26 KB
9 KB 31ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2497886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9S%2FD%2BHSO3Om62JnMvYCqUy%2F%2BOhhEAm2ToQ3mmm0OM89XbyeJpbDfSYgK7rmFFgZzJ52YJpSAx0VimD%2BVw5QZwaD31TX6ebSozh7HH15ZlIb3L3V4tMPkr%2FpPtpMdTZOEUDqajDqaFLgZrBcGpsPmxcS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1e26b1f8fd9040-FRA
expires: Mon, 13 Feb 2023 05:45:59 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/ Frame F27D 8 KB
2 KB 40ms
40ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10869921/bvpath_259/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6fe4efc6c0259a82532462eebd6f6ac66b3cd89dd4b46a34da434120d7f8ffdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:45:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 13:06:40 GMT
server: nginx
etag: W/"62026ae0-21d2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3593 42 B
64 B 33ms
16ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOMTlcGMu692FVOJ3Pw8QcXNCghMxVm_C5CSG0CObQuwAAW32rIzWq8D9zKShbuH7eQB93qirh5vTBKf-7XRbx4WJMS8Mvwt5LUsij-1sjIZExpdWv&sig=Cg0ArKJSzBVOQO35jlNCEAE&id=lidar2&mcvt=1000&p=884,1275,1484,1575&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=0.53&app=0&itpl=19&adk=1311284527&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645595158616&rpt=277&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B299 42 B
64 B 42ms
28ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7ndaDReeNK46td9ixOaFfHO8qeVpXaYsR9q60m0ALiccv5IVsQRgAHw_WX1V271rUe51wTnAX4iiSpBNRQiwn1OPohvic6Cj1YIXGpwXAOSNBMfDP&sig=Cg0ArKJSzHYKs9NhR42NEAE&id=lidar2&mcvt=1004&p=310,556,400,1284&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220216&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2411650123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645595158607&rpt=300&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:45:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 81E6 0
150 B 33ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=52182000030815704189737011879021&a=6426e1f2&vb=v
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=52182000030815704189737011879021&a=0125cf70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:46:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame A7A4 0
150 B 33ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=93532800028808904189727011879027&a=7827e056&vb=v
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=93532800028808904189727011879027&a=2485df73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:46:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/serving/unload/ Frame A7A4 35 B
478 B 18ms
18ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3632323735860697569@@53084582,8629945541002430995,100|1200|0|0|0|0|0|0|0||41|1|||||1|0|0|PJPynvHVHCRcPlakbYq96YZGEhGnycfTLJdlf_g4NQZPN69WPqN7l4m3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900027.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900027.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 81E6 35 B
478 B 18ms
18ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=482137815745959614@@53084590,6099995869930819214,53|1200|0|0|0|0|0|0|0||59|1|||||1|0|0|oH5NB4O75_BcPlakbYq96UC7Kw-YvWZ5oFtMYLvq3qK5mn4iztcidIm3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900021.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900021.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 22CF 995 B
1 KB 24ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 23 Feb 2022 05:46:01 GMT
Age: 25316496
X-Served-By: cache-lga21980-LGA, cache-hhn4076-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 194520, 120967
X-Timer: S1645595162.637666,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame 54F7 259 B
497 B 98ms
97ms Document
text/html 3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1645595157432&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: 0ea90eec0d031ed24c8d5835e4acafe506f4cd7516ec66a298507e7228e45774

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
content-type: text/html; charset=utf-8
content-length: 259
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"103-m7OKsFdQRj1qikipwiNZ1akS5/k"

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 695E 926 B
1 KB 116ms
45ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Date: Wed, 23 Feb 2022 05:46:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: UnQtnzFfm8+OaONA3VQI1OBBpR4kJGlEA/jE6+QrO8UpdFSdbo9AaBScCMkCgDcVww+/kCwHwo0=
x-amz-request-id: 5KT2J7P6RJW7Y85Z
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 6642
Expires: Wed, 23 Feb 2022 05:47:01 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e1e26c0aa5ce597-MAN
Content-Encoding: gzip

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 06F3 38 KB
14 KB 57ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

last-modified: Tue, 11 Jan 2022 05:13:08 GMT
etag: "1302647-9687-5d547824a78f1"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13928
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31378
expires: Wed, 23 Feb 2022 14:28:59 GMT
date: Wed, 23 Feb 2022 05:46:01 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 096B 281 B
554 B 14ms
14ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Feb 2022 05:46:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 096B 33 KB
10 KB 8ms
8ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8d18f9ec05575124acfe4ac532664786fb22177a0547912d9a8ea7054bdecc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 05:46:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=82393
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9762
Expires: Thu, 24 Feb 2022 04:39:14 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 22CF
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
801 B

31ms
30ms

Script
text/html

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:46:01 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 84bcf1d9-de51-4734-b7e6-cdd6ae51f016
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:46:01 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 35384952-ea7d-475b-9abb-441a32ebec1c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 06F3 3 KB
3 KB 44ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10404986&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 945acdd98c49c2d69364675ea7c6d3441d4d8db5311e7408b2eeb8558f04af48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 54F7 2 KB
1 KB 100ms
36ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=www.tvtime.com
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1645595157432&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 00:16:31 GMT
server: cloudflare
age: 1508
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e1e26c14cc554be-MAN
content-length: 1168
expires: Wed, 23 Feb 2022 07:46:01 GMT

GET
H2

200

query
ecs.mantisadnetwork.com/sync/pixel/ Frame 54F7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=de3d236c-4f0f-4696-b828-aeeaebdc5e56

35 B
152 B

118ms
103ms

Image
image/gif

3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=de3d236c-4f0f-4696-b828-aeeaebdc5e56
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1645595157432&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733
Protocol: H2
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
x-powered-by: Express
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=de3d236c-4f0f-4696-b828-aeeaebdc5e56
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 241

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 181A 35 B
468 B 102ms
18ms Document
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=0C723088-EE8F-46F2-A48C-E43C8DE069E3

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 23 Feb 2022 05:46:01 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 9C73 43 B
362 B 46ms
13ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Wed, 23 Feb 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 712563
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 501B
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2405484865958646783

42 B
521 B

189ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2405484865958646783
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 23 Feb 2022 02:57:55 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0025:0:272
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2405484865958646783
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A429
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:792e6215-ca16-4e01-bd5b-a86c4f12199f&gdpr=0&gdpr_consent=

42 B
650 B

876ms
18ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:792e6215-ca16-4e01-bd5b-a86c4f12199f&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 23 Feb 2022 05:46:02 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug006:0:479
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Wed, 23 Feb 2022 05:46:01 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4172 645ee8c master cdg-pixel-x16 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:792e6215-ca16-4e01-bd5b-a86c4f12199f&gdpr=0&gdpr_consent=
Expires: Wed, 23 Feb 2022 05:46:00 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 06F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DHIwiO6PRvKkjOQ8jeBp4w%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

20ms
20ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=110397
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Thu, 24 Feb 2022 12:25:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=792e6215-ca16-4e01-bd5b-a86c4f12199f

0
128 B

407ms
14ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=792e6215-ca16-4e01-bd5b-a86c4f12199f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:00 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 23 Feb 2022 05:46:01 GMT
Server: MT3 4172 645ee8c master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=792e6215-ca16-4e01-bd5b-a86c4f12199f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 23 Feb 2022 05:46:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 06F3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=0C723088-EE8F-46F2-A48C-E43C8DE069E3
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a5926eab68da785c6ddcc62638ef7f5d
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=de3d236c-4f0f-4696-b828-aeeaebdc5e56&icm
https://spl.zeotap.com/?zdid=1332&zcluid=b5f6b50b5963223a
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=46462181-1774-46d3-4ea8-80d80ee7520a&reqId=39ce46b6-51be-44a2-649b-1c7f5c1a4766&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEC2Th-b8uoFfFfJcAKuCtxU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=46462181-1774-46d3-4ea8-80d80ee7520a&reqId=39ce46b6-51be-44a2-649b-1c7...

95 B
164 B

30ms
20ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEC2Th-b8uoFfFfJcAKuCtxU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=46462181-1774-46d3-4ea8-80d80ee7520a&reqId=39ce46b6-51be-44a2-649b-1c7f5c1a4766&zcluid=b5f6b50b5963223a&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6e1e26c37ed990a3-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEC2Th-b8uoFfFfJcAKuCtxU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=46462181-1774-46d3-4ea8-80d80ee7520a&reqId=39ce46b6-51be-44a2-649b-1c7f5c1a4766&zcluid=b5f6b50b5963223a&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEM3MjMwODgtRUU4Ri00NkYyLUE0OEMtRTQzQzhERTA2OUUz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
188 B

269ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 01:23:34 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0026:0:399
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOp8FVBWsgi4HwiDq2LBWZQ&google_cver=1

42 B
439 B

269ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOp8FVBWsgi4HwiDq2LBWZQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:548
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOp8FVBWsgi4HwiDq2LBWZQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 06F3 43 B
610 B 84ms
20ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 22 Feb 2022 05:46:01 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=482137815745959614

42 B
233 B

798ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=482137815745959614
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:02 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:765
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=482137815745959614
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de3d236c-4f0f-4696-b828-aeeaebdc5e56

42 B
293 B

860ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de3d236c-4f0f-4696-b828-aeeaebdc5e56
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:02 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:412
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de3d236c-4f0f-4696-b828-aeeaebdc5e56
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8864459094538754415&gdpr=0&gdpr_consent=

42 B
391 B

285ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8864459094538754415&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 00:30:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:349
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 23 Feb 2022 05:46:01 GMT
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a76296d7-01cf-44a4-9168-457b4315d568
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8864459094538754415&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 0C723088-EE8F-46F2-A48C-E43C8DE069E3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 06F3 43 B
989 B 36ms
35ms Image
image/gif 2a05:d018:d29:3601:ceb4:b945:274f:b273
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/0C723088-EE8F-46F2-A48C-E43C8DE069E3?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:ceb4:b945:274f:b273 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C723088-EE8F-46F2-A48C-E43C8DE069E3&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQ5QSthE2uXGJbN7D.S65rlIK0.mpjE-~A&gdpr=0&gdpr_consent=

0
260 B

422ms
13ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQ5QSthE2uXGJbN7D.S65rlIK0.mpjE-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oQ5QSthE2uXGJbN7D.S65rlIK0.mpjE-~A&gdpr=0&gdpr_consent=
date: Wed, 23 Feb 2022 05:46:01 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 06F3
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f

42 B
472 B

296ms
16ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 00:34:02 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:576
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 05:46:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 54F7 31 KB
24 KB 33ms
32ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1645595161831&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=29lj8wroo7wz&cid=1041
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=www.tvtime.com
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 20 Feb 2022 16:11:20 GMT
server: cloudflare
age: 2047
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e1e26c18d1154be-MAN
content-length: 24217
expires: Wed, 23 Feb 2022 07:46:01 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 54F7 26 B
304 B 71ms
23ms Image
image/gif 2606:4700::6810:78c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1645595161939&rnd=29lj8wroo7wz&ifm=1&uai=1&cid=1041&s=www.tvtime.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1645595157432&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:02 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Feb 2022 00:08:34 GMT
server: cloudflare
age: 5134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e1e26c28d465a19-MXP
content-length: 26
expires: Wed, 23 Feb 2022 07:46:02 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 54F7 26 B
111 B 78ms
31ms Image
image/gif 2606:4700::6810:78c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1645595161882103&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=www.tvtime.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=29lj8wroo7wz&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=4d01d707f6d4a5adb6cf90c319588cb7&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=27&icp=https%253A//www.tvtime.com/&irfl=27&irf=https%253A//www.tvtime.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-14-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9.6_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=64
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1645595157432&secure=true&version=9&mobile=false&title=TV%20Time%20-%20Yarichin%20Bitch%20Club%20(TVShow%20Time)&url=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:02 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 16:06:46 GMT
server: cloudflare
age: 729
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e1e26c28d475a19-MXP
content-length: 26
expires: Wed, 23 Feb 2022 07:46:02 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A42B 0
91 B 22ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Wed, 23 Feb 2022 05:46:03 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame C6A5 75 B
289 B 337ms
109ms Document
text/html 67.202.105.32

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=a8W4cCPASr6Rr8aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

cache-control: max-age=86400
expires: Thu, 24 Feb 2022 05:46:03 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 23 Feb 2022 05:46:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 57D2 75 B
289 B 336ms
110ms Document
text/html 67.202.105.32

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bawBEYPASr6Rr8aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tvtime.com/

Response headers

cache-control: max-age=86400
expires: Thu, 24 Feb 2022 05:46:03 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 23 Feb 2022 05:46:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 06F3 0
260 B 204ms
19ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:46:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freegeoip.net
URL: https://freegeoip.net/json/

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Domain: hb-api.omnitagjs.com
URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tvtime.com/	1969-12-31 23:59:59	Name: symfony Value: 9d89b78dfc89efea93bdb978c889fb94
www.tvtime.com/	1970-01-20 09:52:11	Name: push_mobile_mode Value: 2
.tvtime.com/	1970-01-20 03:16:11	Name: _gcl_au Value: 1.1.257569929.1645595157
.tvtime.com/	1970-01-20 09:52:11	Name: mp_d0e68f55195f612cc4f7f1f42123d680_mixpanel Value: %7B%22distinct_id%22%3A%20%2217f251d6306c3a-047ca35ba8c6a8-576153c-1d4c00-17f251d6307a1b%22%2C%22%24device_id%22%3A%20%2217f251d6306c3a-047ca35ba8c6a8-576153c-1d4c00-17f251d6307a1b%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.tvtime.com/	1970-01-20 18:37:47	Name: _ga Value: GA1.2.1783998764.1645595157
.tvtime.com/	1970-01-20 01:08:01	Name: _gid Value: GA1.2.1069828098.1645595157
.tvtime.com/	1970-01-20 01:06:35	Name: _gat Value: 1
.quantserve.com/	1970-01-20 10:36:49	Name: mc Value: 6215ca15-84347-8606d-30304
.tvtime.com/	1970-01-20 10:31:03	Name: __qca Value: P0-48110838-1645595157525
www.tvtime.com/	1970-01-20 01:49:47	Name: sharedid Value: d93cec84-6c61-4afb-b857-e75de5375d2b
www.tvtime.com/	1970-01-20 01:49:47	Name: sharedid_last Value: Wed%2C%2023%20Feb%202022%2005%3A45%3A57%20GMT
www.tvtime.com/	1970-01-20 01:06:38	Name: _lr_retry_request Value: true
www.tvtime.com/	1970-01-20 01:49:47	Name: _lr_env_src_ats Value: false
.yahoo.com/	1970-01-20 09:52:32	Name: A3 Value: d=AQABBBXKFWICEHDZVv5VuWOU7HdlO7t-QSoFEgEBAQEbF2IfYgAAAAAA_eMAAA&S=AQAAAp7GJn1ed3D3EtfijTURL_s
.tvtime.com/	1970-01-20 03:16:11	Name: _fbp Value: fb.1.1645595157695.1394199000
.facebook.com/	1970-01-20 03:16:11	Name: fr Value: 04ySbuMAnOk1u3DI0..BiFcoV...1.0.BiFcoV.
www.tvtime.com/	1970-01-20 01:08:01	Name: _lr_geo_location Value: DE
.rubiconproject.com/	1970-01-20 09:52:11	Name: khaos Value: KZZ4VA3T-1F-5LO4
.rubiconproject.com/	1970-01-20 09:52:11	Name: audit Value: 1\|hLZGFuTafB1u7rnjlxLxUHNEnEPvxbSem0AuhTX0VRxgQkuuSU/3aERFudSXF0V8J9vgQsRibz8iPnBiMlBpvznFeKROAqMwZ5JyU8cP7uo=
.proper.io/	1970-01-20 02:32:59	Name: verizon_media Value: y-nkiom1FE2uEz6A4iHsJ6NNaEflZ1LTH8~A
.www.tvtime.com/	1970-01-20 09:52:11	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733&datestamp=Wed+Feb+23+2022+05%3A45%3A58+GMT%2B0000+(GMT)&version=3.6.22&groups=104%3A1%2C1%3A1%2C2%3A1%2C101%3A1%2C4%3A1%2C8%3A1%2C102%3A1%2C103%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C108%3A1%2C109%3A1%2C110%3A1%2C111%3A1%2C112%3A1
.proper.io/	1970-01-20 02:32:59	Name: __cf_bm Value: u1Wn1DXiFX5mTv18LilMhXljfKPHZFJDY5AAbTRfLgY-1645595157-0-AZjRK3DXKil64siIecjfnBRzu7L7RAfg0EXP9AEuEuxmkr4e%2FRNiO7yWo5aAGtCHqAAUq0499k758HvHp7aKBLZ23GoIh%2F2Q3Q%2F5tFhN6dr6
.doubleclick.net/	1970-01-20 10:28:11	Name: IDE Value: AHWqTUnb-KoamDq5W_i6eQzi9e9jswkvapbtZgJgFnJaB3f75O9hD45WaVLmXZfTYiw
.tvtime.com/	1970-01-20 10:28:11	Name: __gads Value: ID=2a45d587df684505:T=1645595158:S=ALNI_MZlZjznuUGqenil6GxhiKWooWjNTw
.tvtime.com/	1970-01-20 01:06:36	Name: properSessionData Value: eyJ1dWlkIjoiNDhmYzU4YjItNTY3Zi00MGE3LWFhZmUtOWU4MTZiMzdlZGUwIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDM0LCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiZW14IjoxLCJpbmRleCI6MSwib3BlbngiOjEsIm1hbnRpcyI6MSwiYXBwbmV4dXMiOjEsInB1Ym1hdGljIjoxLCJhZHlvdWxpa2UiOjEsInJoeXRobW9uZSI6MSwiZGlzdHJpY3RtZG14IjoxLCJzaGFyZXRocm91Z2giOjEsInRoaXJ0eXRocmVlYWNyb3NzIjoxfSwibGFzdF90aHJlc2hvbGQiOjB9
.mathtag.com/	1970-01-20 09:52:11	Name: uuid Value: 792e6215-ca16-4e01-bd5b-a86c4f12199f
.redintelligence.net/	1970-01-20 03:16:11	Name: 8lcfmzhxc8d6_uid Value: 86914a5edd2af28f
.adform.net/	1970-01-20 01:46:54	Name: C Value: 1
.mathtag.com/	1970-01-20 01:49:47	Name: mt_mop Value: 9:1645595159
.adform.net/	1970-01-20 02:32:59	Name: uid Value: 482137815745959614
.adform.net/	1970-01-20 01:16:39	Name: TPC Value: 1645595159148
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:38:29	Name: bcookie Value: "v=2&ae0275a0-ff75-4fa6-8444-a17f380b006a"
.linkedin.com/	1970-01-20 18:37:13	Name: li_gc Value: MTswOzE2NDU1OTUxNTk7MjswMjE6sbDxsalOYfFLtWaBjNrNNTi0hPGoz5/l5QXPpTl2UA==
.linkedin.com/	1970-01-20 01:08:01	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2560:u=1:x=1:i=1645595159:t=1645681559:v=2:sig=AQGurEZ4-2SxCxTHOqi6GxMKnFFkOXgx"
.ads.pubmatic.com/	1970-01-20 01:08:01	Name: KCCH Value: YES
.adnxs.com/	1970-01-20 03:16:11	Name: uuid2 Value: 8864459094538754415
.pubmatic.com/	1970-01-20 03:16:11	Name: KADUSERCOOKIE Value: 0C723088-EE8F-46F2-A48C-E43C8DE069E3
.pubmatic.com/	1970-01-20 03:16:11	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 01:08:01	Name: pi Value: 109126:2
.pubmatic.com/	1970-01-20 03:16:11	Name: DPSync3 Value: 1646784000%3A201_197_219%7C1645660800%3A174
.pubmatic.com/	1970-01-20 03:16:11	Name: SyncRTB3 Value: 1646784000%3A13_161_7_220_21_56_54_3_71_8%7C1646870400%3A35%7C1646179200%3A223
.adsrvr.org/	1970-01-20 09:52:11	Name: TDID Value: de3d236c-4f0f-4696-b828-aeeaebdc5e56
.quantserve.com/	1970-01-20 03:16:11	Name: d Value: EKQBCwHBJfijAA
.analytics.yahoo.com/	1970-01-20 09:52:11	Name: IDSYNC Value: "190z~23e5:18z8~23e5"
.onaudience.com/	1970-01-20 09:52:11	Name: cookie Value: b5f6b50b5963223a
.onaudience.com/	1970-01-20 01:08:01	Name: done_redirects104 Value: 1
.simpli.fi/	1970-01-20 09:53:37	Name: suid Value: CB70027A0AD94A93B3223656F9C4DA08
.de17a.com/	1970-01-20 09:44:59	Name: guid2 Value: 1.2405484865958646783
.crwdcntrl.net/	1970-01-20 07:35:21	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:35:21	Name: _cc_id Value: a5926eab68da785c6ddcc62638ef7f5d
.onaudience.com/	1970-01-20 01:08:01	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 09:52:11	Name: TDCPM Value: CAEYASABKAIyCwi646aZ0Ka7OhAFOAFaB3hrc3c5bGFgAg..
.pubmatic.com/	1970-01-20 01:49:47	Name: KRTBCOOKIE_336 Value: 5844-2405484865958646783
.pubmatic.com/	1970-01-20 03:16:11	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 03:16:11	Name: KRTBCOOKIE_57 Value: 22776-8864459094538754415&KRTB&23339-8864459094538754415
.pubmatic.com/	1970-01-20 03:16:11	Name: KRTBCOOKIE_80 Value: 22987-CAESEOp8FVBWsgi4HwiDq2LBWZQ&KRTB&16514-CAESEOp8FVBWsgi4HwiDq2LBWZQ&KRTB&23025-CAESEOp8FVBWsgi4HwiDq2LBWZQ
.pubmatic.com/	1970-01-20 03:16:11	Name: KRTBCOOKIE_153 Value: 1923-U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f&KRTB&19420-U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f&KRTB&22979-U_NfyAagX8hI-VrOUfZDxVPxWJlI8l7OVfXLoM2f
.pubmatic.com/	1970-01-20 01:49:47	Name: PugT Value: 1645576442
.onaudience.com/	1970-01-20 01:08:01	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 09:52:11	Name: zc Value: 46462181-1774-46d3-4ea8-80d80ee7520a
.zeotap.com/	1970-01-20 01:08:01	Name: zsc Value: BYGk%CB%80%CE%D2%B1%C8%FC%90%A5%A2uW%CCxjC%B3%EB%82t7%B8%0E%00W%2C%EC%D8c%3B%92%23%C6%E5%A0%DC%AB%9E%1A%17A%19%98%A3%F2%D3%E6%3C%16%CC%CE%BBe%9CR%F8G%EA%EB%1C%89%97%0A%91%12%C51%25%0C3%D1%CB%3D%0A%FE%0C%95%9Dg
.pubmatic.com/	1970-01-20 01:49:47	Name: SPugT Value: 1645595160

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://loader.wisepops.com/get-loader.js?v=1&user_id=32573 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.tvtime.com/en/show/349733 Message: Access to XMLHttpRequest at 'https://freegeoip.net/json/' from origin 'https://www.tvtime.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freegeoip.net/json/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.tvtime.com/en/show/349733 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'https://www.tvtime.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=72 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.tvtime.com/en/show/349733 Message: Access to XMLHttpRequest at 'https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733' from origin 'https://www.tvtime.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.tvtime.com%2Fen%2Fshow%2F349733 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

89e3513886388784139c921e5dd24d2b.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
api.rlcdn.com
assets.pinterest.com
ats.rlcdn.com
beacon-fra2.rubiconproject.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.contentspread.net
cdn.cookielaw.org
cdn.id5-sync.com
cdn.mxpnl.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d1zfszn0v5ya99.cloudfront.net
d36rlb2fgh8cjd.cloudfront.net
d5p.de17a.com
de.tynt.com
dg31sz3gwrwan.cloudfront.net
dis.criteo.com
eb.proper.io
ecs.mantisadnetwork.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
freegeoip.net
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900021.redintelligence.net
hal900027.redintelligence.net
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
loader.wisepops.com
log.pinterest.com
mantodea.mantisadnetwork.com
match.adsrvr.org
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.yabidos.com
platform.twitter.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
propermedia-d.openx.net
px.ads.linkedin.com
rules.quantcount.com
s1.adform.net
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc.33across.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
tag.1rx.io
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
usync.proper.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.tvtime.com
api.rlcdn.com
freegeoip.net
hb-api.omnitagjs.com
104.111.219.144
104.117.200.100
104.16.201.58
104.17.119.107
104.244.42.72
138.201.220.30
141.95.99.211
142.250.184.226
142.250.185.162
143.204.101.146
143.204.101.167
143.204.101.80
143.204.95.188
143.204.98.49
143.204.98.65
143.204.98.90
144.76.238.55
151.101.12.157
151.101.128.84
151.101.129.108
159.122.14.34
178.250.2.151
18.196.230.57
185.29.132.242
185.29.134.244
185.33.220.145
185.33.220.243
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
198.47.127.19
198.47.127.20
2.18.233.180
2.18.233.201
2.21.111.28
213.155.156.185
213.19.147.43
216.58.212.130
2600:1901:0:bc29::
2600:9000:2156:7200:6:44e3:f8c0:93a1
2602:803:c004:200::143
2602:803:c004:200::155
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700:20::ac43:4adc
2606:4700::6810:125e
2606:4700::6810:78c3
2606:4700::6810:9540
2606:4700::6811:4e22
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:801::2002
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9a
2a02:26f0:1700:792::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:ceb4:b945:274f:b273
3.126.56.137
3.214.91.80
3.33.220.150
3.68.254.3
34.149.20.76
34.98.64.218
37.157.4.40
37.157.6.234
37.157.6.251
44.225.168.153
46.105.202.126
51.210.112.236
52.215.102.174
54.191.222.20
54.36.108.3
67.202.105.32
69.173.144.139
69.173.144.165
78.46.111.106
03e6445e3e31fa3f777b447340fdd92b8beb568d747c6e15d3c6eb440528561c
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
069d05fe8ee9bc7c10d60dfc35fddd9d7b3e19ec06993b20b1efdec708619742
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077be1a538d3ddc35aa0c3280a86d7e474287649d0cd5e31f5e33c48588f851c
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0856122305cc6c4278456164e0e4653be66f36fc66304d09d551845e6abbb205
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e86554c02068026afed3e389ad0fce9f4624bdb31d3d9e144ae1b33d9e1ea46
0ea90eec0d031ed24c8d5835e4acafe506f4cd7516ec66a298507e7228e45774
10d07f64fd909971b7f5985e24a8d0ad6f82276ecd8e405363849a216a0d3deb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c74e4fa3ec8e97b00ef9cae99b67f4455fef9f4abc1c767d47afa21ac323cb
11d98050ed2be5fd5c42107e3e8d65f6cd3eaa8879e409112aca31293e634822
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
14a096e1dbd8ed60b3e4d579d2c78693347707ccfb74ddd076ffe42ba47024ec
1621228ec5ad1cd8f4a3e1e63101406dd1c1fb6f01368889326f79ba20444b35
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1969bbf3e63dc602bd011ef8e2cef3cdb08de43fa342a63b05886a5498b008b4
1ada374028a0ff4c4ae3a21c26f8162948dac7de70a2c1016540969f5a66cb48
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d2199a7d5a740df8e1137d1db0cfed24ff99ea858821e69e821f485a1a4ebd6
1dd528c4ec5929f4ad48a249d24236385424f3fb89b6a6c070bf72fcc22380bd
1f525fe15e873a25f549e7dd8290229a105bf98874d4f0834a8dbf52b7e69a27
20073d3b83a0d0e26dc71bf49988f4cecaa40e3f66a2358877764513e3033045
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
221db59f0baae36b89018cf4a1e6c6f83723e40740452a2adfdb4d5f1c642218
24e99d448efb00188d42507e208842243292775fc3cf62bbf0790eed5376e26c
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2baa22d4f0d8bfa1ac3e1a0b93049f33ae81dbc2c23a8ef77b3ae6b597cbd0c0
2d4986a6bdb4d19d5095ad685fde0706cbce94f595e73c075af864c1f3bb860d
33f6c6e743cbc5444bedbb99152441ebd2729495114d5eff3593b9c13811b8cf
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d
39a99499a4986d3ac7cad1233cc2fa66b88018c9448300fcb494b32cd0015e73
3aea688d5c0163e7ac403f7d42212265933fbd5c5996f4493647b45d4c4525e4
3b0cbebff1ef62a58b3daf88d516f52ee55ea37f8eff3fba9c14ff65723d22ab
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3dae3d45394340306f805d6cd86fc1981c1a378308e37910f3f242157f0abb10
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407c6646d109977a77045a4313d666bfa014a94a11b24dfbac732f87a4823a4c
485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51cd38ecdc4ed94518320d6ca8c75f088101bc8d5dc9a2981ca58e36312138c9
543ece6e4901ea299f3a7ead38cbe2908f679ae3ff123a28f32577b86e3d6f39
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579a84d44cc8413de46ef46fb39bbe475bb57314edd7db4eba2e9f308e572b45
5b055d50360134b588aae9e8b0e4f4cf90c29308ad310a5c3b6a84b6702b32dc
5b707bb6515cf5dc4dc2fb9ed44ed533b2352fc906a365f75e915615a5b1b57f
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5fbb010c37f76f9cbac77c5fae8ffbfbcdd4e5fdb9e0e7b5e02d36a109134900
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
613ecad73a45da9715119d3e74b0954a1e2434965a2bc62767767507a0ac426f
615367065b24c704359c4f13d0d6d3605329a3e022100613bbc12578ecee4009
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65cbca409642e3effb1bfeba050af809de87a8ff167e4fb2ddebe7784e6ca3d0
692c6804c2969340d18442758f61d1c62686f5c7aca070464293c6741628a489
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b75db5a4ebea409d8fc5247d6788fbc020ad11072b15f12e2ae17c6bebf7cd3
6d24940e4504235ee243e335762d699656d3be3106ed45c9b84a127a6fd0952a
6f28245321d3c1da50c5e9064b0f8d565e2cc0177070f78e8c1d71b6201ab7d0
6fe4efc6c0259a82532462eebd6f6ac66b3cd89dd4b46a34da434120d7f8ffdb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
754be086a0f2d3f7c20a08e65607d5fa4d316177f93c65786dde42f5e200b0ef
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8581453ce7edb9b2d133d36cd0b29b79d57b0cee5d53b43e39ca788c9640fbd9
85da94c6f158953cc9bc36f8b84feb2c00143a1310496746e33f668342cc660d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
87b45a4f1776d21bcfb2223d8450e59bd519dbe6711c43083c3f176fec987334
8801fd6b018fa8b0c6fa01c0e7838c184b64df6557c97baeb0d9041bdf657083
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8d4ec1926e1cbf1189f9ef27018f63ba31a996fdaeac062c28b749080eecf91d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fd6ba2e98f8a8bc973662bf1a030f2de722b23928f017f487f6740fdee5e430
9176183a67af440480887522f418edacbecbd6657379a126e5ac81037a3e00be
93e19d5a22f1f538ea2b78664ec950124604471293a35812d3b3339cd8692f7b
945acdd98c49c2d69364675ea7c6d3441d4d8db5311e7408b2eeb8558f04af48
948506d80db69c98bc40e9bc38fddd4af0535fea4527ca99655a1bee449dcb17
94a01aa899781014aec9b6feaa2177d2d72dc9cc10255c76eccf8aaa423fb164
972602971f8e9f683f30d75ed9c286e3f6e5348d9c0344e2697e1755c2cc62aa
98d63b6ba877ea1a6508b8742e3bb96d5bcc080516090bc56d052908eb9f81b9
991e862d406ecc874db0d04880c2abef9d139b10380d108c3da62ba4d84391ae
9946cfa29554fc5a09b9aa0f73864ede2e3a2f2e6e5ddec36d6a55443f1819cc
9a70f3da176f000add1fa9561f60112ebb4d9d414f214bf5340a176365570261
9c8595b02e0cb40d2d282a45f7a849f6a2f31688f1c8166bfcb4c3e329736255
9e58901a2b23da45cd1323515a4465540b2ee860a99539fdeee3d1125879ce66
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
a004a09e7bdf8b5d1ccd9cbbc4666a80535a3ddd3bf454ab115633d44d1f8671
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c528da13fc207230f3e69a275e88d1bac8be1fe8af843302d725429aba7804
a646f1d289e2156d15d45626ce801ba0ccf1f0f97aea067fb27cf80e353ef3f9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8c8995cc57c9a63658cae412ea3c8c09de66991fb21243f84fb4f973ce4ec48
ab800813794f609fd3fc430bb0557c121d944a64848eca0538d13af851eac9c5
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac0133ff39a6a449506b6e8fa599b61afe2fd3d473d83b19ef586f3d5cc6a301
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea389eb45356548fbdcbf9cbe5037ea34684bfb5fcff2038253bdd3b725bf7d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b26d47814ff285c8b1107fc253643c0096ae248a516faac672a5467d5b9367b8
b414e91381087d2f6ce56ffd2e12e1102ce903fed68343cc71cb9a53e46f893d
b4ef97b6710987c2f118ac1575c98dac0681b156f6fe8e74c8a481e4338f2312
b6520c81a1a02db603ed6071da5c912ebe19a8bba484e06f4f48ec99b66da1ab
b8d18f9ec05575124acfe4ac532664786fb22177a0547912d9a8ea7054bdecc3
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0419e8e6c5398c3599ea98c6b6a1dc2919f95f1af6ec63654cc62264264bb6d
c1d6f55bca06713c9dce94c9ae70aef1fdfcfcdf4ceccd3c6b3b4e38435c2a6f
c2b7fe9c35ca1a09f0f1d28b10c54000e16bd56a64dc5c66f5d456160b95e31e
c51189387f1a4ec32b591117423a65b4aa5c8dedf0c7a0519114f231308a0274
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c830996490ca0a2f698c304df33ec7c937b287a7c6e6dabe1d5a416286f34ac5
c8887ec80fe3539e649b60988db7913e6a187e9afcaf6da504ed7e91b5d07e17
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae
cc4421f072126144b38c49d64398ae8f35af0f5b7ba9d765ca5546242107a6e0
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a0a94ad4f9c90d139c619d2d4db0ee85d63b39d7c856f127d432467b7b365d
d2b8db24bce1193363c9f3feb1c2700830305d31d78b2e590adc9287af46670c
d5cca2ec5a7bc4eb62a541b3f4dbbe59befc244b084b9d0e10dc09ce8f3f9091
d6278ec9c439a10ba59530f4f689971117cba51d16ce92f4809bf1f840f2447c
d6c35da4b2e9e8c78c43edec68b3773e4daa361cfe93701e6517b9646303ff63
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dbedd6cc7e5077c4e1b6c460c6e06348d5d2a5f6a056ae2f88fbb2b06470c3f2
dcfe9a2c74d661abc8e036611c9494832dadc3cc8d84f0955cc819f0f9ee2fc2
dd280c57f8ecf807b2be7faef11e5c32e0959ad8c3ac3888867ff215f732d221
dd3db3a6472d6719ec793bee54e0fae33073ef1d200911298ff620a35ba4a8b2
dda60acfd9c6477bceaae0e2cc73b020d932e6340d72656ab4543dffe4e869f4
e1478433df02b4701950979708f8f7b8c85f18a3236395f60bb36ca80eff7c3a
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e7e291ebeaccaeb1039cbf095aef68afbe61194559c872e00404de99e9c340
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3
e5b715d969285fe4e4c359a8ca2089b210eee5c07797a3515a98296c5d2644d3
e7f9e216f32c0675a309f3e49b987b2b460587793d7699348e3ca7485b61e4eb
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec074cd593448e34487fc110d82ab3998c5af08973d07a1791df55cc9777d71c
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46ad3f607de0faf6917b0450be6c191c3a70a7cc78f260e06632e88f7480df
f1449231e1fcdab05f780f60b36fcbeb02c6dd936222ccb33ed90ccf92d90a9c
f1f1d5a7f65dbc5e1628b3448bf93d36601cf8a61425b7d024caa981cd49fc46
f2592359036ceeb02f4b8ea848c828f0a82fac93b26f7151666a5b3d13d16342
f3c9dab359174e6990a3004ec7151dc6917c09424f8742b947e385f644ec51b3
f4aecdb8e84d117ec3769a8f7eac0e8167a8eea6917faf73999c9841ac364430
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
f94c0a85e9b6d694af39f5e4d6c4bca7b8aac13ec83143cb93c986776e09966a
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644
fce10a4299d2c0ab3edec5a4b9813338e0dcb6494d36a90554292b3fb58f8351
fea60cc1794d3366484285282592f50bf0aff5833d71b73bcf5d0ac3ec6168c1
ffdb01be57b024face588ccc50e34db95fad37cb8ca590a739fb80255c872bd5

www.tvtime.com Open in urlscan Pro 143.204.98.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

250 Requests

89 %HTTPS

34 %IPv6

58 Domains

98 Subdomains

83 IPs

10 Countries

4248 kBTransfer

10014 kBSize

63 Cookies

5 Outgoing links

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tvtime.com Open in urlscan Pro
143.204.98.90 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

89 %
HTTPS

34 %
IPv6

58
Domains

98
Subdomains

83
IPs

10
Countries

4248 kB
Transfer

10014 kB
Size

63
Cookies

250 HTTP transactions
6 data transactions